From: Vlastimil Babka <vbabka@suse.cz>
To: Matthew Wilcox <willy@infradead.org>,
Hyeonggon Yoo <42.hyeyoo@gmail.com>
Cc: Hugh Dickins <hughd@google.com>,
David Laight <David.Laight@aculab.com>,
Joel Fernandes <joel@joelfernandes.org>,
Andrew Morton <akpm@linux-foundation.org>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
rcu@vger.kernel.org
Subject: Re: amusing SLUB compaction bug when CC_OPTIMIZE_FOR_SIZE
Date: Fri, 4 Nov 2022 16:57:51 +0100 [thread overview]
Message-ID: <a80932ef-d029-c82e-d171-ab8bdac8cbdc@suse.cz> (raw)
In-Reply-To: <7dddca4c-bc36-2cf0-de1c-a770bef9e1b7@suse.cz>
On 10/24/22 16:35, Vlastimil Babka wrote:
> On 10/3/22 19:00, Matthew Wilcox wrote:
>> On Sun, Oct 02, 2022 at 02:48:02PM +0900, Hyeonggon Yoo wrote:
>>> Just one more thing, rcu_leak_callback too. RCU seem to use it
>>> internally to catch double call_rcu().
>>>
>>> And some suggestions:
>>> - what about adding runtime WARN() on slab init code to catch
>>> unexpected arch/toolchain issues?
>>> - instead of 4, we may use macro definition? like (PAGE_MAPPING_FLAGS + 1)?
>>
>> I think the real problem here is that isolate_movable_page() is
>> insufficiently paranoid. Looking at the gyrations that GUP and the
>> page cache do to convince themselves that the page they got really is
>> the page they wanted, there are a few missing pieces (eg checking that
>> you actually got a refcount on _this_ page and not some random other
>> page you were temporarily part of a compound page with).
>>
>> This patch does three things:
>>
>> - Turns one of the comments into English. There are some others
>> which I'm still scratching my head over.
>> - Uses a folio to help distinguish which operations are being done
>> to the head vs the specific page (this is somewhat an abuse of the
>> folio concept, but it's acceptable)
>> - Add the aforementioned check that we're actually operating on the
>> page that we think we want to be.
>> - Add a check that the folio isn't secretly a slab.
>>
>> We could put the slab check in PageMapping and call it after taking
>> the folio lock, but that seems pointless. It's the acquisition of
>> the refcount which stabilises the slab flag, not holding the lock.
>>
>
> I would like to have a working safe version in -next, even if we are able
> simplify it later thanks to frozen refcounts. I've made a formal patch of
> yours, but I'm still convinced the slab check needs to be more paranoid so
> it can't observe a false positive __folio_test_movable() while missing the
> folio_test_slab(), hence I added the barriers as in my previous attempt [1].
> Does that work for you and can I add your S-o-b?
>
> [1] https://lore.kernel.org/all/aec59f53-0e53-1736-5932-25407125d4d4@suse.cz/
To move on, I pushed a branch based on a new version of [1] above. It
lacks Matthew's folio parts, which are not IMHO that critical right now,
so can be added later.
It's here:
https://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab.git/log/?h=slab/for-6.2/fit_rcu_head
Will also send for formal review soon.
next prev parent reply other threads:[~2022-11-04 15:58 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-28 5:16 amusing SLUB compaction bug when CC_OPTIMIZE_FOR_SIZE Hugh Dickins
2022-09-28 5:49 ` Hyeonggon Yoo
2022-09-28 13:48 ` Joel Fernandes
2022-09-28 15:09 ` Hyeonggon Yoo
2022-09-28 16:20 ` Vlastimil Babka
2022-09-28 17:50 ` Hugh Dickins
2022-09-29 9:58 ` Vlastimil Babka
2022-09-29 21:54 ` Hugh Dickins
2022-09-30 7:39 ` Vlastimil Babka
2022-09-30 10:45 ` Hugh Dickins
2022-09-30 11:02 ` David Laight
2022-09-30 16:21 ` Hugh Dickins
2022-09-30 21:34 ` David Laight
2022-10-02 5:48 ` Hyeonggon Yoo
2022-10-03 17:00 ` Matthew Wilcox
2022-10-04 14:26 ` Hyeonggon Yoo
2022-10-04 14:40 ` Matthew Wilcox
2022-10-05 11:07 ` Hyeonggon Yoo
2022-10-24 14:35 ` Vlastimil Babka
2022-10-24 15:06 ` Matthew Wilcox
2022-10-24 15:24 ` Vlastimil Babka
2022-10-24 16:49 ` Vlastimil Babka
2022-10-25 4:19 ` Hugh Dickins
2022-10-25 9:17 ` Vlastimil Babka
2022-10-25 15:45 ` Hugh Dickins
2022-10-25 13:47 ` Hyeonggon Yoo
2022-10-25 14:08 ` Vlastimil Babka
2022-10-26 10:52 ` Vlastimil Babka
2022-10-26 12:29 ` Hyeonggon Yoo
2022-11-04 15:57 ` Vlastimil Babka [this message]
2022-09-29 11:53 ` David Laight
2022-09-29 13:01 ` Vlastimil Babka
2022-09-29 14:04 ` David Laight
2022-09-28 17:56 ` Hyeonggon Yoo
2022-09-28 19:53 ` Joel Fernandes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a80932ef-d029-c82e-d171-ab8bdac8cbdc@suse.cz \
--to=vbabka@suse.cz \
--cc=42.hyeyoo@gmail.com \
--cc=David.Laight@aculab.com \
--cc=akpm@linux-foundation.org \
--cc=hughd@google.com \
--cc=joel@joelfernandes.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=rcu@vger.kernel.org \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.