Fix unregistering memory ranges from UFFD when expanding the balloon#4988
Closed
maggie-lou wants to merge 1 commit intofirecracker-microvm:firecracker-v1.10from
Closed
Fix unregistering memory ranges from UFFD when expanding the balloon#4988maggie-lou wants to merge 1 commit intofirecracker-microvm:firecracker-v1.10from
maggie-lou wants to merge 1 commit intofirecracker-microvm:firecracker-v1.10from
Conversation
This was referenced Jan 10, 2025
roypat
added a commit
to roypat/firecracker
that referenced
this pull request
Jan 30, 2025
When the balloon inflates, and the guest gives us back some pages of memory, we need to free those pages. In booted VMs, we do this with madvise(MADV_DONTNEED), and in restored VMs we do it by MAP_FIXED-ing a new VMA on top of the range-to-free. This is because if guest memory is a MAP_PRIVATE of a memory file, madvise has no effect. However, we also do this MAP_FIXED trick if the snapshot is restored with UFFD. In this case, its not needed (madvise works perfectly fine), and in fact, its wrong: If we map over the memory range, UFFD will not receive Remove events for the specified range. Fix this by only using the mmap trick for file-based restored. Fixes firecracker-microvm#4988 Signed-off-by: Patrick Roy <roypat@amazon.co.uk>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes
When using a UFFD handler to restore a snapshot with a memory balloon, do not mmap anonymous regions over removed addresses.
Reason
We are using a UFFD handler with a memory balloon to track removed which pages were removed in the guest. When an anonymous region is mmapped over the pre-existing one, that region is deregistered from uffd and uffd will no longer receive events for that memory range. (In other words, we would expect UFFD to receive an EVENT_REMOVE for the memory ranges that the balloon has expanded into. However because the memory was remapped, we never receive events for that range.)
Steps to recreate
In this example, when using firecracker v1.10.0, you can see that the UFFD handler never receives any remove events. When using this patched version, the handler will correctly start receiving and handling remove events.
License Acceptance
By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache 2.0 license. For more information on following Developer
Certificate of Origin and signing off your commits, please check
[
CONTRIBUTING.md][3].PR Checklist
tools/devtool checkstyleto verify that the PR passes theautomated style checks.
how they are solving the problem in a clear and encompassing way.
in the PR.
CHANGELOG.md.