From: Daniel Phillips <phillips@arcor.de>
To: Andrew Morton <akpm@zip.com.au>
Cc: Christian Ehrhardt <ehrhardt@mathematik.uni-ulm.de>,
lkml <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>
Subject: Re: MM patches against 2.5.31
Date: Thu, 29 Aug 2002 00:04:46 +0200 [thread overview]
Message-ID: <E17kAvf-0002tx-00@starship> (raw)
In-Reply-To: <3D6D3AA4.31A4AD3A@zip.com.au>
On Wednesday 28 August 2002 23:03, Andrew Morton wrote:
> Daniel Phillips wrote:
> >
> > Going right back to basics, what do you suppose is wrong with the 2.4
> > strategy of always doing the lru removal in free_pages_ok?
>
> That's equivalent to what we have at present, which is:
>
> if (put_page_testzero(page)) {
> /* window here */
> lru_cache_del(page);
> __free_pages_ok(page, 0);
> }
>
> versus:
>
> spin_lock(lru lock);
> page = list_entry(lru, ...);
> if (page_count(page) == 0)
> continue;
> /* window here */
> page_cache_get(page);
> page_cache_release(page); /* double-free */
Indeed it is. In 2.4.19 we have:
(vmscan.c: shrink_cache) (page_alloc.c: __free_pages)
365 if (unlikely(!page_count(page)))
366 continue;
444 if (!PageReserved(page) && put_page_testzero(page))
[many twisty paths, all different]
511 /* effectively free the page here */
512 page_cache_release(page);
445 __free_pages_ok(page, order);
[free it again just to make sure]
So there's no question that the race is lurking in 2.4. I noticed several
more paths besides the one above that look suspicious as well. The bottom
line is, 2.4 needs a fix along the lines of my suggestion or Christian's,
something that can actually be proved.
It's a wonder that this problem manifests so rarely in practice.
--
Daniel
WARNING: multiple messages have this Message-ID (diff)
From: Daniel Phillips <phillips@arcor.de>
To: Andrew Morton <akpm@zip.com.au>
Cc: Christian Ehrhardt <ehrhardt@mathematik.uni-ulm.de>,
lkml <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>
Subject: Re: MM patches against 2.5.31
Date: Thu, 29 Aug 2002 00:04:46 +0200 [thread overview]
Message-ID: <E17kAvf-0002tx-00@starship> (raw)
In-Reply-To: <3D6D3AA4.31A4AD3A@zip.com.au>
On Wednesday 28 August 2002 23:03, Andrew Morton wrote:
> Daniel Phillips wrote:
> >
> > Going right back to basics, what do you suppose is wrong with the 2.4
> > strategy of always doing the lru removal in free_pages_ok?
>
> That's equivalent to what we have at present, which is:
>
> if (put_page_testzero(page)) {
> /* window here */
> lru_cache_del(page);
> __free_pages_ok(page, 0);
> }
>
> versus:
>
> spin_lock(lru lock);
> page = list_entry(lru, ...);
> if (page_count(page) == 0)
> continue;
> /* window here */
> page_cache_get(page);
> page_cache_release(page); /* double-free */
Indeed it is. In 2.4.19 we have:
(vmscan.c: shrink_cache) (page_alloc.c: __free_pages)
365 if (unlikely(!page_count(page)))
366 continue;
444 if (!PageReserved(page) && put_page_testzero(page))
[many twisty paths, all different]
511 /* effectively free the page here */
512 page_cache_release(page);
445 __free_pages_ok(page, order);
[free it again just to make sure]
So there's no question that the race is lurking in 2.4. I noticed several
more paths besides the one above that look suspicious as well. The bottom
line is, 2.4 needs a fix along the lines of my suggestion or Christian's,
something that can actually be proved.
It's a wonder that this problem manifests so rarely in practice.
