[PATCH] mm/memory_hotplug: drain per-cpu pages again during memory offline

From: Pavel Tatashin
Date: Tue Sep 01 2020 - 08:47:39 EST

Next message: Arnd Bergmann: "Re: [PATCH] time: Avoid undefined behaviour in timespec64_to_ns"
Previous message: Maoming (maoming, Cloud Infrastructure Service Product Dept.): "答复: 答复: 答复: [PATCH V2] vfio dma_map/unmap: optimized for hugetlbfs pages"
Next in thread: Sasha Levin: "Re: [PATCH] mm/memory_hotplug: drain per-cpu pages again during memory offline"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is a race during page offline that can lead to infinite loop:
a page never ends up on a buddy list and __offline_pages() keeps
retrying infinitely or until a termination signal is received.

Thread#1 - a new process:

load_elf_binary
begin_new_exec
exec_mmap
mmput
exit_mmap
tlb_finish_mmu
tlb_flush_mmu
release_pages
free_unref_page_list
free_unref_page_prepare
set_pcppage_migratetype(page, migratetype);
// Set page->index migration type below MIGRATE_PCPTYPES

Thread#2 - hot-removes memory
__offline_pages
start_isolate_page_range
set_migratetype_isolate
set_pageblock_migratetype(page, MIGRATE_ISOLATE);
Set migration type to MIGRATE_ISOLATE-> set
drain_all_pages(zone);
// drain per-cpu page lists to buddy allocator.

Thread#1 - continue
free_unref_page_commit
migratetype = get_pcppage_migratetype(page);
// get old migration type
list_add(&page->lru, &pcp->lists[migratetype]);
// add new page to already drained pcp list

Thread#2
Never drains pcp again, and therefore gets stuck in the loop.

The fix is to try to drain per-cpu lists again after
check_pages_isolated_cb() fails.

Signed-off-by: Pavel Tatashin <pasha.tatashin@xxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
---
mm/memory_hotplug.c | 9 +++++++++
1 file changed, 9 insertions(+)

diff --git a/mm/memory_hotplug.c b/mm/memory_hotplug.c
index e9d5ab5d3ca0..d6d54922bfce 100644
--- a/mm/memory_hotplug.c
+++ b/mm/memory_hotplug.c
@@ -1575,6 +1575,15 @@ static int __ref __offline_pages(unsigned long start_pfn,
/* check again */
ret = walk_system_ram_range(start_pfn, end_pfn - start_pfn,
NULL, check_pages_isolated_cb);
+ /*
+ * per-cpu pages are drained in start_isolate_page_range, but if
+ * there are still pages that are not free, make sure that we
+ * drain again, because when we isolated range we might
+ * have raced with another thread that was adding pages to
+ * pcp list.
+ */
+ if (ret)
+ drain_all_pages(zone);
} while (ret);

/* Ok, all of our target is isolated.
--
2.25.1

Next message: Arnd Bergmann: "Re: [PATCH] time: Avoid undefined behaviour in timespec64_to_ns"
Previous message: Maoming (maoming, Cloud Infrastructure Service Product Dept.): "答复: 答复: 答复: [PATCH V2] vfio dma_map/unmap: optimized for hugetlbfs pages"
Next in thread: Sasha Levin: "Re: [PATCH] mm/memory_hotplug: drain per-cpu pages again during memory offline"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]