On Tue, 6 Jun 2023, Jason Gunthorpe wrote: > On Tue, Jun 06, 2023 at 03:03:31PM -0400, Peter Xu wrote: > > On Tue, Jun 06, 2023 at 03:23:30PM -0300, Jason Gunthorpe wrote: > > > On Mon, Jun 05, 2023 at 08:40:01PM -0700, Hugh Dickins wrote: > > > > > > > diff --git a/arch/powerpc/mm/pgtable-frag.c > > > > b/arch/powerpc/mm/pgtable-frag.c > > > > index 20652daa1d7e..e4f58c5fc2ac 100644 > > > > --- a/arch/powerpc/mm/pgtable-frag.c > > > > +++ b/arch/powerpc/mm/pgtable-frag.c > > > > @@ -120,3 +120,54 @@ void pte_fragment_free(unsigned long *table, int > > > > kernel) > > > > __free_page(page); > > > > } > > > > } > > > > + > > > > +#ifdef CONFIG_TRANSPARENT_HUGEPAGE > > > > +#define PTE_FREE_DEFERRED 0x10000 /* beyond any PTE_FRAG_NR */ > > > > + > > > > +static void pte_free_now(struct rcu_head *head) > > > > +{ > > > > + struct page *page; > > > > + int refcount; > > > > + > > > > + page = container_of(head, struct page, rcu_head); > > > > + refcount = atomic_sub_return(PTE_FREE_DEFERRED - 1, > > > > + &page->pt_frag_refcount); > > > > + if (refcount < PTE_FREE_DEFERRED) { > > > > + pte_fragment_free((unsigned long *)page_address(page), > > > > 0); > > > > + return; > > > > + } > > > > > > From what I can tell power doesn't recycle the sub fragment into any > > > kind of free list. It just waits for the last fragment to be unused > > > and then frees the whole page.
Yes, it's relatively simple in that way: not as sophisticated as s390. > > > > > > So why not simply go into pte_fragment_free() and do the call_rcu > > > directly: > > > > > > BUG_ON(atomic_read(&page->pt_frag_refcount) <= 0); > > > if (atomic_dec_and_test(&page->pt_frag_refcount)) { > > > if (!kernel) > > > pgtable_pte_page_dtor(page); > > > call_rcu(&page->rcu_head, free_page_rcu) > > > > We need to be careful on the lock being freed in pgtable_pte_page_dtor(), > > in Hugh's series IIUC we need the spinlock being there for the rcu section > > alongside the page itself. So even if to do so we'll need to also rcu call > > pgtable_pte_page_dtor() when needed. Thanks, Peter, yes that's right. > > Er yes, I botched that, the dtor and the free_page should be in a the > rcu callback function But it was just a botched detail, and won't have answered Jason's doubt. I had three (or perhaps it amounts to two) reasons for doing it this way: none of which may seem good enough reasons to you. Certainly I'd agree that the way it's done seems... arcane. One, as I've indicated before, I don't actually dare to go all the way into RCU freeing of all page tables for powerpc (or any other): I should think it's a good idea that everyone wants in the end, but I'm limited by my time and competence - and dread of losing my way in the mmu_gather TLB #ifdef maze. It's work for someone else not me. (pte_free_defer() do as you suggest, without changing pte_fragment_free() itself? No, that doesn't work out when defer does, say, the decrement of pt_frag_refcount from 2 to 1, then pte_fragment_free() does the decrement from 1 to 0: page freed without deferral.) Two, this was the code I'd worked out before, and was used in production, so I had confidence in it - it was just my mistake that I'd forgotten the single rcu_head issue, and thought I could avoid it in the initial posting. powerpc has changed around since then, but apparently not in any way that affects this. And it's too easy to agree in review that something can be simpler, without bringing back to mind why the complications are there. Three (just an explanation of why the old code was like this), powerpc relies on THP's page table deposit+withdraw protocol, even for shmem/ file THPs. I've skirted that issue in this series, by sticking with retract_page_tables(), not attempting to insert huge pmd immediately. But if huge pmd is inserted to replace ptetable pmd, then ptetable must be deposited: pte_free_defer() as written protects the deposited ptetable from then being freed without deferral (rather like in the example above). But does not protect it from being withdrawn and reused within that grace period. Jann has grave doubts whether that can ever be allowed (or perhaps I should grant him certainty, and examples that it cannot). I did convince myself, back in the day, that it was safe here: but I'll have to put in a lot more thought to re-justify it now, and on the way may instead be completely persuaded by Jann. Not very good reasons: good enough, or can you supply a better patch? Thanks, Hugh