Re: [PATCH] mm: do not update memcg stats for NR_{FILE/SHMEM}_PMDMAPPED

Yosry Ahmed <yosryahmed@xxxxxxxxxx> · Mon, 6 May 2024 10:01:54 -0700



On Mon, May 6, 2024 at 10:00 AM Yosry Ahmed <yosryahmed@xxxxxxxxxx> wrote:
>
> Do not use __lruvec_stat_mod_folio() when updating NR_FILE_PMDMAPPED and
> NR_SHMEM_PMDMAPPED as these stats are not maintained per-memcg. Use
> __mod_node_page_state() instead, which updates the global per-node stats
> only.
>
> Reported-by: syzbot+9319a4268a640e26b72b@xxxxxxxxxxxxxxxxxxxxxxxxx
> Closes: https://lore.kernel.org/lkml/0000000000001b9d500617c8b23c@xxxxxxxxxx
> Signed-off-by: Yosry Ahmed <yosryahmed@xxxxxxxxxx>
> ---
>  mm/rmap.c | 15 +++++++++------
>  1 file changed, 9 insertions(+), 6 deletions(-)
>
> diff --git a/mm/rmap.c b/mm/rmap.c
> index 12be4241474ab..c2cfb750d2535 100644
> --- a/mm/rmap.c
> +++ b/mm/rmap.c
> @@ -1435,13 +1435,14 @@ static __always_inline void __folio_add_file_rmap(struct folio *folio,
>                 struct page *page, int nr_pages, struct vm_area_struct *vma,
>                 enum rmap_level level)
>  {
> +       pg_data_t *pgdat = folio_pgdat(folio);
>         int nr, nr_pmdmapped = 0;
>
>         VM_WARN_ON_FOLIO(folio_test_anon(folio), folio);
>
>         nr = __folio_add_rmap(folio, page, nr_pages, level, &nr_pmdmapped);
>         if (nr_pmdmapped)
> -               __lruvec_stat_mod_folio(folio, folio_test_swapbacked(folio) ?
> +               __mod_node_page_state(pgdat, folio_test_swapbacked(folio) ?
>                         NR_SHMEM_PMDMAPPED : NR_FILE_PMDMAPPED, nr_pmdmapped);
>         if (nr)
>                 __lruvec_stat_mod_folio(folio, NR_FILE_MAPPED, nr);
> @@ -1493,6 +1494,7 @@ static __always_inline void __folio_remove_rmap(struct folio *folio,
>                 enum rmap_level level)
>  {
>         atomic_t *mapped = &folio->_nr_pages_mapped;
> +       pg_data_t *pgdat = folio_pgdat(folio);
>         int last, nr = 0, nr_pmdmapped = 0;
>         bool partially_mapped = false;
>         enum node_stat_item idx;
> @@ -1540,13 +1542,14 @@ static __always_inline void __folio_remove_rmap(struct folio *folio,
>         }
>
>         if (nr_pmdmapped) {
> +               /* NR_{FILE/SHMEM}_PMDMAPPED are not maintained per-memcg */
>                 if (folio_test_anon(folio))
> -                       idx = NR_ANON_THPS;
> -               else if (folio_test_swapbacked(folio))
> -                       idx = NR_SHMEM_PMDMAPPED;
> +                       __lruvec_stat_mod_folio(folio, NR_ANON_THPS, -nr_pmdmapped);
>                 else
> -                       idx = NR_FILE_PMDMAPPED;
> -               __lruvec_stat_mod_folio(folio, idx, -nr_pmdmapped);
> +                       __mod_node_page_state(pgdat,
> +                                       folio_test_swapbacked(folio) ?
> +                                       NR_SHMEM_PMDMAPPED : NR_FILE_PMDMAPPED,
> +                                       nr_pmdmapped);

..and of course right after I press send I realized this should be
-nr_pmdmapped.

>         }
>         if (nr) {
>                 idx = folio_test_anon(folio) ? NR_ANON_MAPPED : NR_FILE_MAPPED;
> --
> 2.45.0.rc1.225.g2a3ae87e7f-goog
>