[PATCH] mm/damon/sysfs: preventing duplicated list_add_tail() at the damon_call()

[JaeJoon Jung <rgbi3307@gmail.com>]

 cd /sys/kernel/mm/damon/admin
 echo "off" > kdamonds/0/state

 echo "commit" > kdamonds/0/state
 echo "commit" > kdamonds/0/state

If you repeat "commit" twice with the kdamonds/0/state set to "off"
with the above command, list_add corruption error occurs as follows:

4-page vmalloc region starting at 0xffffffc600a38000 allocated at
kernel_clone+0x44/0x41e
------------[ cut here ]------------
list_add corruption. prev->next should be next (ffffffd6c7c5a6a8),
         but was ffffffc600a3bcc8. (prev=ffffffc600a3bcc8).
WARNING: lib/list_debug.c:32 at __list_add_valid_or_report+
0xd8/0xe2, CPU#0: bash/466
Modules linked in: dwmac_starfive stmmac_platform stmmac pcs_xpcs phylink
CPU: 0 UID: 0 PID: 466 Comm: bash Tainted: G W 6.19.0-rc2+ #1 PREEMPTLAZY
Tainted: [W]=WARN
Hardware name: StarFive VisionFive 2 v1.3B (DT)
 epc : __list_add_valid_or_report+0xd8/0xe2
 ra : __list_add_valid_or_report+0xd8/0xe2
 epc : ffffffff80540bce ra : ffffffff80540bce sp : ffffffc600a3bc00
 gp : ffffffff81caec40 tp : ffffffd6c036f080 t0 : 0000000000000000
 t1 : 0000000000006000 t2 : 0000000000000002 s0 : ffffffc600a3bc30
 s1 : ffffffc600a3bcc8 a0 : ffffffd6fbf49a40 a1 : ffffffd6c036f080
 a2 : 0000000000000000 a3 : 0000000000000001 a4 : 0000000000000000
 a5 : 0000000000000000 a6 : 0000000020000000 a7 : 0000000000000001
 s2 : ffffffd6c7c5a6a8 s3 : ffffffc600a3bcc8 s4 : ffffffc600a3bcc8
 s5 : ffffffd6c7c5a6b8 s6 : ffffffd6c7c5a6a8 s7 : 0000003ff3f32794
 s8 : 0000002ab38c9118 s9 : 0000000000000065 s10: 0000003f823a5cb8
 s11: 0000003f823264e8 t3 : 0000000000000001 t4 : 0000000000000000
 t5 : 00000000fa83b2da t6 : 000000000051df90
status: 0000000200000120 badaddr: 0000000000000000 cause: 0000000000000003
[<ffffffff80540bce>] __list_add_valid_or_report+0xd8/0xe2
[<ffffffff80255c86>] damon_call+0x52/0xe8
[<ffffffff8025c9a8>] damon_sysfs_damon_call+0x60/0x8a
[<ffffffff8025daf4>] state_store+0xfc/0x294
[<ffffffff80dbf1fa>] kobj_attr_store+0xe/0x1a
[<ffffffff802f070c>] sysfs_kf_write+0x42/0x56
[<ffffffff802eef4e>] kernfs_fop_write_iter+0xf4/0x178
[<ffffffff8026545c>] vfs_write+0x1b6/0x3b2
[<ffffffff80265782>] ksys_write+0x52/0xbc
[<ffffffff80265800>] __riscv_sys_write+0x14/0x1c
[<ffffffff80ddf124>] do_trap_ecall_u+0x19c/0x26e
[<ffffffff80deaa38>] handle_exception+0x150/0x15c
---[ end trace 0000000000000000 ]---
-bash: echo: write error: Invalid argument

The cause of the above error is that list_add_tail() is executed
repeatedly while executing damon_call(ctx, control)
in damon_sysfs_damon_call().  The execution flow is summarized below:

damon_sysfs_damon_call()
        --> damon_call(ctx, control)
                list_add_tail(control, ctx->call_contols);
                        --> /* list_add corruption error */
                if (!damon_is_running)
                        return -EINVAL;

If you execute damon_call() when damon_sysfs_kdamond_running() is true,
you can prevent the error of duplicate execution of list_add_tail().

Signed-off-by: JaeJoon Jung <rgbi3307@gmail.com>
---
 mm/damon/sysfs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mm/damon/sysfs.c b/mm/damon/sysfs.c
index e2bd2d7becdd..835703c65c12 100644
--- a/mm/damon/sysfs.c
+++ b/mm/damon/sysfs.c
@@ -1686,7 +1686,7 @@ static int damon_sysfs_damon_call(int (*fn)(void *data),
 	struct damon_call_control call_control = {};
 	int err;

-	if (!kdamond->damon_ctx)
+	if (!damon_sysfs_kdamond_running(kdamond))
 		return -EINVAL;
 	call_control.fn = fn;
 	call_control.data = kdamond;
--
2.43.0