On Tue, Nov 19, 2019 at 2:17 AM Michael S. Tsirkin <mst@xxxxxxxxxx> wrote:
>
> virtio_balloon_shrinker_scan should return number of system pages freed,
> but because it's calling functions that deal with balloon pages, it gets
> confused and sometimes returns the number of balloon pages.
>
> It does not matter practically as the exact number isn't
> used, but it seems better to be consistent in case someone
> starts using this API.
>
> Further, if we ever tried to iteratively leak pages as
> virtio_balloon_shrinker_scan tries to do, we'd run into issues - this is
> because freed_pages was accumulating total freed pages, but was also
> subtracted on each iteration from pages_to_free, which can result in
> either leaking less memory than we were supposed to free, or or more if
> pages_to_free underruns.
>
> On a system with 4K pages we are lucky that we are never asked to leak
> more than 128 pages while we can leak up to 256 at a time,
> but it looks like a real issue for systems with page size != 4K.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Fixes: 71994620bb25 ("virtio_balloon: replace oom notifier with shrinker")
> Reported-by: Khazhismel Kumykov <khazhy@xxxxxxxxxx>
> Reviewed-by: Wei Wang <wei.w.wang@xxxxxxxxx>
> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx>
> ---
> drivers/virtio/virtio_balloon.c | 17 +++++++++++------
> 1 file changed, 11 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/virtio/virtio_balloon.c b/drivers/virtio/virtio_balloon.c
> index 226fbb995fb0..7cee05cdf3fb 100644
> --- a/drivers/virtio/virtio_balloon.c
> +++ b/drivers/virtio/virtio_balloon.c
> @@ -772,6 +772,13 @@ static unsigned long shrink_free_pages(struct virtio_balloon *vb,
> return blocks_freed << VIRTIO_BALLOON_FREE_PAGE_ORDER;
> }
>
> +static unsigned long leak_balloon_pages(struct virtio_balloon *vb,
> + unsigned long pages_to_free)
> +{
> + return leak_balloon(vb, pages_to_free * VIRTIO_BALLOON_PAGES_PER_PAGE) /
> + VIRTIO_BALLOON_PAGES_PER_PAGE;
> +}
> +
> static unsigned long shrink_balloon_pages(struct virtio_balloon *vb,
> unsigned long pages_to_free)
> {
> @@ -782,11 +789,9 @@ static unsigned long shrink_balloon_pages(struct virtio_balloon *vb,
> * VIRTIO_BALLOON_ARRAY_PFNS_MAX balloon pages, so we call it
> * multiple times to deflate pages till reaching pages_to_free.
> */
> - while (vb->num_pages && pages_to_free) {
> - pages_freed += leak_balloon(vb, pages_to_free) /
> - VIRTIO_BALLOON_PAGES_PER_PAGE;
> - pages_to_free -= pages_freed;
> - }
> + while (vb->num_pages && pages_freed < pages_to_free)
> + pages_freed += leak_balloon_pages(vb, pages_to_free);
pages_to_free - pages_freed ?
> +
> update_balloon_size(vb);
>
> return pages_freed;
> @@ -799,7 +804,7 @@ static unsigned long virtio_balloon_shrinker_scan(struct shrinker *shrinker,
> struct virtio_balloon *vb = container_of(shrinker,
> struct virtio_balloon, shrinker);
>
> - pages_to_free = sc->nr_to_scan * VIRTIO_BALLOON_PAGES_PER_PAGE;
> + pages_to_free = sc->nr_to_scan;
>
> if (virtio_has_feature(vb->vdev, VIRTIO_BALLOON_F_FREE_PAGE_HINT))
> pages_freed = shrink_free_pages(vb, pages_to_free);
> --
> MST
>
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
