Received: by 2002:ac0:8845:0:0:0:0:0 with SMTP id g63csp1117435img; Tue, 26 Feb 2019 14:38:09 -0800 (PST) X-Google-Smtp-Source: AHgI3IZOCI14caigrWf4muc/Rv2KLg9nhqYm1f99fdmnTXimH2P6wq00pXIcjl9mUONYRcHqnN8W X-Received: by 2002:aa7:82d7:: with SMTP id f23mr28522520pfn.114.1551220689177; Tue, 26 Feb 2019 14:38:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551220689; cv=none; d=google.com; s=arc-20160816; b=JH0k4bCYERjKL7bv3CNfHj2Nlvc+xh38uKqhFhSi7NPCW+JBTlDcMjDKpzlShcwJFW J7mabH8yudIHB/HH35I112OYzJ7V3LKEOqK6YAC3+REwXJtpL92HbUlZRyfYYooNVz6H jV0ZDjT9E2yxl53pde23A4dtbGptM1/7Def/ZC28zYC0laYzlViJSX2jNoGRs5UG+iJ/ BfEAyNygxNTzihprQGvbap9hnJ5HmLxLZcHhhJIK9cVcej7gl0eBotE3Yfq1xzcnEROP mTdd4Da+LCXB4NoiGUMRwYpU179jvhLKhqhm2cSQZikVsmYCNbvGBw4LSrYfFyeJeho9 ZpKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=q7WKQ1uwCL5jlfbpTKmdgD2l6rk8KA/V5CGF5nMGw80=; b=j5dO9dY7lFD8rZjknkVFtkyuxFP1pgvS9ZDro2hGEyc8w/j/gWLB4gGlKwND5+Soi+ LDgtLN9Rqm4ykIkaXjY9OMKlFwfC+AffpMEO43LdWd/cDqq+QNb2eBTyAHErLlbyh1ak IXr4J6+uAfTJUQV3vxK9loodHLZrb6SmM9vBtkEBlyZlwFCO2sJiCrMwa6yW9ruj/Nzk 2qUVsChZirGJ50tdmlqaBaPqflCopBj7YuiRSzlKuRJt7BCzr3+cjqJ3Q+jcgcUdp2/9 zxtnotIwnAThUK8jdDbbqxj6Ljv+BZED3n7SoMIPysAVfA85td9bNKyELXoPYVEo8DlD XvQg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k6si50664pla.2.2019.02.26.14.37.54; Tue, 26 Feb 2019 14:38:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729208AbfBZWgX (ORCPT + 99 others); Tue, 26 Feb 2019 17:36:23 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:42996 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729030AbfBZWgX (ORCPT ); Tue, 26 Feb 2019 17:36:23 -0500 Received: from akpm3.svl.corp.google.com (unknown [104.133.8.65]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id ACC427B88; Tue, 26 Feb 2019 22:36:21 +0000 (UTC) Date: Tue, 26 Feb 2019 14:36:20 -0800 From: Andrew Morton To: Mike Kravetz Cc: David Rientjes , Jing Xiangfeng , mhocko@kernel.org, hughd@google.com, linux-mm@kvack.org, n-horiguchi@ah.jp.nec.com, Andrea Arcangeli , kirill.shutemov@linux.intel.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH v4] mm/hugetlb: Fix unsigned overflow in __nr_hugepages_store_common() Message-Id: <20190226143620.c6af15c7c897d3362b191e36@linux-foundation.org> In-Reply-To: References: <1550885529-125561-1-git-send-email-jingxiangfeng@huawei.com> <388cbbf5-7086-1d04-4c49-049021504b9d@oracle.com> <8c167be7-06fa-a8c0-8ee7-0bfad41eaba2@oracle.com> <13400ee2-3d3b-e5d6-2d78-a770820417de@oracle.com> <5C74A2DA.1030304@huawei.com> X-Mailer: Sylpheed 3.6.0 (GTK+ 2.24.31; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > The number of node specific huge pages can be set via a file such as: > /sys/devices/system/node/node1/hugepages/hugepages-2048kB/nr_hugepages > When a node specific value is specified, the global number of huge > pages must also be adjusted. This adjustment is calculated as the > specified node specific value + (global value - current node value). > If the node specific value provided by the user is large enough, this > calculation could overflow an unsigned long leading to a smaller > than expected number of huge pages. > > To fix, check the calculation for overflow. If overflow is detected, > use ULONG_MAX as the requested value. This is inline with the user > request to allocate as many huge pages as possible. > > It was also noticed that the above calculation was done outside the > hugetlb_lock. Therefore, the values could be inconsistent and result > in underflow. To fix, the calculation is moved to within the routine > set_max_huge_pages() where the lock is held. > > ... > > --- a/mm/hugetlb.c > +++ b/mm/hugetlb.c > @@ -2274,7 +2274,7 @@ static int adjust_pool_surplus(struct hstate *h, > nodemask_t *nodes_allowed, Please tweak that email client to prevent the wordwraps. > + /* > + * Check for a node specific request. Adjust global count, but > + * restrict alloc/free to the specified node. > + */ > + if (nid != NUMA_NO_NODE) { > + unsigned long old_count = count; > + count += h->nr_huge_pages - h->nr_huge_pages_node[nid]; > + /* > + * If user specified count causes overflow, set to > + * largest possible value. > + */ > + if (count < old_count) > + count = ULONG_MAX; > + } The above two comments explain the code, but do not reveal the reasoning behind the policy decisions which that code implements. > ... > > + } else { > /* > - * per node hstate attribute: adjust count to global, > - * but restrict alloc/free to the specified node. > + * Node specific request, but we could not allocate > + * node mask. Pass in ALL nodes, and clear nid. > */ Ditto here, somewhat. The old mantra: comments should explain "why", not "what". Reading the code tells us the "what". Thanks.