From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9155AC47258 for ; Thu, 25 Jan 2024 08:54:43 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 213508D001F; Thu, 25 Jan 2024 03:54:43 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 1C3908D000C; Thu, 25 Jan 2024 03:54:43 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 061BD8D001F; Thu, 25 Jan 2024 03:54:42 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id E76598D000C for ; Thu, 25 Jan 2024 03:54:42 -0500 (EST) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id C79041A0285 for ; Thu, 25 Jan 2024 08:54:42 +0000 (UTC) X-FDA: 81717222804.07.AD1517A Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by imf11.hostedemail.com (Postfix) with ESMTP id 1B9344000A for ; Thu, 25 Jan 2024 08:54:40 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=bytedance.com header.s=google header.b=EqNxDn3g; dmarc=pass (policy=quarantine) header.from=bytedance.com; spf=pass (imf11.hostedemail.com: domain of zhouchengming@bytedance.com designates 209.85.214.173 as permitted sender) smtp.mailfrom=zhouchengming@bytedance.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706172881; a=rsa-sha256; cv=none; b=b9foxkKY28p/kDeRpIRqEzaKt8rMPYv9+XqiLhpETHFFFxaoA7LBHo/hjx9gYWCuG6HLrg 9dJuf9vMXAVGn5pwJP6wzyFPWEstb5iCPqVKdBBLutY99EAl60QZ7lgmBMsQoNyWQp2bXQ l+ZMRB1z9CDPMNZ4PBrd5BvAuboJzQ0= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=bytedance.com header.s=google header.b=EqNxDn3g; dmarc=pass (policy=quarantine) header.from=bytedance.com; spf=pass (imf11.hostedemail.com: domain of zhouchengming@bytedance.com designates 209.85.214.173 as permitted sender) smtp.mailfrom=zhouchengming@bytedance.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706172881; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=xnkZERa8Q5xoGtJvJZat5iyOg0P3QANDIW4NDNOE4l0=; b=WMB4P/8zBipWcqX6SZLK+V/Tcxgxvo7t9Wte9SM6BqCr/2p9V7y8DTafg+ICcLC8Y9FmG2 iPL/x8PZPngGqneIcNsVXy8p7G/hJsio2h5ReH8yLvzX94cSZsMPUA+3/v84+D87L8S7Cs VGKn0X04BsJMAVNFdudPkQB9/RBvlcw= Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-1d7881b1843so10733525ad.3 for ; Thu, 25 Jan 2024 00:54:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance.com; s=google; t=1706172879; x=1706777679; darn=kvack.org; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=xnkZERa8Q5xoGtJvJZat5iyOg0P3QANDIW4NDNOE4l0=; b=EqNxDn3gYxtJiWnA64Ul9WRxPpmvCNpsEFeI1YT2HCSfLPsrh/Dvk2U054Pex2ICPI DyYHbyQMjo4AN65dhCJ0lq27eM25HdNKZOzp1d1Am28RKZvSQFYEqcvLZxyjuY6MZ1Fl 0AUFcf8WEsuFnemfO9QMn83RFwWSQA3MXSJwWdsiQ5sez4888Ph32lZP6/e+ECx7UUkA v3wAZ70jf1F1NjNX3rFPYrt85Fb4RBY9CGvuCnNTIMhvasVgS7Yk/l7HMh398JMRXIne qLB+/+P+z9lyEYtvyD4LVYxDPJogAWI7x0o3F/BSBph45Z78EaLC8KjX0O2EWiGM1qu3 4Qzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706172879; x=1706777679; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=xnkZERa8Q5xoGtJvJZat5iyOg0P3QANDIW4NDNOE4l0=; b=f6Qm9l84S+cKzinXtTPz7Ni3wQL64Pn1EDc3eQ/hBm02wneOWoFpgg5Lz60waEynJs cQuG4LMLyk2H+vRYbL/pUAapXdtZ3L18DYZ1BLtLAQjo9Q9jLk49kspacauKLcVyd7pH SqtsHW3yqncoCCidm8x19oFD3iit4ygP/iZGkQ4QaGqKWUGpvsiS9OtPIpSmc+P/+1tv o/78gLT4KZEhs5qTRvy7edTu5lqtgNk2YUxun62gZyGlDZgBbiAQam22AwEVk+ajET8o lQL/U+Ouusb69B4d33KJOHQhNMBscQYtWyyzN4WH3daFTns1PwEvwYxz+S5IRVWe63kK 3Cow== X-Gm-Message-State: AOJu0YxwiRhWXi+WLxEw2AjVJQlRzVc7PRf5gdm1R09b4Q0MP8MhERB8 m7msDUl0rwsIq1p7migi8fduKBhJNqbMA9DRKyIibb2l+3zOeBCLYu+8cb1YSGM= X-Google-Smtp-Source: AGHT+IHn4Y+4c7MEgANSirnXzcKFSWT7Z0qo6rSzruiuCcQx6zt1x0dPL/M9TCo9yaJ2tGgQaivEAg== X-Received: by 2002:a17:902:ed44:b0:1d7:199:cfb7 with SMTP id