From: Harry Yoo <harry.yoo@oracle.com>
To: Qi Zheng <qi.zheng@linux.dev>
Cc: Shakeel Butt <shakeel.butt@linux.dev>,
hannes@cmpxchg.org, hughd@google.com, mhocko@suse.com,
roman.gushchin@linux.dev, muchun.song@linux.dev,
david@kernel.org, lorenzo.stoakes@oracle.com, ziy@nvidia.com,
yosry.ahmed@linux.dev, imran.f.khan@oracle.com,
kamalesh.babulal@oracle.com, axelrasmussen@google.com,
yuanchu@google.com, weixugc@google.com,
chenridong@huaweicloud.com, mkoutny@suse.com,
akpm@linux-foundation.org, hamzamahfooz@linux.microsoft.com,
apais@linux.microsoft.com, lance.yang@linux.dev,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
cgroups@vger.kernel.org, Qi Zheng <zhengqi.arch@bytedance.com>
Subject: Re: [PATCH v3 28/30] mm: memcontrol: prepare for reparenting state_local
Date: Mon, 2 Feb 2026 12:15:03 +0900 [thread overview]
Message-ID: <aYAWtx9Qp4vWSoXN@hyeyoo> (raw)
In-Reply-To: <4535d53c-68aa-4c3d-b95e-6fbafdb83881@linux.dev>
On Fri, Jan 30, 2026 at 03:22:20PM +0800, Qi Zheng wrote:
> On 1/29/26 8:23 PM, Harry Yoo wrote:
> > On Thu, Jan 29, 2026 at 04:50:39PM +0800, Qi Zheng wrote:
> > > On 1/29/26 10:10 AM, Harry Yoo wrote:
> > > > On Mon, Jan 19, 2026 at 11:34:53AM +0800, Qi Zheng wrote:
> > > > > On 1/18/26 11:20 AM, Shakeel Butt wrote:
> > > > > > On Wed, Jan 14, 2026 at 07:32:55PM +0800, Qi Zheng wrote:
> > > > > Since these two functions require memcg or lruvec, they are already
> > > > > within the critical section of the RCU lock.
> > > >
> > > > What happens if someone grabbed a refcount and then release the rcu read
> > > > lock before percpu refkill and then call mod_memcg[_lruvec]_state()?
> > > >
> > > > In this case, can we end up reparenting in the middle of non-hierarchical
> > > > stat update because they don't have RCU grace period?
> > > >
> > > > Something like
> > > >
> > > > T1 T2
> > > >
> > > > - rcu_read_lock()
> > > > - get memcg refcnt
> > > > - rcu_read_unlock()
> > > >
> > > > - call mod_memcg_state()
> > > > - CSS_IS_DYING is not set
> > > > - Set CSS_IS_DYING
> > > > - Trigger percpu refkill
> > > >
> > > > - Trigger offline_css()
> > > > -> reparent non-hierarchical - update non-hierarchical stats
> > > > stats
> > > > - put memcg refcount
> > >
> > > Good catch, I think you are right.
> > >
> > > The rcu lock should be added to mod_memcg_state() and
> > > mod_memcg_lruvec_state().
> >
> > Thanks for confirming!
> >
> > Because it's quite confusing, let me ask few more questions...
> >
> > Q1. Yosry mentioned [1] [2] that stat updates should be done in the same
> > RCU section that is used to grab a refcount of the cgroup.
> >
> > But I don't think your work is relying on that. Instead, I guess, it's
> > relying on the CSS_DYING check from reader side to determine whether it
>
> Only relying the CSS_DYING check is insufficient. Otherwise, the
> following race may occur:
>
> T1 T2
>
> memcg_is_dying is false
> Set CSS_IS_DYING
> reparent non-hierarchical update non-hierarchical stats for child
>
> So IIUC we should add rcu lock, then:
Right, RCU here is used to enforce ordering between reparenting
non-hierarchical stats and stat updates for child.
> T1 T2
>
> rcu_read_lock
> memcg_is_dying is false
>
> Set CSS_IS_DYING
> update non-hierarchical stats for child
> rcu_read_unlock
>
> synchronize_rcu or rcu work
> --> reparent non-hierarchical
>
> > should update stats of the child or parent memcg, right?