--
Daniel
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/
next prev parent reply other threads:[~2002-08-28 22:20 UTC|newest]
Thread overview: 105+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-08-22 2:29 MM patches against 2.5.31 Andrew Morton
2002-08-22 2:29 ` Andrew Morton
2002-08-22 11:28 ` Christian Ehrhardt
2002-08-22 11:28 ` Christian Ehrhardt
2002-08-26 1:52 ` Andrew Morton
2002-08-26 1:52 ` Andrew Morton
2002-08-26 9:10 ` Christian Ehrhardt
2002-08-26 9:10 ` Christian Ehrhardt
2002-08-26 14:22 ` Daniel Phillips
2002-08-26 14:22 ` Daniel Phillips
2002-08-26 15:29 ` Christian Ehrhardt
2002-08-26 15:29 ` Christian Ehrhardt
2002-08-26 17:56 ` Daniel Phillips
2002-08-26 17:56 ` Daniel Phillips
2002-08-26 19:24 ` Andrew Morton
2002-08-26 19:24 ` Andrew Morton
2002-08-26 19:34 ` Daniel Phillips
2002-08-26 19:34 ` Daniel Phillips
2002-08-26 19:48 ` Christian Ehrhardt
2002-08-26 19:48 ` Christian Ehrhardt
2002-08-27 9:22 ` Christian Ehrhardt
2002-08-27 9:22 ` Christian Ehrhardt
2002-08-27 19:19 ` Andrew Morton
2002-08-27 19:19 ` Andrew Morton
2002-08-26 20:00 ` Christian Ehrhardt
2002-08-26 20:00 ` Christian Ehrhardt
2002-08-26 20:09 ` Daniel Phillips
2002-08-26 20:09 ` Daniel Phillips
2002-08-26 20:58 ` Christian Ehrhardt
2002-08-26 20:58 ` Christian Ehrhardt
2002-08-27 16:48 ` Daniel Phillips
2002-08-27 16:48 ` Daniel Phillips
2002-08-28 13:14 ` Christian Ehrhardt
2002-08-28 13:14 ` Christian Ehrhardt
2002-08-28 17:18 ` Daniel Phillips
2002-08-28 17:18 ` Daniel Phillips
2002-08-28 17:42 ` Andrew Morton
2002-08-28 17:42 ` Andrew Morton
2002-08-28 20:41 ` Daniel Phillips
2002-08-28 20:41 ` Daniel Phillips
2002-08-28 21:03 ` Andrew Morton
2002-08-28 21:03 ` Andrew Morton
2002-08-28 22:04 ` Daniel Phillips [this message]
2002-08-28 22:04 ` Daniel Phillips
2002-08-28 22:39 ` Andrew Morton
2002-08-28 22:39 ` Andrew Morton
2002-08-28 22:57 ` Daniel Phillips
2002-08-28 22:57 ` Daniel Phillips
2002-08-26 21:31 ` Andrew Morton
2002-08-26 21:31 ` Andrew Morton
2002-08-27 3:42 ` Benjamin LaHaise
2002-08-27 3:42 ` Benjamin LaHaise
2002-08-27 4:37 ` Andrew Morton
2002-08-27 4:37 ` Andrew Morton
2002-08-26 17:58 ` Linus Torvalds
2002-08-26 19:28 ` Rik van Riel
2002-08-30 23:03 ` [RFC] [PATCH] Include LRU in page count Daniel Phillips
2002-08-31 16:14 ` Christian Ehrhardt
2002-08-31 17:54 ` Andrew Morton
2002-08-31 19:47 ` Daniel Phillips
2002-08-31 20:26 ` Andrew Morton
2002-08-31 21:05 ` Daniel Phillips
2002-08-31 22:30 ` William Lee Irwin III
2002-09-01 3:36 ` Daniel Phillips
2002-09-01 21:32 ` Daniel Phillips
2002-09-01 22:09 ` Andrew Morton
2002-09-01 22:08 ` Daniel Phillips
2002-09-01 22:20 ` Daniel Phillips
2002-09-01 23:08 ` Andrew Morton
2002-09-01 23:19 ` Daniel Phillips
2002-09-01 23:28 ` William Lee Irwin III
2002-09-01 23:33 ` Daniel Phillips
2002-09-02 0:17 ` Andrew Morton
2002-09-02 0:30 ` Daniel Phillips
2002-09-02 1:50 ` Andrew Morton
2002-09-02 1:08 ` Rik van Riel
2002-09-02 17:23 ` Christian Ehrhardt
2002-09-02 18:01 ` Daniel Phillips
2002-09-05 4:42 ` [RFC] Alternative raceless page free Daniel Phillips
2002-09-05 12:34 ` Christian Ehrhardt
2002-09-05 15:21 ` Daniel Phillips
2002-09-05 16:04 ` Christian Ehrhardt
2002-09-05 16:10 ` Daniel Phillips
2002-09-05 16:31 ` Daniel Phillips
2002-09-05 18:06 ` [RFC] Alternative raceless page free, updated Daniel Phillips
2002-08-22 15:59 ` MM patches against 2.5.31 Steven Cole
2002-08-22 15:59 ` Steven Cole
2002-08-22 16:06 ` Martin J. Bligh
2002-08-22 16:06 ` Martin J. Bligh
2002-08-22 19:45 ` Steven Cole
2002-08-22 19:45 ` Steven Cole
2002-08-26 2:15 ` Andrew Morton
2002-08-26 2:15 ` Andrew Morton
2002-08-26 2:08 ` Martin J. Bligh
2002-08-26 2:08 ` Martin J. Bligh
2002-08-26 2:32 ` Andrew Morton
2002-08-26 2:32 ` Andrew Morton
2002-08-26 3:06 ` Steven Cole
2002-08-26 3:06 ` Steven Cole
-- strict thread matches above, loose matches on Subject: below --
2002-08-26 22:09 Ed Tomlinson
2002-08-26 22:09 ` Ed Tomlinson
2002-08-26 23:58 ` Andrew Morton
2002-08-26 23:58 ` Andrew Morton
2002-08-27 0:13 ` Rik van Riel
2002-08-27 0:13 ` Rik van Riel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E17kAvf-0002tx-00@starship \
--to=phillips@arcor.de \
--cc=akpm@zip.com.au \
--cc=ehrhardt@mathematik.uni-ulm.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.