y4-20020a170902ed4400b001d70199cfb7mr715381plb.138.1706172879543; Thu, 25 Jan 2024 00:54:39 -0800 (PST) Received: from [10.4.195.141] ([139.177.225.254]) by smtp.gmail.com with ESMTPSA id y2-20020a1709027c8200b001d7726c4a40sm3615519pll.277.2024.01.25.00.54.36 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 25 Jan 2024 00:54:39 -0800 (PST) Message-ID: <6f81161c-0280-48b6-a7af-038c676a02b3@bytedance.com> Date: Thu, 25 Jan 2024 16:54:33 +0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] mm: zswap: fix missing folio cleanup in writeback race path Content-Language: en-US To: Yosry Ahmed , Andrew Morton Cc: Johannes Weiner , Nhat Pham , Domenico Cerasuolo , linux-mm@kvack.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org References: <20240125085127.1327013-1-yosryahmed@google.com> From: Chengming Zhou In-Reply-To: <20240125085127.1327013-1-yosryahmed@google.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 1B9344000A X-Stat-Signature: ti3dzx3he68qibz81yucmcu3fo4a86wu X-HE-Tag: 1706172880-922987 X-HE-Meta: U2FsdGVkX1/QiHwCs6ghBxld20TtT2nnKPrlwvw9Eh1B/iKbYyLMDju+DOLN4C09Oe+dL2a8fRHDjDOwvBraJLMxyaI8hr3aQUN9LJOoe1OKSmFB0ORhCXRr0kcUaAhllaH+tocYteZH5b94GpL3nkxyLLLGdA//WYp4QdZ5KcQEgNpPz7U/3ZLvkNjUsd9EG52K48ac8jj07z8Rzd9/f3m+PiXSi7GhYFILOLEaod9rsNJFxn1sZ4f6cFj9j/g2Od/e5FKROrn/AKqwcNxcW08le05/EpLXgzSw2z8pAsZzbhVd1RFWf4K8F6fRtqPZH/vapEPPCfGhUb13Q2NSxOV/fPrN7g++LfbTKUyLGiCMbVDuW32Oo05Eo3kjJ2gcj5m8+VBH6uBSxXjLMpwJJZnoa6S5AENrlJR6ivMWSK2LdJybecertdbwmxPfEuy2FVkOfq6x5Xyz/ioOukIsSIHrDaPO43qdMqw3gacYRWRELoNR/TLmgzTVnPm/iA6V8F+2iFH5Us0WLEWQ8siPrm7ONcgGiQwWr4LafKoabWtBrrXd2kmOhDsdiTqIalbqfjreDQ0pNh7ZUWe111hmJbEDIl/KRNUgR2oMjJ04NXYBmmQluOL+St7Ws/pbis+j4QC+D8CRv5H+j0+44jhzj4UqdZJnF+SpC8AgqzCTYzUXc2GhhTuWozBDc/k1g2Y4PasZmOx35I3DC+cRbEAyI0J1CWXsCwNE/5GIp1jOFW+FEHPkrsxFPBchpzk7Xuq+7YcYkOh6r7SZ/Mt3yXZR2FuhGSnWpleUrEItfU/7RKw9zwyzBRhgpkP8R+SpiCSP8zmB6CnAnFO0syBru8GKhNLxZPTeuueT5GU/XMRAfqMemG4DDNL9k863cIAFPsTesVfElKQGVRukslOO/TmBcTZbjjZ5A+kFMw422JZdgGDalgXt82uTu2JQZLl090w2oU1Cc6iz7N/K/MsthXn vxyElwrN LAYpR5QkzcXy/JGvXq66kikkPLxljE5scCyHNbY2O6K7Zvk8F9/BWKWh//SdIYpQpQf15yQrYCfI8mhB+fSmHk7YAGFVUAFu4cuYkByE2mgHH6BmhIX3dDtnyMfnu8PdFwB10 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 2024/1/25 16:51, Yosry Ahmed wrote: > In zswap_writeback_entry(), after we get a folio from > __read_swap_cache_async(), we grab the tree lock again to check that the > swap entry was not invalidated and recycled. If it was, we delete the > folio we just added to the swap cache and exit. > > However, __read_swap_cache_async() returns the folio locked when it is > newly allocated, which is always true for this path, and the folio is > ref'd. Make sure to unlock and put the folio before returning. > > This was discovered by code inspection, probably because this path > handles a race condition that should not happen often, and the bug would > not crash the system, it will only strand the folio indefinitely. > > Fixes: 04fc7816089c ("mm: fix zswap writeback race condition") > Cc: stable@vger.kernel.org > Signed-off-by: Yosry Ahmed LGTM, thanks! Reviewed-by: Chengming Zhou > --- > mm/zswap.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/mm/zswap.c b/mm/zswap.c > index 8f4a7efc2bdae..00e90b9b5417d 100644 > --- a/mm/zswap.c > +++ b/mm/zswap.c > @@ -1448,6 +1448,8 @@ static int zswap_writeback_entry(struct zswap_entry *entry, > if (zswap_rb_search(&tree->rbroot, swp_offset(entry->swpentry)) != entry) { > spin_unlock(&tree->lock); > delete_from_swap_cache(folio); > + folio_unlock(folio); > + folio_put(folio); > return -ENOMEM; > } > spin_unlock(&tree->lock);