Re: (sashiko review) [PATCH] mm/damon/core: eliminate hot-path integer division in damon_max_nr_accesses()
From: Josh Law
Date: Wed Mar 25 2026 - 03:40:07 EST
On 25 March 2026 01:16:52 GMT, SeongJae Park <sj@xxxxxxxxxx> wrote:
>Forwarding Sashiko review for doing discussions via mails.
>
># review url: https://sashiko.dev/#/patchset/20260324154005.83651-1-objecting@xxxxxxxxxxxxx
># start of sashiko.dev inline review
>commit ff5e227a18cd69435749b0aae0dc2c762c4f0a47
>Author: Josh Law <objecting@xxxxxxxxxxxxx>
>
>mm/damon/core: eliminate hot-path integer division in damon_max_nr_accesses()
>
>Hardware integer division is slow. The function damon_max_nr_accesses(),
>which is called very frequently, performs an integer division.
>However, the struct damon_attrs already caches this exact ratio in the
>internal field aggr_samples. We can eliminate the hardware division in
>the hot path by simply returning aggr_samples.
>
>> diff --git a/include/linux/damon.h b/include/linux/damon.h
>> index d9a3babbafc1..04c8a052fcfb 100644
>> --- a/include/linux/damon.h
>> +++ b/include/linux/damon.h
>> @@ -978,8 +978,7 @@ static inline bool damon_target_has_pid(const struct damon_ctx *ctx)
>> static inline unsigned int damon_max_nr_accesses(const struct damon_attrs *attrs)
>> {
>> /* {aggr,sample}_interval are unsigned long, hence could overflow */
>> - return min(attrs->aggr_interval / attrs->sample_interval,
>> - (unsigned long)UINT_MAX);
>> + return min_t(unsigned long, attrs->aggr_samples, UINT_MAX);
>> }
>
>If an administrator dynamically updates aggr_interval via sysfs and commits
>the inputs, will attrs->aggr_samples be correctly recalculated?
>
>If aggr_samples becomes stale, kdamond_fn() will compute the real aggregation
>loop count and allow r->nr_accesses to increment up to the new bounds (for
>example, 80 loops). Meanwhile, damon_max_nr_accesses() will return the
>stale aggr_samples cache (for example, 20).
>
>When evaluating schemes, damon_hot_score() normalizes r->nr_accesses against
>this stale maximum, producing a freq_subscore that severely exceeds
>DAMON_MAX_SUBSCORE. This causes the calculated hotness to exceed
>DAMOS_MAX_SCORE.
>
>For DAMOS_PAGEOUT actions used by damon_reclaim, damon_cold_score() returns
>DAMOS_MAX_SCORE - hotness, yielding a highly negative score.
>
>Could this negative score cause an out-of-bounds write on the
>kernel heap when used as an array index?
>
>mm/damon/core.c:damos_walk() {
> ...
> c->regions_score_histogram[score] += damon_sz_region(r);
> ...
>}
>
>> diff --git a/mm/damon/core.c b/mm/damon/core.c
>> index db6c67e52d2b..afb058f7da5c 100644
>> --- a/mm/damon/core.c
>> +++ b/mm/damon/core.c
>> @@ -587,6 +587,7 @@ struct damon_ctx *damon_new_ctx(void)
>> ctx->attrs.sample_interval = 5 * 1000;
>> ctx->attrs.aggr_interval = 100 * 1000;
>> ctx->attrs.ops_update_interval = 60 * 1000 * 1000;
>> + ctx->attrs.aggr_samples = 20;
>
>Since this value is cached here, but not updated when intervals change, does
>it remain permanently stale during dynamic updates?
>
>
># end of sashiko.dev inline review
># review url: https://sashiko.dev/#/patchset/20260324154005.83651-1-objecting@xxxxxxxxxxxxx
>#
># hkml [1] generated a draft of this mail. It can be regenerated
># using below command:
>#
># hkml patch sashiko_dev --for_forwarding \
># 20260324154005.83651-1-objecting@xxxxxxxxxxxxx
>#
># [1] https://github.com/sjp38/hackermail
>
>Sent using hkml (https://github.com/sjp38/hackermail)
So it's nacked? Or is it just a review
V/R
Josh Law