git.baikalelectronics.ru Git - kernel.git/commit

author	Miaohe Lin <linmiaohe@huawei.com>
	Fri, 29 Apr 2022 06:40:43 +0000 (14:40 +0800)
committer	akpm <akpm@linux-foundation.org>
	Fri, 27 May 2022 16:33:44 +0000 (09:33 -0700)
commit	88ca9f019597f85dacdeca9df1a94be59a595e6b
tree	02723a23b7785dff1502ea3335bd6560fe76dcb0	tree \| snapshot
parent	f2feb7af3f85e64c49bebcfaa8fc6d05e29e6bd5	commit \| diff

mm/z3fold: fix z3fold_reclaim_page races with z3fold_free

Think about the below scenario:

CPU1 CPU2
z3fold_reclaim_page z3fold_free
spin_lock(&pool->lock) get_z3fold_header -- hold page_lock
kref_get_unless_zero
kref_put--zhdr->refcount can be 1 now
!z3fold_page_trylock
  kref_put -- zhdr->refcount is 0 now
   release_z3fold_page
    WARN_ON(!list_empty(&zhdr->buddy)); -- we're on buddy now!
    spin_lock(&pool->lock); -- deadlock here!

z3fold_reclaim_page might race with z3fold_free and will lead to pool lock
deadlock and zhdr buddy non-empty warning.  To fix this, defer getting the
refcount until page_lock is held just like what __z3fold_alloc does.  Note
this has the side effect that we won't break the reclaim if we meet a soon
to be released z3fold page now.

Link: https://lkml.kernel.org/r/20220429064051.61552-9-linmiaohe@huawei.com
Fixes: 594060dd2247 ("z3fold: stricter locking and more careful reclaim")
Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>
Reviewed-by: Vitaly Wool <vitaly.wool@konsulko.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>