From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from psmtp.com (na3sys010amx189.postini.com [74.125.245.189]) by kanga.kvack.org (Postfix) with SMTP id 249F56B0032 for ; Mon, 9 Sep 2013 12:29:14 -0400 (EDT) Received: from /spool/local by e37.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 9 Sep 2013 10:29:13 -0600 Received: from d03relay01.boulder.ibm.com (d03relay01.boulder.ibm.com [9.17.195.226]) by d03dlp02.boulder.ibm.com (Postfix) with ESMTP id 7B6423E40042 for ; Mon, 9 Sep 2013 10:28:40 -0600 (MDT) Received: from d03av04.boulder.ibm.com (d03av04.boulder.ibm.com [9.17.195.170]) by d03relay01.boulder.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id r89GSNWZ260482 for ; Mon, 9 Sep 2013 10:28:24 -0600 Received: from d03av04.boulder.ibm.com (loopback [127.0.0.1]) by d03av04.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id r89GSNeC026028 for ; Mon, 9 Sep 2013 10:28:23 -0600 Date: Mon, 9 Sep 2013 11:28:15 -0500 From: Seth Jennings Subject: Re: [PATCH v2 2/4] mm/zswap: bugfix: memory leak when invalidate and reclaim occur concurrently Message-ID: <20130909162815.GA4701@variantweb.net> References: <000801ceaac0$8d1f6210$a75e2630$%yang@samsung.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000801ceaac0$8d1f6210$a75e2630$%yang@samsung.com> Sender: owner-linux-mm@kvack.org List-ID: To: Weijie Yang Cc: minchan@kernel.org, bob.liu@oracle.com, weijie.yang.kh@gmail.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org On Fri, Sep 06, 2013 at 01:16:45PM +0800, Weijie Yang wrote: > Consider the following scenario: > thread 0: reclaim entry x (get refcount, but not call zswap_get_swap_cache_page) > thread 1: call zswap_frontswap_invalidate_page to invalidate entry x. > finished, entry x and its zbud is not freed as its refcount != 0 > now, the swap_map[x] = 0 > thread 0: now call zswap_get_swap_cache_page > swapcache_prepare return -ENOENT because entry x is not used any more > zswap_get_swap_cache_page return ZSWAP_SWAPCACHE_NOMEM > zswap_writeback_entry do nothing except put refcount > Now, the memory of zswap_entry x and its zpage leak. > > Modify: > - check the refcount in fail path, free memory if it is not referenced. > - use ZSWAP_SWAPCACHE_FAIL instead of ZSWAP_SWAPCACHE_NOMEM as the fail path > can be not only caused by nomem but also by invalidate. > > Signed-off-by: Weijie Yang Thanks! Acked-by: Seth Jennings Seth -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org