From: Mel Gorman <mgorman@techsingularity.net>
To: Hugh Dickins <hughd@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Vlastimil Babka <vbabka@suse.cz>, Li Wang <liwang@redhat.com>,
Alex Shi <alex.shi@linux.alibaba.com>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org
Subject: Re: [PATCH] mm, page_alloc: capture page in task context only
Date: Thu, 11 Jun 2020 16:43:51 +0100 [thread overview]
Message-ID: <20200611154351.GA3183@techsingularity.net> (raw)
In-Reply-To: <alpine.LSU.2.11.2006101342250.4607@eggly.anvils>
On Wed, Jun 10, 2020 at 01:48:59PM -0700, Hugh Dickins wrote:
> While stressing compaction, one run oopsed on NULL capc->cc in
> __free_one_page()'s task_capc(zone): compact_zone_order() had been
> interrupted, and a page was being freed in the return from interrupt.
>
> Though you would not expect it from the source, both gccs I was using
> (a 4.8.1 and a 7.5.0) had chosen to compile compact_zone_order() with
> the ".cc = &cc" implemented by mov %rbx,-0xb0(%rbp) immediately before
> callq compact_zone - long after the "current->capture_control = &capc".
> An interrupt in between those finds capc->cc NULL (zeroed by an earlier
> rep stos).
>
> This could presumably be fixed by a barrier() before setting
> current->capture_control in compact_zone_order(); but would also need
> more care on return from compact_zone(), in order not to risk leaking
> a page captured by interrupt just before capture_control is reset.
>
> Maybe that is the preferable fix, but I felt safer for task_capc() to
> exclude the rather surprising possibility of capture at interrupt time.
>
> Fixes: 5e1f0f098b46 ("mm, compaction: capture a page under direct compaction")
> Cc: stable@vger.kernel.org # 5.1+
> Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Mel Gorman <mgorman@techsingularity.net>
--
Mel Gorman
SUSE Labs
next prev parent reply other threads:[~2020-06-11 15:48 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-10 20:48 [PATCH] mm, page_alloc: capture page in task context only Hugh Dickins
2020-06-11 15:43 ` Mel Gorman [this message]
2020-06-12 10:30 ` Vlastimil Babka
2020-06-15 21:03 ` Hugh Dickins
2020-06-16 7:45 ` Vlastimil Babka
2020-06-16 8:26 ` [PATCH 1/2] mm, compaction: make capture control handling safe wrt interrupts Vlastimil Babka
2020-06-16 8:26 ` [PATCH 2/2] mm, page_alloc: use unlikely() in task_capc() Vlastimil Babka
2020-06-16 20:29 ` Hugh Dickins
2020-06-17 9:55 ` Vlastimil Babka
2020-06-22 8:58 ` Mel Gorman
2020-06-16 20:18 ` [PATCH 1/2] mm, compaction: make capture control handling safe wrt interrupts Hugh Dickins
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200611154351.GA3183@techsingularity.net \
--to=mgorman@techsingularity.net \
--cc=akpm@linux-foundation.org \
--cc=alex.shi@linux.alibaba.com \
--cc=hughd@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=liwang@redhat.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.