Re: [PATCH RFC] mm: migrate: don't rely on PageMovable() of newpage after unlocking it

From: David Hildenbrand
Date: Mon Jan 28 2019 - 08:14:38 EST


On 28.01.19 14:07, Michal Hocko wrote:
> On Mon 28-01-19 13:16:09, David Hildenbrand wrote:
> [...]
>> My theory:
>>
>> In __unmap_and_move(), we lock the old and newpage and perform the
>> migration. In case of vitio-balloon, the new page will become
>> movable, the old page will no longer be movable.
>>
>> However, after unlocking newpage, I think there is nothing stopping
>> the newpage from getting dequeued and freed by virtio-balloon. This
>> will result in the newpage
>> 1. No longer having PageMovable()
>> 2. Getting moved to the local list before finally freeing it (using
>> page->lru)
>
> Does that mean that the virtio-balloon can change the Movable state
> while there are other users of the page? Can you point to the code that
> does it? How come this can be safe at all? Or is the PageMovable stable
> only under the page lock?
>

PageMovable is stable under the lock. The relevant instructions are in

mm/balloon_compaction.c and include/linux/balloon_compaction.h

balloon_page_insert() and balloon_page_delete() modify PageMovable and
are only called with both, the page locked and b_dev_info->pages_lock
locked.

Especially:
1. balloon_page_dequeue() which tries to find an unlocked page that is
not isolated. and deletes it via balloon_page_delete().

2. balloon_page_migrate() will effectively call balloon_page_delete() on
old page and balloon_page_insert() newpage. Both pages are locked before
calling balloon_page_migrate() and the b_dev_info->pages_lock is taken
internally.


So what's left is a very small race window when migrating to a new page,
after dropping the lock of the newpage.

--

Thanks,

David / dhildenb