> >
> > -> That being said, when rcu_read_lock() is called _after_ stats are
> > reparented, the reader must observe that the CSS_DYING flag is set.
> >
> > [1] https://lore.kernel.org/all/utl6esq7jz5e4f7kwgrpwdjc2rm3yi33ljb6xkm5nxzufa4o7s@hblq2piu3vnz
> > [2] https://lore.kernel.org/all/ebdhvcwygvnfejai5azhg3sjudsjorwmlcvmzadpkhexoeq3tb@5gj5y2exdhpn
> >
> > Q2. When a reader checks CSS_DYING flag, how is the flag change
> > guaranteed to be visible to the reader without any lock, memory barrier,
> > or atomic ops involved?
>
> The main situation requiring CSS_DYING check is as follow:
>
> T1 T2
>
> Set CSS_IS_DYING
>
> synchronize_rcu or rcu work
> --> reparent non-hierarchical
> rcu_read_lock()
> memcg_is_dying is true
> update non-hierarchical stats for parent
>
> Referring to the "Memory-Barrier Guarantees" section in [1],
Today I learned a little bit about RCU's requirements :)
> synchronize_rcu() can guarantee that T2 can see CSS_IS_DYING. Right?
Right. It is fair to assume that a read-side critical section either
1) ends before synchronize_rcu(), in this case, the reader might see
CSS_DYING flag or not, but it doesn't matter because this reader
ends before reparenting the stats.
2) starts after synchronize_rcu() starts, in this case, all stores
before the grace period starts must be propagated to all CPUs before
the critical section starts. Thus, such a reader is guaranteed
to see the CSS_DYING flag set.
Linux Kernel Memory Model [2] explicitly explains 1) and 2):
> RCU (Read-Copy-Update) is a powerful synchronization mechanism. It
> rests on two concepts: grace periods and read-side critical sections.
>
> A grace period is the span of time occupied by a call to
> synchronize_rcu(). A read-side critical section (or just critical
> section, for short) is a region of code delimited by rcu_read_lock()
> at the start and rcu_read_unlock() at the end. Critical sections can
> be nested, although we won't make use of this fact.
>
> As far as memory models are concerned, RCU's main feature is its
> Grace-Period Guarantee, which states that a critical section can never
> span a full grace period. In more detail, the Guarantee says:
>
> For any critical section C and any grace period G, at least
> one of the following statements must hold:
>
> (1) C ends before G does, and in addition, every store that
> propagates to C's CPU before the end of C must propagate to
> every CPU before G ends.
>
> (2) G starts before C does, and in addition, every store that
> propagates to G's CPU before the start of G must propagate
> to every CPU before C starts.
^ this
[2] https://docs.kernel.org/dev-tools/lkmm/docs/explanation.html
> [1]. https://www.kernel.org/doc/Documentation/RCU/Design/Requirements/Requirements.rst
> Qi
--
Cheers,
Harry / Hyeonggon
next prev parent reply other threads:[~2026-02-02 3:17 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-14 11:26 [PATCH v3 00/30] Eliminate Dying Memory Cgroup Qi Zheng
2026-01-14 11:26 ` [PATCH v3 01/30] mm: memcontrol: remove dead code of checking parent memory cgroup Qi Zheng
2026-01-14 11:26 ` [PATCH v3 02/30] mm: workingset: use folio_lruvec() in workingset_refault() Qi Zheng
