From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 2A947C54E58
	for <linux-mm@archiver.kernel.org>; Thu, 21 Mar 2024 10:37:05 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id BBA0F6B0082; Thu, 21 Mar 2024 06:37:04 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id B8F426B0083; Thu, 21 Mar 2024 06:37:04 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id A30226B0085; Thu, 21 Mar 2024 06:37:04 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15])
	by kanga.kvack.org (Postfix) with ESMTP id 94C3C6B0082
	for <linux-mm@kvack.org>; Thu, 21 Mar 2024 06:37:04 -0400 (EDT)
Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay02.hostedemail.com (Postfix) with ESMTP id 37D4612158D
	for <linux-mm@kvack.org>; Thu, 21 Mar 2024 10:37:04 +0000 (UTC)
X-FDA: 81920693568.22.1BFA275
Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131])
	by imf05.hostedemail.com (Postfix) with ESMTP id CD2B8100010
	for <linux-mm@kvack.org>; Thu, 21 Mar 2024 10:37:00 +0000 (UTC)
Authentication-Results: imf05.hostedemail.com;
	dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=BbPO6PGh;
	dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=n26LMD+u;
	dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=QXQXMhSU;
	dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=T+Ezg7cD;
	spf=pass (imf05.hostedemail.com: domain of vbabka@suse.cz designates 195.135.223.131 as permitted sender) smtp.mailfrom=vbabka@suse.cz;
	dmarc=none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1711017421;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=qrUdzGmZxUrHcwBEsnHbHsFb6putT1o5r8sGWCVKxZE=;
	b=UvcFFWyd8nynaftDSfs1aFeWrUm4HqUuxxS8691BfAOzozL/eROOMyjbaptEqlSvVVIpKO
	62eByXs6KWPHDB4uJPaPj1k08qNtnz2r+YbgeDwl2zfn2bhNLDcQK5GgNKxA3d8ZzOHnx0
	SPmWwwywFUlmJbxfvh6DJbzJh5j8TGQ=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1711017421; a=rsa-sha256;
	cv=none;
	b=JP9/Viy/mARhjaC9eT6HDUHyf4MK5UfOn84u458c+SE3og8W3z3XKW3FHYWEN9mVuTf4Xl
	GVhpaFhz562sdlciZyOLycMKPEe/osFI0kIG4DVnIa4nnhYyDiMvdfnNTXedx3jH16YES5
	nfx8lZ9ILzBmfcEG/rXceYW76CgdPlQ=
ARC-Authentication-Results: i=1;
	imf05.hostedemail.com;
	dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=BbPO6PGh;
	dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=n26LMD+u;
	dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=QXQXMhSU;
	dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=T+Ezg7cD;
	spf=pass (imf05.hostedemail.com: domain of vbabka@suse.cz designates 195.135.223.131 as permitted sender) smtp.mailfrom=vbabka@suse.cz;
	dmarc=none
Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [10.150.64.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp-out2.suse.de (Postfix) with ESMTPS id 01CD05CC60;
	Thu, 21 Mar 2024 10:36:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa;
	t=1711017419; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=qrUdzGmZxUrHcwBEsnHbHsFb6putT1o5r8sGWCVKxZE=;
	b=BbPO6PGh3EgaMNUVfDcWNqgrBPxVoHeBGq+cDiTyeqGO7bpV4QkaMrHfxIwF37VLoa62AG
	1kUUVX5uRiAtTDrAqsF8s0P/xQtuDrcNXVRwgkMbIkM+Xh2rqFygQnd4DeSj+tBJeBngVg
	ruZjXMovT8N2pLmYJ1lSalnBWUA0GqI=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz;
	s=susede2_ed25519; t=1711017419;
	h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=qrUdzGmZxUrHcwBEsnHbHsFb6putT1o5r8sGWCVKxZE=;
	b=n26LMD+uKQ5LYmwOgYlz3/RzWELw/fdblv83H0njtvrAsU8h04OI4+26z/XnGZItZsjIwU
	yadLNY+CtzmhdGAQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa;
	t=1711017418; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=qrUdzGmZxUrHcwBEsnHbHsFb6putT1o5r8sGWCVKxZE=;
	b=QXQXMhSUoTyMOk6lCDl8D4amQh693Fkn/Qm1D4p1cwrRvavAmfzglSnbhPsMKLYtz7cGqK
	RhxZIpBaAflapVNvPnUjVfRgb7+op4tUe5W2+srZPQxjXX5pcCYpwLhHZCaRbm4cdcqACu
	lb7bOXMqfXyC/jLeqMbAdQlusxZfb28=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz;
	s=susede2_ed25519; t=1711017418;
	h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=qrUdzGmZxUrHcwBEsnHbHsFb6putT1o5r8sGWCVKxZE=;
