From patchwork Mon Apr 17 13:08:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergey Senozhatsky X-Patchwork-Id: 13213994 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8064FC77B76 for ; Mon, 17 Apr 2023 13:09:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EC0AA6B0071; Mon, 17 Apr 2023 09:09:17 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E70D06B0072; Mon, 17 Apr 2023 09:09:17 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D39178E0001; Mon, 17 Apr 2023 09:09:17 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id C07606B0071 for ; Mon, 17 Apr 2023 09:09:17 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 717BDA041A for ; Mon, 17 Apr 2023 13:09:17 +0000 (UTC) X-FDA: 80690913954.06.FE35A02 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by imf26.hostedemail.com (Postfix) with ESMTP id 48B7114001E for ; Mon, 17 Apr 2023 13:09:15 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=ShgiHOX6; spf=pass (imf26.hostedemail.com: domain of senozhatsky@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=senozhatsky@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1681736955; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=TfaXwaejuaPvLs95PjZjRu0vpfMClPgPR+OjlDZfyVE=; b=fED9yvLTYJwLfQR9A/WIzePpkY2nbkQJ6BwOYEBtGe27nUUD3NPJTaM2Eb1NnCgvOZzxuu IP51kGlR6hFN9TpOy9mrXNSX279To7Ej41XgarxN+WuWV3qrJTn9b+VAMMGjTF0LwMrScs ytviUJs2cTxvz9q+ctKFpQ6UNOibBUI= ARC-Authentication-Results: i=1; imf26.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=ShgiHOX6; spf=pass (imf26.hostedemail.com: domain of senozhatsky@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=senozhatsky@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1681736955; a=rsa-sha256; cv=none; b=ECrr8yPHXXWD7SYntlzlUAj7PC5yHLCl+r0Po+4KpLO6LpsogOx8Sox1vccy4KJ4ayxlzD 8W8Vgn+R1hzfr9ZK7JfmER2auXcFiY0b7/PgEhaqCjO7i26mqWZ+VHr6DaWED6NHvm8UsR gmRQS4aKfS9iz4Za4VZk2MAXEn3geqE= Received: by mail-pl1-f178.google.com with SMTP id o2so25555174plg.4 for ; Mon, 17 Apr 2023 06:09:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1681736954; x=1684328954; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=TfaXwaejuaPvLs95PjZjRu0vpfMClPgPR+OjlDZfyVE=; b=ShgiHOX6JkpqzZi8O5nlTxhmRvwWybYlaXi2igdR5Y3NZNatwOGe8jXljS3oIP/Fvz THjRGdX1kL+JEtotMNez8DCpGTlwQZC0opRxzAPMXCA8ZdBYnQSdiQQhunusx1w+ZSJh bedAaNbGOf72kSW+byknzdekQiiut2/LN+LUA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681736954; x=1684328954; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TfaXwaejuaPvLs95PjZjRu0vpfMClPgPR+OjlDZfyVE=; b=jvQQjj0TpkXQYWIHa2orus3+Pb8YzSS5qK2Dr4gg4aBP9T1gObTDA9tn2tgIZacOMA 0D7AozXLhq0gbKszWx0NfJz/xeIRAc0WMEg5FDGew45iwncTXoTIVlk/XHlwPR0+Yxul dDDoObxKXuZ+zN3WxcvLJnTxcBthfAlWO5f67npi5y9MAPNxywhPyQgZJmETaCiytHxo TR7RvoGCzk+DAds6d3uG+er9Loe/5Sout3StPOgm2wAN+CaCAkqV0K1aEpSo0zuB5cY8 +N4vkpK/QiVvMHjdJKOPE8ZLy1w3xmsl6VXLBZce079CmtEeCcFciV5EoT9S5konhGa2 d61w== X-Gm-Message-State: AAQBX9d0vRgo3+Y0Gzcu59EZ/+fjlDhXb3QUIBjJpHAFspNUrxCzWISK mrMZqQ6cp3r+OdtrE51udR2bfw== X-Google-Smtp-Source: AKy350akZuhaLdEgU1D3dzx3asXf9NiaaCLcNTa9ASBt7lR290Uc9SPQjCqznmsxLIHGsavpxD6H+w== X-Received: by 2002:a17:90b:390d:b0:247:65cc:c2cf with SMTP id ob13-20020a17090b390d00b0024765ccc2cfmr6720162pjb.19.1681736954247; Mon, 17 Apr 2023 06:09:14 -0700 (PDT) Received: from tigerii.tok.corp.google.com ([2401:fa00:8f:203:97ac:e7c:d412:5251]) by smtp.gmail.com with ESMTPSA id f13-20020a170902684d00b001a0428bd8c4sm7571744pln.289.2023.04.17.06.09.