From: Lai Jiangshan <laijs@cn.fujitsu.com>
To: Hugh Dickins <hughd@google.com>, Christoph Lameter <cl@linux.com>
Cc: Pekka Enberg <penberg@kernel.org>, Ingo Molnar <mingo@elte.hu>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
Eric Dumazet <eric.dumazet@gmail.com>,
"David S. Miller" <davem@davemloft.net>,
Matt Mackall <mpm@selenic.com>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org
Subject: Re: [PATCH 2/4] slub,rcu: don't assume the size of struct rcu_head
Date: Tue, 08 Mar 2011 10:17:41 +0800 [thread overview]
Message-ID: <4D7591C5.5070909@cn.fujitsu.com> (raw)
In-Reply-To: <AANLkTikk02f6kLiPFqqAGroJErQkHbJFfHzpHy4Y5P8Y@mail.gmail.com>
On 03/07/2011 03:39 AM, Hugh Dickins wrote:
> On Wed, Mar 2, 2011 at 4:32 AM, Christoph Lameter <cl@linux.com> wrote:
>> On Tue, 1 Mar 2011, Hugh Dickins wrote:
>>
>>>> Struct page may be larger for debugging purposes already because of the
>>>> need for extended spinlock data.
>>>
>>> That was so for a long time, but I stopped it just over a year ago
>>> with commit a70caa8ba48f21f46d3b4e71b6b8d14080bbd57a, stop ptlock
>>> enlarging struct page.
>>
>> Strange. I just played around with in in January and the page struct size
>> changes when I build kernels with full debugging. I have some
>> cmpxchg_double patches here that depend on certain alignment in the page
>> struct. Debugging causes all that stuff to get out of whack so that I had
>> to do some special patches to make sure fields following the spinlock are
>> properly aligned when the sizes change.
>
> That puzzles me, it's not my experience and I don't have an
> explanation: do you have time to investigate?
>
> Uh oh, you're going to tell me you're working on an out-of-tree
> architecture with a million cpus ;) In that case, yes, I'm afraid
> I'll have to update the SPLIT_PTLOCK_CPUS defaulting (for a million -
> 1 even).
>
>>
>>> If a union leads to "random junk" overwriting the page->mapping field
>>> when the page is reused, and that junk could resemble the pointer in
>>> question, then KSM would mistakenly think it still owned the page.
>>> Very remote chance, and maybe it amounts to no more than a leak. But
>>> I'd still prefer we keep page->mapping for pointers (sometimes with
>>> lower bits set as flags).
>>
>> DESTROY BY RCU uses the lru field which follows the mapping field in page
>> struct. Why would random junk overwrite the mapping field?
>
> Random junk does not overwrite the mapping field with the current
> implementation of DESTROY_BY_RCU. But you and Jiangshan were
> discussing how to change it, so I was warning of this issue with
> page->mapping.
>
> But I would anyway agree with Jiangshan, that it's preferable not to
> bloat struct page size just for this DESTROY_BY_RCU issue, even if it
> is only an issue when debugging.
>
A union with rcu_head does not cause overwriting, But the problem is
only one minority use of the page (as a DESTROY_BY_RCU slab) needs to
fit a rcu_head and to bloat the struct page size.
Except for preparing for debugging or adding priority information for rcu_head,
this patch also does a de-coupling work.
WARNING: multiple messages have this Message-ID (diff)
From: Lai Jiangshan <laijs@cn.fujitsu.com>
To: Hugh Dickins <hughd@google.com>, Christoph Lameter <cl@linux.com>
Cc: Pekka Enberg <penberg@kernel.org>, Ingo Molnar <mingo@elte.hu>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
Eric Dumazet <eric.dumazet@gmail.com>,
"David S. Miller" <davem@davemloft.net>,
Matt Mackall <mpm@selenic.com>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org
Subject: Re: [PATCH 2/4] slub,rcu: don't assume the size of struct rcu_head
Date: Tue, 08 Mar 2011 10:17:41 +0800 [thread overview]
Message-ID: <4D7591C5.5070909@cn.fujitsu.com> (raw)
In-Reply-To: <AANLkTikk02f6kLiPFqqAGroJErQkHbJFfHzpHy4Y5P8Y@mail.gmail.com>
On 03/07/2011 03:39 AM, Hugh Dickins wrote:
> On Wed, Mar 2, 2011 at 4:32 AM, Christoph Lameter <cl@linux.com> wrote:
>> On Tue, 1 Mar 2011, Hugh Dickins wrote:
>>
>>>> Struct page may be larger for debugging purposes already because of the
>>>> need for extended spinlock data.