	b=T+Ezg7cDMAgwTycg3GetI6HynCAGs7mkbKj2I8iu0LgVsmeCZg5C8DAzmhw4ZGCQaG8cN0
	zWX494RdbUryQuCg==
Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id DCA06136AD;
	Thu, 21 Mar 2024 10:36:57 +0000 (UTC)
Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167])
	by imap1.dmz-prg2.suse.org with ESMTPSA
	id azc/NckN/GVtIQAAD6G6ig
	(envelope-from <vbabka@suse.cz>); Thu, 21 Mar 2024 10:36:57 +0000
Message-ID: <71e4b82b-8f32-41f1-afd1-5238e88bf0e7@suse.cz>
Date: Thu, 21 Mar 2024 11:36:57 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH v2 1/2] mm,page_owner: Fix refcount imbalance
To: Oscar Salvador <osalvador@suse.de>,
 Andrew Morton <akpm@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
 Michal Hocko <mhocko@suse.com>, Marco Elver <elver@google.com>,
 Andrey Konovalov <andreyknvl@gmail.com>,
 Alexander Potapenko <glider@google.com>,
 Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
 syzbot+41bbfdb8d41003d12c0f@syzkaller.appspotmail.com
References: <20240319183212.17156-1-osalvador@suse.de>
 <20240319183212.17156-2-osalvador@suse.de>
Content-Language: en-US
From: Vlastimil Babka <vbabka@suse.cz>
In-Reply-To: <20240319183212.17156-2-osalvador@suse.de>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: CD2B8100010
X-Rspam-User: 
X-Rspamd-Server: rspam11
X-Stat-Signature: xc1cyujimrmrp7ytdtmr9r86y57q7ub3
X-HE-Tag: 1711017420-589869
X-HE-Meta: U2FsdGVkX18RT0/BCw6KYuSplhyq2jsklwokgGzTTIE3Qo6K6tC8o80SnG6rkyTvjwfSxssPPxIbIDmSXn2TXXAFwd1pjYXwYsN6Azt2Nq7al5nK0nBJbL9iyOIvqSmExBDC27vLXXwbQeWVTtYw2T5fi94JIc18cimDxdAyK4XMr5v0UW+HbwOERiwupa8I7fz1R1Q9Y7eGjpqOVGXpO6jl/5RdgM+mZTMTbZ66PUU4HsQImC3X08H35/dP2Z4+K9IWnldNNhB8rnBRQWwiSFPwnb5cJakAzqMR3V1ur6nE7N3zaxgHzmYZvwZDE0kYCkrHcXz/M7Q1WWy/70w/nlbHHzbl3LpWjOKIuLP7D8TbjWtNyI2JZvk5s/vdYczSGA6N43uLEYgJzsxisHTKhc8i3eHVpTVAPmSFf+Ho36/wa0+m3Cgze9XmaInS8XYwjqomJm/uHpVXgRSnT9pvjXloRP06IUTOVN5e07Ed0BHDSDRBbwlIZQ3wX9Pe9+a2DNw9ePV9Dxgbkg7fd68zj5WdgaE0zXog6zEQO/NQv1RhaaWBzMBBnsnN7El6ZhrOGdTdglxccym6uimDEZStvjTtUvCNIs/FzKKgkDQdBxnNy6qoaxG1a0G22BSpsPYI4bVWgpFVNWMHAv/SR0KjkdvEx44Itf+KTlHv36Ia07j9cnlh+1zRnWh9s5mtv7MoYtU5U3nktX5L8C7YrWrEv/s1BcRL86ojJeoOq2AHD8nnM3d4zi4YIvEZN/PJwNXpALzowPTQPXDqKCEMhcLOoUqzOizEUR+EmNJ4sVwHjpXB0BatfBN40bsT8+iddSZ02ue2UY+0rWH4rh23wAeadkGP2hWwexh3ZfsQN4q62Y+suW8HDD83mB1jvcBuHaEgVTm//MBz27rwprPdrm894lrCaTYOYQgkCBO3rSiYy43yZj/7LgcQhi59MjqasX1Hw2N0MloqUDRzqjLf85D
 dMRXQ372
 U04bQ2L2wmKeqcCNiMd6CEb/uNWLIEQpvuBQAimP+XC0FBqaSEr//rsCwFVY7ZOr+J4xxoq+qBDYKG86vGrpdB9wZAxILzj7FvY23CMw2Tv3ocerdJbahjFeMpm1a0VxSTShCdng05pFHb0riMC1Ic2LWDCOaJX6zv8JDaG0vZ/82NS/j7O/dujn3xe95Mv9I9LQ0inWuCAzrjmLoIEtxxPk0W6woNxl72yg5GqGQJyn62QeHMbn1QNWpUWQKIIk80stNLG6EjxLcxbxLOT+FiZGc/8Um6w+G7DLh3bvlDcifqfqb3KWT2T3YFT8VnOZdGCJsKoTTIelglZ9+IkhH4aTwKEY3whGntZ2oIVa3d+bOSivVLaORj+b8TUazo4zozHzkhtWo1A3A7E8OAA60NvjhUVbEN8mZLtRSA31iKf9H0eRhAIA9QHwmuuklP+0dGpzSXxGCL7jKZDhxAItmsLsBjPwRW9JBdaRDXckoaKXT0HQO3NLEnTOqo1JYPHTd52rMwQWzRh9KHLEWx8s7UA6oLA1aHBGIRqIjprF/L4R0n4U=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On 3/19/24 19:32, Oscar Salvador wrote:
> Current code does not contemplate scenarios were an allocation and
> free operation on the same pages do not handle it in the same amount
> at once.
> To give an example, page_alloc_exact(), where we will allocate a page
> of enough order to stafisfy the size request, but we will free the
> remainings right away.
> 
> In the above example, we will increment the stack_record refcount
> only once, but we will decrease it the same number of times as number
> of unused pages we have to free.
> This will lead to a warning because of refcount imbalance.
> 
> Fix this by recording the number of base pages in the refcount field.
> 
> Reported-by: syzbot+41bbfdb8d41003d12c0f@syzkaller.appspotmail.com
> Closes: https://lore.kernel.org/linux-mm/00000000000090e8ff0613eda0e5@google.com
> Fixes: 217b2119b9e2 ("mm,page_owner: implement the tracking of the stacks count")
> Signed-off-by: Oscar Salvador <osalvador@suse.de>

