From: Guillaume Morin <guillaume@morinfr.org>
To: almasrymina@google.com, mike.kravetz@oracle.com,
cgroups@vger.kernel.org, guillaume@morinfr.org,
linux-mm@kvack.org
Subject: Re: [BUG] potential hugetlb css refcounting issues
Date: Sat, 28 Aug 2021 21:37:17 +0200 [thread overview]
Message-ID: <20210828193716.GA21491@bender.morinfr.org> (raw)
In-Reply-To: <20210827225841.GA30891@bender.morinfr.org>
On 28 Aug 0:58, Guillaume Morin wrote:
> > I am not sure about the above analysis. It is true that
> > hugetlb_cgroup_uncharge_page_rsvd is called unconditionally in
> > free_huge_page. However, IIUC hugetlb_cgroup_uncharge_page_rsvd will
> > only decrement the css refcount if there is a non-NULL hugetlb_cgroup
> > pointer in the page. And, the pointer in the page would only be set
> > in the 'deferred_reserve' path of alloc_huge_page. Unless I am
> > missing something, they seem to balance.
>
> Now that you explain, I am pretty sure that you're right and I was
> wrong.
>
> I'll confirm that I can't reproduce without my change for 2.
Confirmed. With the patch for the first issue, the issue is indeed
fixed. I must have messed up something during my testing...
Anyway, this is the change for 1:
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index 8ea35ba6699f..00ad4af0399b 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -4033,8 +4033,11 @@ static void hugetlb_vm_op_open(struct vm_area_struct *vma)
* after this open call completes. It is therefore safe to take a
* new reference here without additional locking.
*/
- if (resv && is_vma_resv_set(vma, HPAGE_RESV_OWNER))
+ if (resv && is_vma_resv_set(vma, HPAGE_RESV_OWNER)) {
+ if (resv->css)
+ css_get(resv->css);
kref_get(&resv->refs);
+ }
}
static void hugetlb_vm_op_close(struct vm_area_struct *vma)
--
Guillaume Morin <guillaume@morinfr.org>
next prev parent reply other threads:[~2021-08-28 19:37 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <8a4f2fbc-76e8-b67b-f110-30beff2228f5@oracle-com>
2021-08-27 22:58 ` Guillaume Morin
2021-08-28 19:37 ` Guillaume Morin [this message]
[not found] <20210827151146.GA25472@bender.morinfr.org>
2021-08-27 22:22 ` Mike Kravetz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210828193716.GA21491@bender.morinfr.org \
--to=guillaume@morinfr.org \
--cc=almasrymina@google.com \
--cc=cgroups@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mike.kravetz@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox