| Message ID | 0c6393eb-b28d-4607-c386-862a71f09de6@suse.cz (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v3] mm, page_alloc: disallow __GFP_COMP in alloc_pages_exact() | expand |
On Mon 18-03-19 13:21:59, Vlastimil Babka wrote: > OK here's a new version that changes the patch to remove __GFP_COMP per > the v2 discussion, and also fixes the bug Kirill spotted (thanks!). > > ----8<---- > >From 1fbc84c208573b885f51818ed823f89b3aa1e0ae Mon Sep 17 00:00:00 2001 > From: Vlastimil Babka <vbabka@suse.cz> > Date: Thu, 14 Mar 2019 10:19:30 +0100 > Subject: [PATCH v3] mm, page_alloc: disallow __GFP_COMP in alloc_pages_exact() > > alloc_pages_exact*() allocates a page of sufficient order and then splits it > to return only the number of pages requested. That makes it incompatible with > __GFP_COMP, because compound pages cannot be split. > > As shown by [1] things may silently work until the requested size (possibly > depending on user) stops being power of two. Then for CONFIG_DEBUG_VM, BUG_ON() > triggers in split_page(). Without CONFIG_DEBUG_VM, consequences are unclear. > > There are several options here, none of them great: > > 1) Don't do the spliting when __GFP_COMP is passed, and return the whole > compound page. However if caller then returns it via free_pages_exact(), > that will be unexpected and the freeing actions there will be wrong. > > 2) Warn and remove __GFP_COMP from the flags. But the caller may have really > wanted it, so things may break later somewhere. > > 3) Warn and return NULL. However NULL may be unexpected, especially for > small sizes. > > This patch picks option 2, because as Michal Hocko put it: "callers wanted it" > is much less probable than "caller is simply confused and more gfp flags is > surely better than fewer". > > [1] https://lore.kernel.org/lkml/20181126002805.GI18977@shao2-debian/T/#u > > Signed-off-by: Vlastimil Babka <vbabka@suse.cz> Acked-by: Michal Hocko <mhocko@suse.com> Thanks! > --- > mm/page_alloc.c | 14 +++++++++++--- > 1 file changed, 11 insertions(+), 3 deletions(-) > > diff --git a/mm/page_alloc.c b/mm/page_alloc.c > index 0b9f577b1a2a..123d9a407599 100644 > --- a/mm/page_alloc.c > +++ b/mm/page_alloc.c > @@ -4752,7 +4752,7 @@ static void *make_alloc_exact(unsigned long addr, unsigned int order, > /** > * alloc_pages_exact - allocate an exact number physically-contiguous pages. > * @size: the number of bytes to allocate > - * @gfp_mask: GFP flags for the allocation > + * @gfp_mask: GFP flags for the allocation, must not contain __GFP_COMP > * > * This function is similar to alloc_pages(), except that it allocates the > * minimum number of pages to satisfy the request. alloc_pages() can only > @@ -4767,6 +4767,9 @@ void *alloc_pages_exact(size_t size, gfp_t gfp_mask) > unsigned int order = get_order(size); > unsigned long addr; > > + if (WARN_ON_ONCE(gfp_mask & __GFP_COMP)) > + gfp_mask &= ~__GFP_COMP; > + > addr = __get_free_pages(gfp_mask, order); > return make_alloc_exact(addr, order, size); > } > @@ -4777,7 +4780,7 @@ EXPORT_SYMBOL(alloc_pages_exact); > * pages on a node. > * @nid: the preferred node ID where memory should be allocated > * @size: the number of bytes to allocate > - * @gfp_mask: GFP flags for the allocation > + * @gfp_mask: GFP flags for the allocation, must not contain __GFP_COMP > * > * Like alloc_pages_exact(), but try to allocate on node nid first before falling > * back. > @@ -4785,7 +4788,12 @@ EXPORT_SYMBOL(alloc_pages_exact); > void * __meminit alloc_pages_exact_nid(int nid, size_t size, gfp_t gfp_mask) > { > unsigned int order = get_order(size); > - struct page *p = alloc_pages_node(nid, gfp_mask, order); > + struct page *p; > + > + if (WARN_ON_ONCE(gfp_mask & __GFP_COMP)) > + gfp_mask &= ~__GFP_COMP; > + > + p = alloc_pages_node(nid, gfp_mask, order); > if (!p) > return NULL; > return make_alloc_exact((unsigned long)page_address(p), order, size); > -- > 2.21.0 >
On Mon, Mar 18, 2019 at 01:21:59PM +0100, Vlastimil Babka wrote: > OK here's a new version that changes the patch to remove __GFP_COMP per > the v2 discussion, and also fixes the bug Kirill spotted (thanks!). > > ----8<---- > From 1fbc84c208573b885f51818ed823f89b3aa1e0ae Mon Sep 17 00:00:00 2001 > From: Vlastimil Babka <vbabka@suse.cz> > Date: Thu, 14 Mar 2019 10:19:30 +0100 > Subject: [PATCH v3] mm, page_alloc: disallow __GFP_COMP in alloc_pages_exact() > > alloc_pages_exact*() allocates a page of sufficient order and then splits it > to return only the number of pages requested. That makes it incompatible with > __GFP_COMP, because compound pages cannot be split. > > As shown by [1] things may