xen-devel

[Top] [All Lists]

[Xen-devel] [PATCH] [Linux, blktap] fix page reference count/file rss co

from [Isaku Yamahata]

[Permanent Link][Original]

To:	xen-devel@xxxxxxxxxxxxxxxxxxx
Subject:	[Xen-devel] [PATCH] [Linux, blktap] fix page reference count/file rss count leak
From:	Isaku Yamahata <yamahata@xxxxxxxxxxxxx>
Date:	Fri, 13 Jul 2007 12:02:33 +0900
Delivery-date:	Thu, 12 Jul 2007 20:00:21 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mutt/1.4.2.1i

fix page reference count/file rss count leak when auto translated mode is 
enabled.

Tapdisk process rss size becomes too large with auto translation enabled.
The example is as follows where dom0 has only several hundred megabytes.
This patch fixes it.
>  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
> 6758 root      15   0 39824 1.7t 1.7t S    0 188932.0  14:10.28 tapdisk

This is because page reference count/file rss size are incremented
when io request is accepted, but aren't decremented when the request is done.
This can be fixed by using vm_insert_page() in blktap_mmap() instead of
remap_pfn_range().


Details:
The tapdisk daemon mmaps blktap device and the blktap driver maps
page from the front end into the mmapped area and unmaps it when I/O
request is done.

When io request is accepted, dispatch_rw_block_io() is called.
With auto translated mode disabled, it directly manipulates the page table
without incrementing rss size.
With auto translated mode enabled, it calls vm_insert_page() which
increments page reference count/file rss.
When io request is done, fast_flush_area() is called.
With auto translated mode disabled, it directly manipulates the page table
without decrementing rss size.
With auto translated mode enabled, it calls zap_page_range() which
should decrements page reference count/file rss.
However (vma->vm_flags & VM_PFNMAP) is true, it doesn't decrement them
so that page reference count and file rss are leaked.
blktap driver allocates pages and never free them so that page reference
count leak doesn't cause an issue (probably until overflow).


Without auto translation, it makes sense for blktap_mmap() to set
VM_PFNMAP with remap_pfn_range() because the blktap driver directly
manipulates page tables.
On the other hand with auto translation the VM_PFNMAP bit shouldn't set.
This can be achieved by using vm_insert_page() in blktap_mmap()
instead of remap_pfn_range()

-- 
yamahata

130_a3f2f5e99df1.patch
Description: Text Data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] [PATCH] [Linux, blktap] fix page reference count/file rss count leak, Isaku Yamahata <=

Previous by Date:	[Xen-ia64-devel] Re: [Xen-devel] Re: [Xen-changelog] [linux-2.6.18-xen] Add "#ifdefARCH_HAS_DEV_MEM" to archtecture specific file_operations., Akio Takebe
Next by Date:	Re: [Xen-devel] Xen 3.1 - Can't run Fedora Core 1 PV, Keir Fraser
Previous by Thread:	[Xen-devel] [PATCH]Implement domctl_sendtrigger_nmi for x86 hvm, Yosuke Iwamatsu
Next by Thread:	[Xen-devel] vmx status report against changeset 15521 - 2 new issues, Zhao, Yunfeng
Indexes:	[Date] [Thread] [Top] [All Lists]