Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp355415pxb; Wed, 27 Oct 2021 04:21:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyb3ROcgqI4IZFcTyxceYzdmR8/2rphJho4UTgv6cuRLT5jsmqUmRXom+x2Bhce0wroMbNE X-Received: by 2002:a63:6904:: with SMTP id e4mr23436033pgc.43.1635333707330; Wed, 27 Oct 2021 04:21:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635333707; cv=none; d=google.com; s=arc-20160816; b=jM2o8sf3A9DSgQcAKN9wM2wc/jEJ71BEi6xjwBcM2aGqOX60FNAyOLAdeQdVs5E3V/ ZgC2/3FnWcxCUVGwTv+XGS0XWGOOyMr7Gwd/qq7gySjcpHHVYuW9+7R+Yg/oTo3q8kau 9b94RR5rcKlMP0/Li8guVzFIG9VMEk/u66A9stdW3cCnoWHXyFlTBs+rmdwPOR/lBWtQ L+huKq26BPZLAxNMn+QC1B94UdG4Bg8rZyTu7ojf/oVWut/aMMzvbuPsTnWZYTpDVUZP YaVmMpAX4CZrF4gobXClpsoxLbAwTTAONHP2SHO6Pw8Bb96f8CgHmrr/sePIy3i2SIEb qGLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=g6bRc3hEdmoyhbDnFfzjpCbgpj5AnIIMpxpQWkoEAPc=; b=0yBymwBE9NhD8AvilVfEUv7dP74xenIhdRE4Oxqa2TVjtLYVw80vZLdp9iCB1LKN31 yWnt99d0hxbVmF1uxaXUHDEhn1+2KYnMn2Y0hOoKGjZGB5kwE7w4Czf5t3eL6RQaZJgG dpzKwWIcSPhdTNrcIfrxzjjdil/YXOb8ur9l/nX4PVGWbjGtRdojR0cyl/ve7YQojCHj kI3VNVfIYHp93fL/RmykR/UbcpGPhY2Ozs9PM7x9dvN6blL2NE4qkULklSs9GFVL0fPo z2opVvw+rqKXrLELiBWCjQgjR93ZN7Hi3jtU1z9QB27UBbzdyNN93Hk4ZUD/0+pAm6Qa Pmpg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@soleen.com header.s=google header.b=Q4c50WAk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o13si7423483plg.145.2021.10.27.04.21.34; Wed, 27 Oct 2021 04:21:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@soleen.com header.s=google header.b=Q4c50WAk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232186AbhJZVhX (ORCPT + 99 others); Tue, 26 Oct 2021 17:37:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41066 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239651AbhJZVhU (ORCPT ); Tue, 26 Oct 2021 17:37:20 -0400 Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 68D27C061570 for ; Tue, 26 Oct 2021 14:34:56 -0700 (PDT) Received: by mail-lj1-x22a.google.com with SMTP id o11so1117024ljg.10 for ; Tue, 26 Oct 2021 14:34:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=soleen.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=g6bRc3hEdmoyhbDnFfzjpCbgpj5AnIIMpxpQWkoEAPc=; b=Q4c50WAkXBkEgY6gvfcvo5e8MhJnvWwBTJNOzFIu/Getb0WstjIXLdG5eqbfR8JHCO E6Y0rOmp5bYSVo1Q9PcxShZiHfhSraEdNL+WfcryfjngLxGyqGCsA5mFOURH3O99GL/i KVy9PC23hRaZpo6bFOq801aVnJMORPKPAlnrqhhYhS6shRWe6cLbC0zIajMFQL8Rjy+Y 9c1nn6cpFy+B2gmYUl2It8YpTn+2JQ5ZHX22aV2hXltq1IDGBQO1f7LThO574E+8qUnV crYxEAr25H0V5ROMUrRin0hi1zM0AlaD7yMwLRHVEEVtJLGIPpPI2022dKE11PYdtY6s 4Pvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=g6bRc3hEdmoyhbDnFfzjpCbgpj5AnIIMpxpQWkoEAPc=; b=TY/lZpUyFSsuUqq3bZru8oUITWudPg02CUzRohW2hkUr8E3F9G/Cx383JaH3mdOs2m UEqr06DlQ8tXYgKYUbtgfzJdHNqI+Fb4rs0Dy1M91aeq/n6SxmQxJYeROGtD0kpaA5GF PVfBjHGjq9v6XnFt9Lv7h0QCkJqugYH37pHziXPiGxZ4fmKZCKhMKkYKil7cMZRwjYga HnfZltVVohWhHrH9YoOgy572Y+zXntj4SDTu9+hrgD/eNet+Ts/8zTu8bhgfFNy788+L GxwI+NZ4dUKkVhXFw0zNT13tpt1oPqDil3/80nUUEqH+UBZ8Ab8lRMu1cDpp1ooOYFi0 P3NA== X-Gm-Message-State: AOAM532SwOcaiQOCOgQeE83BvZ1bV8FBAhiXKqgR7zT6AKKUqaLVfF71 MgZyw/t1nx3fYfvOYFL3PS8tp+8+QNA5JRNKgLoGaA== X-Received: by 2002:a2e:a0d7:: with SMTP id f23mr29374831ljm.422.1635284094799; Tue, 26 Oct 2021 14:34:54 -0700 (PDT) MIME-Version: 1.0 References: <20211026173822.502506-1-pasha.tatashin@soleen.com> <20211026173822.502506-2-pasha.tatashin@soleen.com> In-Reply-To: From: Pasha Tatashin Date: Tue, 26 Oct 2021 17:34:18 -0400 Message-ID: Subject: Re: [RFC 1/8] mm: add overflow and underflow checks for page->_refcount To: Matthew Wilcox Cc: LKML , linux-mm , linux-m68k@lists.linux-m68k.org, Anshuman Khandual , Andrew Morton , william.kucharski@oracle.com, Mike Kravetz , Vlastimil Babka , Geert Uytterhoeven , schmitzmic@gmail.com, Steven Rostedt , Ingo Molnar , Johannes Weiner , Roman Gushchin , songmuchun@bytedance.com, weixugc@google.com, Greg Thelen Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Oct 26, 2021 at 3:50 PM Matthew Wilcox wrote: > > On Tue, Oct 26, 2021 at 05:38:15PM +0000, Pasha Tatashin wrote: > > static inline void page_ref_add(struct page *page, int nr) > > { > > - atomic_add(nr, &page->_refcount); > > + int ret; > > + > > + VM_BUG_ON(nr <= 0); > > + ret = atomic_add_return(nr, &page->_refcount); > > + VM_BUG_ON_PAGE(ret <= 0, page); > > This isn't right. _refcount is allowed to overflow into the negatives. > See page_ref_zero_or_close_to_overflow() and the conversations that led > to it being added. #define page_ref_zero_or_close_to_overflow(page) \ 1204 ((unsigned int) page_ref_count(page) + 127u <= 127u) Uh, right, I saw the macro but did not realize there was an (unsigned int) cast. OK, I think we can move this macro inside: include/linux/page_ref.h modify it to something like this: #define page_ref_zero_or_close_to_overflow(page) \ ((unsigned int) page_ref_count(page) + v + 127u <= v + 127u) The sub/dec can also be fixed to ensure that we do not underflow but still working with the fact that we use all 32bits of _refcount. Pasha