silently work until the requested size (possibly > depending on user) stops being power of two. Then for CONFIG_DEBUG_VM, BUG_ON() > triggers in split_page(). Without CONFIG_DEBUG_VM, consequences are unclear. > > There are several options here, none of them great: > > 1) Don't do the spliting when __GFP_COMP is passed, and return the whole > compound page. However if caller then returns it via free_pages_exact(), > that will be unexpected and the freeing actions there will be wrong. > > 2) Warn and remove __GFP_COMP from the flags. But the caller may have really > wanted it, so things may break later somewhere. > > 3) Warn and return NULL. However NULL may be unexpected, especially for > small sizes. > > This patch picks option 2, because as Michal Hocko put it: "callers wanted it" > is much less probable than "caller is simply confused and more gfp flags is > surely better than fewer". > > [1] https://lore.kernel.org/lkml/20181126002805.GI18977@shao2-debian/T/#u > > Signed-off-by: Vlastimil Babka <vbabka@suse.cz> Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
On Mon, Mar 18, 2019 at 01:21:59PM +0100, Vlastimil Babka wrote: > OK here's a new version that changes the patch to remove __GFP_COMP per > the v2 discussion, and also fixes the bug Kirill spotted (thanks!). > > ----8<---- > From 1fbc84c208573b885f51818ed823f89b3aa1e0ae Mon Sep 17 00:00:00 2001 > From: Vlastimil Babka <vbabka@suse.cz> > Date: Thu, 14 Mar 2019 10:19:30 +0100 > Subject: [PATCH v3] mm, page_alloc: disallow __GFP_COMP in alloc_pages_exact() > > alloc_pages_exact*() allocates a page of sufficient order and then splits it > to return only the number of pages requested. That makes it incompatible with > __GFP_COMP, because compound pages cannot be split. > > As shown by [1] things may silently work until the requested size (possibly > depending on user) stops being power of two. Then for CONFIG_DEBUG_VM, BUG_ON() > triggers in split_page(). Without CONFIG_DEBUG_VM, consequences are unclear. > > There are several options here, none of them great: > > 1) Don't do the spliting when __GFP_COMP is passed, and return the whole > compound page. However if caller then returns it via free_pages_exact(), > that will be unexpected and the freeing actions there will be wrong. > > 2) Warn and remove __GFP_COMP from the flags. But the caller may have really > wanted it, so things may break later somewhere. > > 3) Warn and return NULL. However NULL may be unexpected, especially for > small sizes. > > This patch picks option 2, because as Michal Hocko put it: "callers wanted it" > is much less probable than "caller is simply confused and more gfp flags is > surely better than fewer". > > [1] https://lore.kernel.org/lkml/20181126002805.GI18977@shao2-debian/T/#u > > Signed-off-by: Vlastimil Babka <vbabka@suse.cz> Acked-by: Mel Gorman <mgorman@techsingularity.net>
diff --git a/mm/page_alloc.c b/mm/page_alloc.c index 0b9f577b1a2a..123d9a407599 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -4752,7 +4752,7 @@ static void *make_alloc_exact(unsigned long addr, unsigned int order, /** * alloc_pages_exact - allocate an exact number physically-contiguous pages. * @size: the number of bytes to allocate - * @gfp_mask: GFP flags for the allocation + * @gfp_mask: GFP flags for the allocation, must not contain __GFP_COMP * * This function is similar to alloc_pages(), except that it allocates the * minimum number of pages to satisfy the request. alloc_pages() can only @@ -4767,6 +4767,9 @@ void *alloc_pages_exact(size_t size, gfp_t gfp_mask) unsigned int order = get_order(size); unsigned long addr; + if (WARN_ON_ONCE(gfp_mask & __GFP_COMP)) + gfp_mask &= ~__GFP_COMP; + addr = __get_free_pages(gfp_mask, order); return make_alloc_exact(addr, order, size); } @@ -4777,7 +4780,7 @@ EXPORT_SYMBOL(alloc_pages_exact); * pages on a node. * @nid: the preferred node ID where memory should be allocated * @size: the number of bytes to allocate - * @gfp_mask: GFP flags for the allocation + * @gfp_mask: GFP flags for the allocation, must not contain __GFP_COMP * * Like alloc_pages_exact(), but try to allocate on node nid first before falling * back. @@ -4785,7 +4788,12 @@ EXPORT_SYMBOL(alloc_pages_exact); void * __meminit alloc_pages_exact_nid(int nid, size_t size, gfp_t gfp_mask) { unsigned int order = get_order(size); - struct page *p = alloc_pages_node(nid, gfp_mask, order); + struct page *p; + + if (WARN_ON_ONCE(gfp_mask & __GFP_COMP)) + gfp_mask &= ~__GFP_COMP; + + p = alloc_pages_node(nid, gfp_mask, order); if (!p) return NULL; return make_alloc_exact((unsigned long)page_address(p), order, size);