On Thu, Dec 01, 2016 at 02:41:29PM +0100, Vlastimil Babka wrote:
> On 12/01/2016 01:24 AM, Mel Gorman wrote:
>
> ...
>
> > @@ -1096,28 +1097,29 @@ static void free_pcppages_bulk(struct zone *zone, int count,
> > if (nr_scanned)
> > __mod_node_page_state(zone->zone_pgdat, NR_PAGES_SCANNED, -nr_scanned);
> >
> > - while (count) {
> > + while (count > 0) {
> > struct page *page;
> > struct list_head *list;
> > + unsigned int order;
> >
> > /*
> > * Remove pages from lists in a round-robin fashion. A
> > * batch_free count is maintained that is incremented when an
> > - * empty list is encountered. This is so more pages are freed
> > - * off fuller lists instead of spinning excessively around empty
> > - * lists
> > + * empty list is encountered. This is not exact due to
> > + * high-order but percision is not required.
> > */
> > do {
> > batch_free++;
> > - if (++migratetype == MIGRATE_PCPTYPES)
> > - migratetype = 0;
> > - list = &pcp->lists[migratetype];
> > + if (++pindex == NR_PCP_LISTS)
> > + pindex = 0;
> > + list = &pcp->lists[pindex];
> > } while (list_empty(list));
> >
> > /* This is the only non-empty list. Free them all. */
> > - if (batch_free == MIGRATE_PCPTYPES)
> > + if (batch_free == NR_PCP_LISTS)
> > batch_free = count;
> >
> > + order = pindex_to_order(pindex);
> > do {
> > int mt; /* migratetype of the to-be-freed page */
> >
> > @@ -1135,11 +1137,14 @@ static void free_pcppages_bulk(struct zone *zone, int count,
> > if (bulkfree_pcp_prepare(page))
> > continue;
>
> Hmm I think that if this hits, we don't decrease count/increase nr_freed and
> pcp->count will become wrong.
Ok, I think you're right but I also think it's relatively trivial to fix
with
diff --git a/mm/page_alloc.c b/mm/page_alloc.c
index 94808f565f74..8777aefc1b8e 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -1134,13 +1134,13 @@ static void free_pcppages_bulk(struct zone *zone, int count,
if (unlikely(isolated_pageblocks))
mt = get_pageblock_migratetype(page);
+ nr_freed += (1 << order);
+ count -= (1 << order);
if (bulkfree_pcp_prepare(page))
continue;
__free_one_page(page, page_to_pfn(page), zone, order, mt);
trace_mm_page_pcpu_drain(page, order, mt);
- nr_freed += (1 << order);
- count -= (1 << order);
} while (count > 0 && --batch_free && !list_empty(list));
}
spin_unlock(&zone->lock);
> And if we are unlucky/doing full drain, all
> lists will get empty, but as count stays e.g. 1, we loop forever on the
> outer while()?
>
Potentially yes. Granted the system is already in a bad state as pages
are being freed in a bad or unknown state but we haven't halted the
system for that in the past.
> BTW, I think there's a similar problem (but not introduced by this patch) in
> rmqueue_bulk() and its
>
> if (unlikely(check_pcp_refill(page)))
> continue;
>
Potentially yes. It's outside the scope of this patch but it needs
fixing.
If you agree with the above fix, I'll roll it into a v5 and append
another patch for this issue.
--
Mel Gorman
SUSE Labs
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>