With the fixup,

Reviewed-by: Vlastimil Babka <vbabka@suse.cz>

But I think you'll need to resend with the missing hunk already applied, it
had broken whitespace in your email and IIUC this is was dropped from mm tree.

Also I'd suggest a change:

> +++ b/mm/page_owner.c
> @@ -196,9 +196,11 @@ static void add_stack_record_to_list(struct stack_record *stack_record,
>  	spin_unlock_irqrestore(&stack_list_lock, flags);
>  }
>  
> -static void inc_stack_record_count(depot_stack_handle_t handle, gfp_t gfp_mask)
> +static void inc_stack_record_count(depot_stack_handle_t handle, gfp_t gfp_mask,
> +				   int nr_base_pages)
>  {
>  	struct stack_record *stack_record = __stack_depot_get_stack_record(handle);
> +	int old = REFCOUNT_SATURATED;
>  
>  	if (!stack_record)
>  		return;
> @@ -210,22 +212,18 @@ static void inc_stack_record_count(depot_stack_handle_t handle, gfp_t gfp_mask)
>  	 * Since we do not use STACK_DEPOT_FLAG_GET API, let us
>  	 * set a refcount of 1 ourselves.
>  	 */
> -	if (refcount_read(&stack_record->count) == REFCOUNT_SATURATED) {
> -		int old = REFCOUNT_SATURATED;

I think this was useful optimization in that most cases the count is not
REFCOUNT_SATURATED so we don't have to go for the expensive cmpxchg all the
time. Or do I miss a reason why this was changed?

> -
> -		if (atomic_try_cmpxchg_relaxed(&stack_record->count.refs, &old, 1))
> -			/* Add the new stack_record to our list */
> -			add_stack_record_to_list(stack_record, gfp_mask);
> -	}
> -	refcount_inc(&stack_record->count);
> +	if (atomic_try_cmpxchg_relaxed(&stack_record->count.refs, &old, 1))
> +		add_stack_record_to_list(stack_record, gfp_mask);
> +	refcount_add(nr_base_pages, &stack_record->count);
>  }
>