2026-01-14 11:26 ` [PATCH v3 03/30] mm: rename unlock_page_lruvec_irq and its variants Qi Zheng
2026-01-14 11:26 ` [PATCH v3 04/30] mm: vmscan: prepare for the refactoring the move_folios_to_lru() Qi Zheng
2026-01-16 9:10 ` Harry Yoo
2026-01-16 9:14 ` Muchun Song
2026-01-14 11:26 ` [PATCH v3 05/30] mm: vmscan: refactor move_folios_to_lru() Qi Zheng
2026-01-16 11:31 ` Harry Yoo
2026-01-14 11:26 ` [PATCH v3 06/30] mm: memcontrol: allocate object cgroup for non-kmem case Qi Zheng
2026-01-14 11:32 ` [PATCH v3 07/30] mm: memcontrol: return root object cgroup for root memory cgroup Qi Zheng
2026-01-16 12:53 ` Harry Yoo
2026-01-14 11:32 ` [PATCH v3 08/30] mm: memcontrol: prevent memory cgroup release in get_mem_cgroup_from_folio() Qi Zheng
2026-01-17 20:00 ` Shakeel Butt
2026-01-18 0:31 ` Shakeel Butt
2026-01-19 3:20 ` Qi Zheng
2026-01-19 8:53 ` Harry Yoo
2026-01-14 11:32 ` [PATCH v3 09/30] buffer: prevent memory cgroup release in folio_alloc_buffers() Qi Zheng
2026-01-14 11:32 ` [PATCH v3 10/30] writeback: prevent memory cgroup release in writeback module Qi Zheng
2026-01-14 11:32 ` [PATCH v3 11/30] mm: memcontrol: prevent memory cgroup release in count_memcg_folio_events() Qi Zheng
2026-01-14 11:32 ` [PATCH v3 12/30] mm: page_io: prevent memory cgroup release in page_io module Qi Zheng
2026-01-14 11:32 ` [PATCH v3 13/30] mm: migrate: prevent memory cgroup release in folio_migrate_mapping() Qi Zheng
2026-01-14 11:32 ` [PATCH v3 14/30] mm: mglru: prevent memory cgroup release in mglru Qi Zheng
2026-01-17 22:46 ` Shakeel Butt
2026-01-19 9:25 ` Harry Yoo
2026-01-14 11:32 ` [PATCH v3 15/30] mm: memcontrol: prevent memory cgroup release in mem_cgroup_swap_full() Qi Zheng
2026-01-14 11:32 ` [PATCH v3 16/30] mm: workingset: prevent memory cgroup release in lru_gen_eviction() Qi Zheng
2026-01-14 11:32 ` [PATCH v3 17/30] mm: thp: prevent memory cgroup release in folio_split_queue_lock{_irqsave}() Qi Zheng
2026-01-16 9:15 ` Muchun Song
2026-01-14 11:32 ` [PATCH v3 18/30] mm: zswap: prevent memory cgroup release in zswap_compress() Qi Zheng
2026-01-16 9:18 ` Muchun Song
2026-01-20 7:47 ` Harry Yoo
2026-01-14 11:32 ` [PATCH v3 19/30] mm: workingset: prevent lruvec release in workingset_refault() Qi Zheng
2026-01-17 23:02 ` Shakeel Butt
2026-01-14 11:32 ` [PATCH v3 20/30] mm: zswap: prevent lruvec release in zswap_folio_swapin() Qi Zheng
2026-01-14 11:32 ` [PATCH v3 21/30] mm: swap: prevent lruvec release in lru_gen_clear_refs() Qi Zheng
2026-01-14 11:32 ` [PATCH v3 22/30] mm: workingset: prevent lruvec release in workingset_activation() Qi Zheng
2026-01-14 11:32 ` [PATCH v3 23/30] mm: do not open-code lruvec lock Qi Zheng
2026-01-15 9:26 ` Baoquan He
2026-01-15 9:31 ` Qi Zheng
2026-01-16 9:20 ` Muchun Song
2026-01-17 23:08 ` Shakeel Butt
2026-01-20 7:58 ` Harry Yoo
2026-01-14 11:32 ` [PATCH v3 24/30] mm: memcontrol: prepare for reparenting LRU pages for " Qi Zheng
2026-01-16 9:43 ` Muchun Song
2026-01-16 9:50 ` Qi Zheng
2026-01-18 0:44 ` Shakeel Butt
2026-01-19 3:44 ` Qi Zheng
2026-01-20 15:54 ` Shakeel Butt
2026-01-18 0:46 ` Shakeel Butt
2026-01-20 8:21 ` Harry Yoo
2026-01-20 11:51 ` Qi Zheng
2026-01-20 12:50 ` Harry Yoo
