Re: [PATCH] mm/hugetlb: add missing hugetlb_lock in __unmap_hugepage_range()
From: Giorgi Tchankvetadze
Date: Sat Aug 23 2025 - 04:53:47 EST
+ /*
+ * Check surplus_huge_pages without taking hugetlb_lock.
+ * A race here is okay:
+ * - If surplus goes 0 -> nonzero, we skip restore.
+ * - If surplus goes nonzero -> 0, we also skip.
+ * In both cases we just miss a restore, which is safe.
+ */
+ {
+ unsigned long surplus = READ_ONCE(h->surplus_huge_pages);
+
+ if (!surplus &&
+ __vma_private_lock(vma) &&
+ folio_test_anon(folio) &&
+ READ_ONCE(h->surplus_huge_pages) == surplus) {
+ folio_set_hugetlb_restore_reserve(folio);
+ adjust_reservation = true;
+ }
+ }
spin_unlock(ptl);
On 8/23/2025 5:07 AM, Andrew Morton wrote:
On Fri, 22 Aug 2025 14:58:57 +0900 Jeongjun Park <aha310510@xxxxxxxxx> wrote:
When restoring a reservation for an anonymous page, we need to check to > freeing a surplus. However, __unmap_hugepage_range() causes data
race > because it reads h->surplus_huge_pages without the protection of
> hugetlb_lock. > > Therefore, we need to add missing hugetlb_lock. >
> ... > > --- a/mm/hugetlb.c > +++ b/mm/hugetlb.c > @@ -5951,6 +5951,8
@@ void __unmap_hugepage_range(struct mmu_gather *tlb, struct
vm_area_struct *vma, > * If there we are freeing a surplus, do not set
the restore > * reservation bit. > */ > + spin_lock_irq(&hugetlb_lock);
> + > if (!h->surplus_huge_pages && __vma_private_lock(vma) && >
folio_test_anon(folio)) { > folio_set_hugetlb_restore_reserve(folio); >
@@ -5958,6 +5960,7 @@ void __unmap_hugepage_range(struct mmu_gather
*tlb, struct vm_area_struct *vma, > adjust_reservation = true; > } > > +
spin_unlock_irq(&hugetlb_lock); > spin_unlock(ptl); >
Does hugetlb_lock nest inside page_table_lock?
It's a bit sad to be taking a global lock just to defend against some
alleged data race which probably never happens. Doing it once per
hugepage probably won't matter but still, is there something more
proportionate that we can do here?