git: 4867d7d34dfd - releng/13.1 - vm_page: Fix a logic error in the handling of PQ_ACTIVE operations

From: Mark Johnston <markj_at_FreeBSD.org>
Date: Tue, 01 Nov 2022 20:33:39 UTC
The branch releng/13.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=4867d7d34dfd54986d5798eddc3ce92a70cc9841

commit 4867d7d34dfd54986d5798eddc3ce92a70cc9841
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2022-10-05 19:12:46 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2022-11-01 13:28:11 +0000

    vm_page: Fix a logic error in the handling of PQ_ACTIVE operations
    
    As an optimization, vm_page_activate() avoids requeuing a page that's
    already in the active queue.  A page's location in the active queue is
    mostly unimportant.
    
    When a page is unwired and placed back in the page queues,
    vm_page_unwire() avoids moving pages out of PQ_ACTIVE to honour the
    request, the idea being that they're likely mapped and so will simply
    get bounced back in to PQ_ACTIVE during a queue scan.
    
    In both cases, if the page was logically in PQ_ACTIVE but had not yet
    been physically enqueued (i.e., the page is in a per-CPU batch), we
    would end up clearing PGA_REQUEUE from the page.  Then, batch processing
    would ignore the page, so it would end up unwired and not in any queues.
    This can arise, for example, when a page is allocated and then
    vm_page_activate() is called multiple times in quick succession.  The
    result is that the page is hidden from the page daemon, so while it will
    be freed when its VM object is destroyed, it cannot be reclaimed under
    memory pressure.
    
    Fix the bug: when checking if a page is in PQ_ACTIVE, only perform the
    optimization if the page is physically enqueued.
    
    Approved by:    so
    Security:       FreeBSD-EN-22:23.vm
    PR:             256507
    Fixes:          f3f38e2580f1 ("Start implementing queue state updates using fcmpset loops.")
    Reviewed by:    alc, kib
    Sponsored by:   E-CARD Ltd.
    Sponsored by:   Klara, Inc.
    
    (cherry picked from commit 2c9dc2384f85a4ccc44a79b349f4fb0253a2f254)
    (cherry picked from commit 6094749a1a5dafb8daf98deab23fc968070bc695)
---
 sys/vm/vm_page.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/sys/vm/vm_page.c b/sys/vm/vm_page.c
index 6cdde80bdb8b..d22e2322c572 100644
--- a/sys/vm/vm_page.c
+++ b/sys/vm/vm_page.c
@@ -4112,7 +4112,12 @@ vm_page_mvqueue(vm_page_t m, const uint8_t nqueue, const uint16_t nflag)
 		if (nqueue == PQ_ACTIVE)
 			new.act_count = max(old.act_count, ACT_INIT);
 		if (old.queue == nqueue) {
-			if (nqueue != PQ_ACTIVE)
+			/*
+			 * There is no need to requeue pages already in the
+			 * active queue.
+			 */
+			if (nqueue != PQ_ACTIVE ||
+			    (old.flags & PGA_ENQUEUED) == 0)
 				new.flags |= nflag;
 		} else {
 			new.flags |= nflag;
@@ -4209,7 +4214,8 @@ vm_page_release_toq(vm_page_t m, uint8_t nqueue, const bool noreuse)
 		 * referenced and avoid any queue operations.
 		 */
 		new.flags &= ~PGA_QUEUE_OP_MASK;
-		if (nflag != PGA_REQUEUE_HEAD && old.queue == PQ_ACTIVE)
+		if (nflag != PGA_REQUEUE_HEAD && old.queue == PQ_ACTIVE &&
+		    (old.flags & PGA_ENQUEUED) != 0)
 			new.flags |= PGA_REFERENCED;
 		else {
 			new.flags |= nflag;