>>>
>>> That was so for a long time, but I stopped it just over a year ago
>>> with commit a70caa8ba48f21f46d3b4e71b6b8d14080bbd57a, stop ptlock
>>> enlarging struct page.
>>
>> Strange. I just played around with in in January and the page struct size
>> changes when I build kernels with full debugging. I have some
>> cmpxchg_double patches here that depend on certain alignment in the page
>> struct. Debugging causes all that stuff to get out of whack so that I had
>> to do some special patches to make sure fields following the spinlock are
>> properly aligned when the sizes change.
>
> That puzzles me, it's not my experience and I don't have an
> explanation: do you have time to investigate?
>
> Uh oh, you're going to tell me you're working on an out-of-tree
> architecture with a million cpus ;) In that case, yes, I'm afraid
> I'll have to update the SPLIT_PTLOCK_CPUS defaulting (for a million -
> 1 even).
>
>>
>>> If a union leads to "random junk" overwriting the page->mapping field
>>> when the page is reused, and that junk could resemble the pointer in
>>> question, then KSM would mistakenly think it still owned the page.
>>> Very remote chance, and maybe it amounts to no more than a leak. But
>>> I'd still prefer we keep page->mapping for pointers (sometimes with
>>> lower bits set as flags).
>>
>> DESTROY BY RCU uses the lru field which follows the mapping field in page
>> struct. Why would random junk overwrite the mapping field?
>
> Random junk does not overwrite the mapping field with the current
> implementation of DESTROY_BY_RCU. But you and Jiangshan were
> discussing how to change it, so I was warning of this issue with
> page->mapping.
>
> But I would anyway agree with Jiangshan, that it's preferable not to
> bloat struct page size just for this DESTROY_BY_RCU issue, even if it
> is only an issue when debugging.
>
A union with rcu_head does not cause overwriting, But the problem is
only one minority use of the page (as a DESTROY_BY_RCU slab) needs to
fit a rcu_head and to bloat the struct page size.
Except for preparing for debugging or adding priority information for rcu_head,
this patch also does a de-coupling work.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2011-03-08 2:16 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-01 8:03 [PATCH 2/4] slub,rcu: don't assume the size of struct rcu_head Lai Jiangshan
2011-03-01 8:03 ` Lai Jiangshan
2011-03-01 13:00 ` Pekka Enberg
2011-03-01 13:00 ` Pekka Enberg
2011-03-01 15:11 ` Christoph Lameter
2011-03-01 15:11 ` Christoph Lameter
2011-03-02 2:55 ` Lai Jiangshan
2011-03-02 2:55 ` Lai Jiangshan
2011-03-02 4:31 ` Hugh Dickins
2011-03-02 4:31 ` Hugh Dickins
2011-03-02 12:32 ` Christoph Lameter
2011-03-02 12:32 ` Christoph Lameter
2011-03-06 19:39 ` Hugh Dickins
2011-03-06 19:39 ` Hugh Dickins
2011-03-08 2:17 ` Lai Jiangshan [this message]
2011-03-08 2:17 ` Lai Jiangshan
2011-03-17 15:16 ` Christoph Lameter
2011-03-17 15:16 ` Christoph Lameter
2011-03-19 3:58 ` Hugh Dickins
2011-03-19 3:58 ` Hugh Dickins
2011-03-08 18:25 ` Christoph Lameter
2011-03-08 18:25 ` Christoph Lameter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D7591C5.5070909@cn.fujitsu.com \
--to=laijs@cn.fujitsu.com \
--cc=cl@linux.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=hughd@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@elte.hu \
--cc=mpm@selenic.com \
--cc=netdev@vger.kernel.org \
--cc=paulmck@linux.vnet.ibm.com \
--cc=penberg@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.