2026-01-14 11:32 ` [PATCH v3 25/30] mm: vmscan: prepare for reparenting traditional LRU folios Qi Zheng
2026-01-16 9:49 ` Muchun Song
2026-01-18 1:11 ` Shakeel Butt
2026-01-19 3:24 ` Qi Zheng
2026-01-14 11:32 ` [PATCH v3 26/30] mm: vmscan: prepare for reparenting MGLRU folios Qi Zheng
2026-01-15 10:44 ` [PATCH v3 26/30 fix] mm: mglru: do not call update_lru_size() during reparenting Qi Zheng
2026-01-15 17:46 ` Andrew Morton
2026-01-21 3:53 ` Harry Yoo
2026-01-21 4:19 ` Harry Yoo
2026-01-21 11:21 ` Qi Zheng
2026-01-18 3:25 ` [PATCH v3 26/30] mm: vmscan: prepare for reparenting MGLRU folios Shakeel Butt
2026-01-18 3:29 ` Shakeel Butt
2026-01-19 3:39 ` Qi Zheng
2026-01-14 11:32 ` [PATCH v3 27/30] mm: memcontrol: refactor memcg_reparent_objcgs() Qi Zheng
2026-01-18 2:31 ` Shakeel Butt
2026-01-22 9:04 ` Harry Yoo
2026-01-22 9:13 ` Muchun Song
2026-01-14 11:32 ` [PATCH v3 28/30] mm: memcontrol: prepare for reparenting state_local Qi Zheng
2026-01-15 10:41 ` [PATCH v3 28/30 fix 1/2] mm: memcontrol: fix lruvec_stats->state_local reparenting Qi Zheng
2026-01-15 10:41 ` [PATCH v3 28/30 fix 2/2] mm: memcontrol: change state_locals to atomic_long_t type Qi Zheng
2026-01-15 17:47 ` [PATCH v3 28/30 fix 1/2] mm: memcontrol: fix lruvec_stats->state_local reparenting Andrew Morton
2026-01-16 3:27 ` Qi Zheng
2026-01-18 3:22 ` Shakeel Butt
2026-01-19 3:36 ` Qi Zheng
2026-01-20 7:19 ` Muchun Song
2026-01-20 18:47 ` Shakeel Butt
2026-01-21 3:43 ` Qi Zheng
2026-01-21 8:20 ` Shakeel Butt
2026-01-21 11:25 ` Qi Zheng
2026-01-18 3:20 ` [PATCH v3 28/30] mm: memcontrol: prepare for reparenting state_local Shakeel Butt
2026-01-19 3:34 ` Qi Zheng
2026-01-29 2:10 ` Harry Yoo
2026-01-29 8:50 ` Qi Zheng
2026-01-29 12:23 ` Harry Yoo
2026-01-30 7:22 ` Qi Zheng
2026-02-02 3:15 ` Harry Yoo [this message]
2026-01-14 11:32 ` [PATCH v3 29/30] mm: memcontrol: eliminate the problem of dying memory cgroup for LRU folios Qi Zheng
2026-01-14 11:32 ` [PATCH v3 30/30] mm: lru: add VM_WARN_ON_ONCE_FOLIO to lru maintenance helpers Qi Zheng
2026-01-14 17:07 ` [syzbot ci] Re: Eliminate Dying Memory Cgroup syzbot ci
2026-01-15 3:47 ` Qi Zheng
2026-01-14 17:58 ` [PATCH v3 00/30] " Andrew Morton
2026-01-15 3:52 ` Qi Zheng
2026-01-15 5:59 ` Andrew Morton
2026-01-15 6:05 ` Qi Zheng
2026-01-15 12:40 ` Lorenzo Stoakes
2026-01-16 0:43 ` Andrew Morton
2026-01-16 8:33 ` Lorenzo Stoakes
2026-01-16 12:25 ` Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aYAWtx9Qp4vWSoXN@hyeyoo \
--to=harry.yoo@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=apais@linux.microsoft.com \
--cc=axelrasmussen@google.com \
--cc=cgroups@vger.kernel.org \
--cc=chenridong@huaweicloud.com \
--cc=david@kernel.org \
--cc=hamzamahfooz@linux.microsoft.com \
--cc=hannes@cmpxchg.org \
--cc=hughd@google.com \
--cc=imran.f.khan@oracle.com \
--cc=kamalesh.babulal@oracle.com \
--cc=lance.yang@linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mhocko@suse.com \
--cc=mkoutny@suse.com \
--cc=muchun.song@linux.dev \
--cc=qi.zheng@linux.dev \
--cc=roman.gushchin@linux.dev \
--cc=shakeel.butt@linux.dev \
--cc=weixugc@google.com \
--cc=yosry.ahmed@linux.dev \
--cc=yuanchu@google.com \
--cc=zhengqi.arch@bytedance.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox