On Thu, 25 Mar 2010 09:21:32 +0000
Mel Gorman <mel@xxxxxxxxx> wrote:
> On Thu, Mar 25, 2010 at 06:09:34PM +0900, KOSAKI Motohiro wrote:
> > > On Thu, 25 Mar 2010 08:32:35 +0000
> > > Mel Gorman <mel@xxxxxxxxx> wrote:
> > >
> > > > On Thu, Mar 25, 2010 at 11:49:23AM +0900, KOSAKI Motohiro wrote:
> > > > > > On Fri, Mar 19, 2010 at 03:21:41PM +0900, KOSAKI Motohiro wrote:
> > > > > Hmmm...
> > > > > I haven't understand your mention because I guess I was wrong.
> > > > >
> > > > > probably my last question was unclear. I mean,
> > > > >
> > > > > 1) If we still need SLAB_DESTROY_BY_RCU, why do we need to add refcount?
> > > > > Which difference is exist between normal page migration and compaction?
> > > >
> > > > The processes typically calling migration today own the page they are moving
> > > > and is not going to exit unexpectedly during migration.
> > > >
> > > > > 2) If we added refcount, which race will solve?
> > > > >
> > > >
> > > > The process exiting and the last anon_vma being dropped while compaction
> > > > is running. This can be reliably triggered with compaction.
> > > >
> > > > > IOW, Is this patch fix old issue or compaction specific issue?
> > > > >
> > > >
> > > > Strictly speaking, it's an old issue but in practice it's impossible to
> > > > trigger because the process migrating always owns the page. Compaction
> > > > moves pages belonging to arbitrary processes.
> > > >
> > > Kosaki-san,
> > >
> > > IIUC, the race in memory-hotunplug was fixed by this patch [2/11].
> > >
> > > But, this behavior of unmap_and_move() requires access to _freed_
> > > objects (spinlock). Even if it's safe because of SLAB_DESTROY_BY_RCU,
> > > it't not good habit in general.
> > >
> > > After direct compaction, page-migration will be one of "core" code of
> > > memory management. Then, I agree to patch [1/11] as our direction for
> > > keeping sanity and showing direction to more updates. Maybe adding
> > > refcnt and removing RCU in futuer is good.
> >
> > But Christoph seems oppose to remove SLAB_DESTROY_BY_RCU. then refcount
> > is meaningless now.
>
> Christoph is opposed to removing it because of cache-hotness issues more
> so than use-after-free concerns. The refcount is needed with or without
> SLAB_DESTROY_BY_RCU.
>
I wonder a code which the easiest to be read will be like following.
==
if (PageAnon(page)) {
struct anon_vma anon = page_lock_anon_vma(page);
/* to take this lock, this page must be mapped. */
if (!anon_vma)
goto uncharge;
increase refcnt
page_unlock_anon_vma(anon);
}
....
==
and
==
void anon_vma_free(struct anon_vma *anon)
{
/*
* To increase refcnt of anon-vma, anon_vma->lock should be held by
* page_lock_anon_vma(). It means anon_vma has a "mapped" page.
* If this anon is freed by unmap or exit, all pages under this anon
* must be unmapped. Then, just checking refcnt without lock is ok.
*/
if (check refcnt > 0)
return do nothing
kmem_cache_free(anon);
}
==
Then, rcu_read_lock can be removed in clean way.
Thanks,
-Kame
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxxx For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>