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Apr 2023 06:09:13 -0700 (PDT) From: Sergey Senozhatsky To: Andrew Morton Cc: Yu Zhao , Minchan Kim , Yosry Ahmed , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Sergey Senozhatsky Subject: [PATCH] zsmalloc: reset compaction source zspage pointer after putback_zspage() Date: Mon, 17 Apr 2023 22:08:50 +0900 Message-ID: <20230417130850.1784777-1-senozhatsky@chromium.org> X-Mailer: git-send-email 2.40.0.634.g4ca3ef3211-goog In-Reply-To: <20230304034835.2082479-4-senozhatsky@chromium.org> References: <20230304034835.2082479-4-senozhatsky@chromium.org> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Server: rspam03 X-Stat-Signature: mwudbaxnqf7d5nhwgd5o3rz1ymcdbi6i X-Rspamd-Queue-Id: 48B7114001E X-HE-Tag: 1681736955-32371 X-HE-Meta: U2FsdGVkX1/6xuQFh3Kgh1SrmWZGbObNw+VwSJQsfkTcdqvKc7FRmR6XFacYVKSmnLn4p3zwEfO8LQ6J37BvumwOJ3vXtINTRBTOpXM+BYrrZ622aoxXdt2Sysi/TTfl4bRd9hOOa6kS81y+F0GZCB+BcJu2Blh1NKy/rU8snZM+amt99TeKEvBiuyGnAuIvEJVUzBxQjBSa2NzOd0zWQVrSXUUkG9yMiGmMC+0Z42w7FHcdnmtay4EgTgw90CT08hA0/Jh3omwvanNw8npVXqMdw/cCYrozVFfUfEhDh2gKYhr1MIKNefU82WGKa1l4ltcpGFNqjxjJKtMs6Mgil0v1JOIkJMe3q4PTsRN9deZPtMh7jW920edXWtg2h6G0uyItoa8gWQDAMdinx4fZeQA3Z9QgMzqrMOp+qLPkS3lh0Gc9KwyUMyqryG+Dp8nLzTSyOvk+BJrC1UrDqluWb7Z/+3p8Cj2VbSFlS9OVbjUC4rRrpUafClH5aeVGoPONsAjchluR7EsgH0c5gqNDBk8dJSEDrvmNqnTw/K6hyFXchBrGvvwWTGHYO4p194b8dND555Cq7YLqI+mF3Smxw/9IW38wmAfsYVWpJygyo204IlJ8C6Re0/JbyPs3zoklKlTXhlU5bKlcxz+flhVIbqKV4kxb1UGQuhEsEH0Y3gZYxlLrJaJvV4+cfVRofa40vA0pnTlWTU1zRqreBEFv20/Npync31nasboQ0q8IK9/CsV/lonBTf2ntSE7rIThXOS1gcBAXIigIx3E2PAc3Xj87+0MMczw2fPnXF4/D35WfPbuQsLp76fXvj9Ucz77E5YeNqup7zkWdKKDiLtGyCbkumYMb/TXKAKL5InrNFEJAJdfHe7olgkFKG5PgZ1GP7k0m6H3DZ77ISst7VfEufLDI3IRaicxto5lbH2qPNQObc+oxcWnFYoa9dsvvBBP/RQ8cNfUdvNSDmnffK6w X51JhAqR RBGThmPIzixPeAtuDmSCrwe1Ns0HXtKh3jFPJdnlTZ+/eshZHsxb3hPTbx0xZj2eNhdxYGRfKaCD2ox2plbC4V7tKOe1WFPG5cKrlV+uZOYFOJGOBjoTxIfEwCeVYbZJjWVa26ZPrtEZPNH0hZj92M1tKgb5eibqWfYDtiFAcRqvLbyu+IDpy+vB9SZ5RtJDxRfTragc/mVw0XNAqE6dIiTJhro1qyRDeRqXs5Pie7HlOjo75dXIm3X2mbCHijnA6coJNFNdhgoZqP15zbDGvTZs11YOWRwkMlyrus1XfcY/nq24D3gBuTj6fKrnPz2nBtFjG7wJX4ALbeufDmLzRBI8zmMMPwqXBW4g3xLCAP8ss2fjIDhR9nACWgihaq6TCRyAswSklIIpKGaMC5LRolWm55Bgfx/6aUtYUH1qSZ8ba8uhE9CWfR4mfEyz8FAV0WQ6y3eQDX+t/URki+1pm/viGLILo6D8IfeCLs8gMpiTBk/MgtPPaCDU8Xw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The current implementation of the compaction loop fails to set the source zspage pointer to NULL in all cases, leading to a potential issue where __zs_compact() could use a stale zspage pointer. This pointer could even point to a previously freed zspage, causing unexpected behavior in the putback_zspage() and migrate_write_unlock() functions after returning from the compaction loop. Address the issue by ensuring that the source zspage pointer is always set to NULL when it should be. Fixes: 5a845e9f2d66 ("zsmalloc: rework compaction algorithm") Signed-off-by: Sergey Senozhatsky Reported-by: Yu Zhao Tested-by: Yu Zhao Reviewed-by: Yosry Ahmed --- mm/zsmalloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c index aea50e2aa350..cc81dfba05a0 100644 --- a/mm/zsmalloc.c +++ b/mm/zsmalloc.c @@ -2239,8 +2239,8 @@ static unsigned long __zs_compact(struct zs_pool *pool, if (fg == ZS_INUSE_RATIO_0) { free_zspage(pool, class, src_zspage); pages_freed += class->pages_per_zspage; - src_zspage = NULL; } + src_zspage = NULL; if (get_fullness_group(class, dst_zspage) == ZS_INUSE_RATIO_100 || spin_is_contended(&pool->lock)) {