From: Matthew Wilcox <willy@infradead.org>
To: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-mm@kvack.org, Andrew Morton <akpm@linux-foundation.org>,
Muchun Song <songmuchun@bytedance.com>,
Chris Down <chris@chrisdown.name>,
Michal Hocko <mhocko@kernel.org>,
Chunxin Zang <zangchunxin@bytedance.com>
Subject: Re: [PATCH] mm, vmscan: guarantee drop_slab_node() termination
Date: Tue, 24 Aug 2021 11:02:06 +0100 [thread overview]
Message-ID: <YSTDnqKgQLvziyQI@casper.infradead.org> (raw)
In-Reply-To: <20210818152239.25502-1-vbabka@suse.cz>
On Wed, Aug 18, 2021 at 05:22:39PM +0200, Vlastimil Babka wrote:
> diff --git a/mm/vmscan.c b/mm/vmscan.c
> index 403a175a720f..ef3554314b47 100644
> --- a/mm/vmscan.c
> +++ b/mm/vmscan.c
> @@ -936,6 +936,7 @@ static unsigned long shrink_slab(gfp_t gfp_mask, int nid,
> void drop_slab_node(int nid)
> {
> unsigned long freed;
> + int shift = 0;
>
> do {
> struct mem_cgroup *memcg = NULL;
> @@ -948,7 +949,7 @@ void drop_slab_node(int nid)
> do {
> freed += shrink_slab(GFP_KERNEL, nid, memcg, 0);
> } while ((memcg = mem_cgroup_iter(NULL, memcg, NULL)) != NULL);
> - } while (freed > 10);
> + } while ((freed >> shift++) > 0);
This can, if you're really unlucky, produce UB. If you free 2^63 items
when shift is 63, then 2^63 >> 63 is 1 and shift becomes 64, producing
UB on the next iteration. We could do:
} while (shift < BITS_PER_LONG) && (freed >> shift++) > 0);
but honestly, that feels silly. How about:
} while ((freed >> shift++) > 1);
almost exactly as arbitrary, but guarantees no UB.
next prev parent reply other threads:[~2021-08-24 10:03 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-18 15:22 [PATCH] mm, vmscan: guarantee drop_slab_node() termination Vlastimil Babka
2021-08-18 21:48 ` Chris Down
2021-08-19 2:55 ` Kefeng Wang
2021-08-19 7:01 ` Vlastimil Babka
2021-08-19 9:38 ` Kefeng Wang
2021-08-19 13:21 ` Chris Down
2021-08-19 14:16 ` Michal Hocko
2021-08-24 9:33 ` Vlastimil Babka
2021-08-24 10:02 ` Matthew Wilcox [this message]
2021-08-24 14:04 ` Vlastimil Babka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YSTDnqKgQLvziyQI@casper.infradead.org \
--to=willy@infradead.org \
--cc=akpm@linux-foundation.org \
--cc=chris@chrisdown.name \
--cc=linux-mm@kvack.org \
--cc=mhocko@kernel.org \
--cc=songmuchun@bytedance.com \
--cc=vbabka@suse.cz \
--cc=zangchunxin@bytedance.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).