Re: [PATCH v2] hugetlb: freeze allocated pages before creating hugetlb pages

From: Mike Kravetz
Date: Tue Sep 20 2022 - 13:11:18 EST


On 09/20/22 06:02, Oscar Salvador wrote:
> On Fri, Sep 16, 2022 at 02:46:38PM -0700, Mike Kravetz wrote:
> > When creating hugetlb pages, the hugetlb code must first allocate
> > contiguous pages from a low level allocator such as buddy, cma or
> > memblock. The pages returned from these low level allocators are
> > ref counted. This creates potential issues with other code taking
> > speculative references on these pages before they can be transformed to
> > a hugetlb page. This issue has been addressed with methods and code
> > such as that provided in [1].
> >
> > Recent discussions about vmemmap freeing [2] have indicated that it
> > would be beneficial to freeze all sub pages, including the head page
> > of pages returned from low level allocators before converting to a
> > hugetlb page. This helps avoid races if we want to replace the page
> > containing vmemmap for the head page.
> >
> > There have been proposals to change at least the buddy allocator to
> > return frozen pages as described at [3]. If such a change is made, it
> > can be employed by the hugetlb code. However, as mentioned above
> > hugetlb uses several low level allocators so each would need to be
> > modified to return frozen pages. For now, we can manually freeze the
> > returned pages. This is done in two places:
> > 1) alloc_buddy_huge_page, only the returned head page is ref counted.
> > We freeze the head page, retrying once in the VERY rare case where
> > there may be an inflated ref count.
> > 2) prep_compound_gigantic_page, for gigantic pages the current code
> > freezes all pages except the head page. New code will simply freeze
> > the head page as well.
> >
> > In a few other places, code checks for inflated ref counts on newly
> > allocated hugetlb pages. With the modifications to freeze after
> > allocating, this code can be removed.
> >
> > After hugetlb pages are freshly allocated, they are often added to the
> > hugetlb free lists. Since these pages were previously ref counted, this
> > was done via put_page() which would end up calling the hugetlb
> > destructor: free_huge_page. With changes to freeze pages, we simply
> > call free_huge_page directly to add the pages to the free list.
> >
> > In a few other places, freshly allocated hugetlb pages were immediately
> > put into use, and the expectation was they were already ref counted. In
> > these cases, we must manually ref count the page.
> >
> > [1] https://lore.kernel.org/linux-mm/20210622021423.154662-3-mike.kravetz@xxxxxxxxxx/
> > [2] https://lore.kernel.org/linux-mm/20220802180309.19340-1-joao.m.martins@xxxxxxxxxx/
> > [3] https://lore.kernel.org/linux-mm/20220809171854.3725722-1-willy@xxxxxxxxxxxxx/
> >
> > Signed-off-by: Mike Kravetz <mike.kravetz@xxxxxxxxxx>
>
> Hi Mike,
>
> this looks great and simplifies the code much more.
> I got a question though:
>
> > --- a/mm/hugetlb.c
> > +++ b/mm/hugetlb.c
> > @@ -1787,9 +1787,8 @@ static bool __prep_compound_gigantic_page(struct page *page, unsigned int order,
> >
> > /* we rely on prep_new_huge_page to set the destructor */
> > set_compound_order(page, order);
> > - __ClearPageReserved(page);
> > __SetPageHead(page);
> > - for (i = 1; i < nr_pages; i++) {
> > + for (i = 0; i < nr_pages; i++) {
> > p = nth_page(page, i);
> >
> > /*
> > @@ -1830,17 +1829,19 @@ static bool __prep_compound_gigantic_page(struct page *page, unsigned int order,
> > } else {
> > VM_BUG_ON_PAGE(page_count(p), p);
> > }
> > - set_compound_head(p, page);
> > + if (i != 0)
> > + set_compound_head(p, page);
>
> Sure I am missing something here, but why we only freeze refcount here
> in case it is for demote?

Hi Oscar, thanks for taking a look.

I think you may have missed something in the above comment. For gigantic
pages, we only freeze pages if NOT demote. In the demote case, pages are
already frozen.

> We seem to be doing it inconditionally in alloc_buddy_huge_page.

In alloc_buddy_huge_page, we are getting a fresh/new hugetlb page. So, we are
certainly not in a demote path. That is why we freeze unconditionally there.
We want to make sure it is frozen before it is put to use as a hugetlb
page.

In the demote path, we call two routines to 'prep' the set of free pages.
- prep_compound_gigantic_page_for_demote which ends up in the above logic.
We do not need to freeze, because the ref count of all the pages are
already zero.
- prep_compound_page is not hugetlb specific, but rather used in the normal
allocation path of compound pages. It serves the purpose of creating a
compound page of the appropriate size. prep_compound_page only deals with
getting the compound page structure correct. It does not change any ref
counts. This is desired as the ref count on all the pages is zero.

Hope that answers your question.
--
Mike Kravetz