Re: (sashiko review) [RFC PATCH v5 03/11] mm/damon/core: introduce failed region quota charge ratio
From: SeongJae Park
Date: Fri Apr 10 2026 - 19:57:43 EST
TL; DR: sashiko asks same question to previous one, which I decided to ignore.
My opinion is not changed.
Forwarding sashiko review in a reply format with my inline
comments below, for details of my view and doing discussions
via mails if needed.
> # review url: https://sashiko.dev/#/patchset/20260410142034.83798-4-sj@xxxxxxxxxx
> # start of sashiko.dev inline review
> commit f672ea44b246c3c6bb3fac52d693ca50e48cbbac
> Author: SeongJae Park <sj@xxxxxxxxxx>
>
> mm/damon/core: introduce failed region quota charge ratio
>
> This commit introduces a DAMON core API for setting the charge ratio for
> action-failed memory. It allows API callers to specify the ratio flexibly by
> setting a numerator and denominator.
>
> > diff --git a/mm/damon/core.c b/mm/damon/core.c
> > index 97b375c720251..cb8f65db0f4b9 100644
> > --- a/mm/damon/core.c
> > +++ b/mm/damon/core.c
> [ ... ]
> > @@ -2041,6 +2043,23 @@ static void damos_walk_cancel(struct damon_ctx *ctx)
> > mutex_unlock(&ctx->walk_control_lock);
> > }
> >
> > +static void damos_charge_quota(struct damos_quota *quota,
> > + unsigned long sz_region, unsigned long sz_applied)
> > +{
> > + /*
> > + * sz_applied could be bigger than sz_region, depending on ops
> > + * implementation of the action, e.g., damos_pa_pageout(). Charge only
> > + * the region size in the case.
> > + */
> > + if (!quota->fail_charge_denom || sz_applied > sz_region)
> > + quota->charged_sz += sz_region;
> > + else
> > + quota->charged_sz += sz_applied + mult_frac(
> > + (sz_region - sz_applied),
> > + quota->fail_charge_num,
> > + quota->fail_charge_denom);
>
> Can the mult_frac() calculation silently overflow on 32-bit architectures?
>
> The sz_region parameter is an unsigned long. On 32-bit architectures, this
> means intermediate calculations in mult_frac() will be bounded to 32 bits.
>
> If a user supplies large values (e.g., fail_charge_num = 1,000,000 and
> fail_charge_denom = 1,000,000), could the remainder multiplication exceed the
> 32-bit ULONG_MAX limit? This could under-charge the quota for failed regions,
> causing the DAMOS scheme to exceed its configured quota limits.
>
> Additionally, can setting the failed region charge ratio to 0 (e.g.,
> fail_charge_num = 0) neutralize the DAMON time quota (ms) and cause kdamond to
> hog the CPU?
>
> If actions consistently fail (e.g., sz_applied == 0), the total_charged_sz
> will remain 0, leading to an estimated throughput of 0. This results in the
> effective size quota (esz) being bounded to min_region_sz.
>
> Since charged_sz remains 0, the check in damos_quota_is_full():
>
> return quota->esz - quota->charged_sz < min_region_sz;
>
> would evaluate to min_region_sz - 0 < min_region_sz, which is never met.
> Does this cause DAMON to bypass the time limit and process the entire target
> address space without stopping?
Same question was asked to the previous version, and my opinion is also still
same. I will keep this as is.
>
> > +}
> > +
>
>
> # end of sashiko.dev inline review
> # review url: https://sashiko.dev/#/patchset/20260410142034.83798-4-sj@xxxxxxxxxx
Thanks,
SJ
# hkml [1] generated a draft of this mail. You can regenerate
# this using below command:
#
# hkml patch sashiko_dev --for_forwarding \
# 20260410142034.83798-4-sj@xxxxxxxxxx
#
# [1] https://github.com/sjp38/hackermail