Re: Memory hotplug softlock issue

From: Michal Hocko
Date: Mon Nov 19 2018 - 11:46:24 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.18 155/171] drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panels native mode"
Previous message: Greg Kroah-Hartman: "[PATCH 4.18 114/171] ext4: avoid possible double brelse() in add_new_gdb() on error path"
In reply to: Vlastimil Babka: "Re: Memory hotplug softlock issue"
Next in thread: Vlastimil Babka: "Re: Memory hotplug softlock issue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon 19-11-18 17:36:21, Vlastimil Babka wrote:
> On 11/19/18 3:10 PM, Michal Hocko wrote:
> > On Mon 19-11-18 13:51:21, Michal Hocko wrote:
> >> On Mon 19-11-18 13:40:33, Michal Hocko wrote:
> >>> How are
> >>> we supposed to converge when the swapin code waits for the migration to
> >>> finish with the reference count elevated?
>
> Indeed this looks wrong. How comes we only found this out now? I guess
> the race window where refcounts matter is only a part of the whole
> migration, where we update the mapping (migrate_page_move_mapping()).
> That's before copying contents, flags etc.

I guess we simply never found out because most migration callers simply
fail after few attempts. The notable exception is memory offline which
tries retries until it suceeds or the caller terminates the process by a
fatal signal

> >> Just to clarify. This is not only about swapin obviously. Any caller of
> >> __migration_entry_wait is affected the same way AFAICS.
> >
> > In other words. Why cannot we do the following?
> >
> > diff --git a/mm/migrate.c b/mm/migrate.c
> > index f7e4bfdc13b7..7ccab29bcf9a 100644
> > --- a/mm/migrate.c
> > +++ b/mm/migrate.c
> > @@ -324,19 +324,9 @@ void __migration_entry_wait(struct mm_struct *mm, pte_t *ptep,
> > goto out;
> >
> > page = migration_entry_to_page(entry);
> > -
> > - /*
> > - * Once page cache replacement of page migration started, page_count
> > - * *must* be zero. And, we don't want to call wait_on_page_locked()
> > - * against a page without get_page().
> > - * So, we use get_page_unless_zero(), here. Even failed, page fault
> > - * will occur again.
> > - */
> > - if (!get_page_unless_zero(page))
> > - goto out;
> > pte_unmap_unlock(ptep, ptl);
> > - wait_on_page_locked(page);
> > - put_page(page);
> > + page_lock(page);
> > + page_unlock(page);
>
> So what protects us from locking a page whose refcount dropped to zero?
> and is being freed? The checks in freeing path won't be happy about a
> stray lock.

Nothing really prevents that. But does it matter. The worst that might
happen is that we lock a freed or reused page. Who would complain?

--
Michal Hocko
SUSE Labs

Next message: Greg Kroah-Hartman: "[PATCH 4.18 155/171] drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panels native mode"
Previous message: Greg Kroah-Hartman: "[PATCH 4.18 114/171] ext4: avoid possible double brelse() in add_new_gdb() on error path"
In reply to: Vlastimil Babka: "Re: Memory hotplug softlock issue"
Next in thread: Vlastimil Babka: "Re: Memory hotplug softlock issue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]