From patchwork Thu Jan 25 08:51:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yosry Ahmed X-Patchwork-Id: 13530229 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2A34AC48260 for ; Thu, 25 Jan 2024 08:51:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 592E86B008C; Thu, 25 Jan 2024 03:51:33 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 523586B0093; Thu, 25 Jan 2024 03:51:33 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 394868D000C; Thu, 25 Jan 2024 03:51:33 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 1F38C6B008C for ; Thu, 25 Jan 2024 03:51:33 -0500 (EST) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 940C31C04ED for ; Thu, 25 Jan 2024 08:51:32 +0000 (UTC) X-FDA: 81717214824.21.B522598 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) by imf09.hostedemail.com (Postfix) with ESMTP id E6339140017 for ; Thu, 25 Jan 2024 08:51:30 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=K69MQAD9; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf09.hostedemail.com: domain of 3EiGyZQoKCFEH7BAHt05xwz77z4x.v75416DG-553Etv3.7Az@flex--yosryahmed.bounces.google.com designates 209.85.219.202 as permitted sender) smtp.mailfrom=3EiGyZQoKCFEH7BAHt05xwz77z4x.v75416DG-553Etv3.7Az@flex--yosryahmed.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706172690; a=rsa-sha256; cv=none; b=UtG1MxnPMSG5f0pxlKlYJDhj+Yc4Shqi74JQpbLZHUnu/0uSczmUeKH6JzsURaGECFGlXT 2xZygnsQs/PcpjCYwqJsQgcVFD5GdrIbsDMZnJoKFBnohcWT83HvO1meizihtu8a5tqd88 E9Tihi3NCOO+2DilUe16TtEPPfOv2WM= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=K69MQAD9; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf09.hostedemail.com: domain of 3EiGyZQoKCFEH7BAHt05xwz77z4x.v75416DG-553Etv3.7Az@flex--yosryahmed.bounces.google.com designates 209.85.219.202 as permitted sender) smtp.mailfrom=3EiGyZQoKCFEH7BAHt05xwz77z4x.v75416DG-553Etv3.7Az@flex--yosryahmed.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706172690; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=RohIgLrjWVqbBH18OwPUPby673o+oBFFq7JGaEpXbpE=; b=W8FpHnx7NSjxKxBRpyG2OmirOoX/BbJfaT42eI+QMszV/knsI7XJQYTQibcCLdEUInM5uF lSA4hMvvLnhNx1L9ED+Cw5Mb4RWA2Oj7GoU6GNibFSoR8C4LPrxpoVEvX/aPhfkIXK9gpZ kEmltPK4OiuwfhhPElbyrZEFFePHVpU= Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dc2470bc0bdso8710701276.1 for ; Thu, 25 Jan 2024 00:51:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1706172690; x=1706777490; darn=kvack.org; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=RohIgLrjWVqbBH18OwPUPby673o+oBFFq7JGaEpXbpE=; b=K69MQAD9ib4Sx/1mWI4RzhkNT1gQ9GsP8MNtx/c3nT6WEjmQBZyRUu5lDDc4dsuYiJ 5A0gYvIx2qirsyyAhnkd2Btnz/a1llQ9TgUU747/iyE40OBcHLKf9sTE1dUMfeZHt8qu p7iCR3SEgDBRIzUBljzCjnWAKMKVMx1Gp2kCOWWhEp8FqnLGfHdS3AF7cZB1rq76VZGp I7zPk53YCi/mIsVUUvAhlrVo0HXTAFc2g308NcRZVI9LGrY/j3RZEFdKIb3x1XY0XSqM Xj8M8DtRMvGl6HuOlussqw6pccfHTDeFpb20Ifa12GpIz2EgUXEDhJpscXzLzOPfOaPy b31A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706172690; x=1706777490; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=RohIgLrjWVqbBH18OwPUPby673o+oBFFq7JGaEpXbpE=; b=FE0ow5thuQQLVTI04AO61U58wlfTdx0w29eMIjMjMBztev7p5rDmmhhSfF76qzq5+O J0Io7d5q8SmPaekURzJd39RDwxDo5fwr4Q4DMORxO6SngP7558dPOnPxbDICHNzMnTeG h/mn+jO4phVaj0G0/sy4wyiZ3iDWcqH+CNqlzKwkMpHf95sUKLaOnj1exQb6jShpfcgw fv+QwuotepcdCJCU09zzRY1Z1MuyWxiHMkXhlvDs7OpxrNdlOAQspynnxzLhqkFZSmkq cKE888xVb4vi1MCmvfrXrRzYZw151U7+A18sFefY6Zq71iF+X9OpY83hS3hqKDDxAB6O iyEA== X-Gm-Message-State: AOJu0YwEZ0Gvb53+pUbwTO5R5sahwahlDpFPNfNqHSVEmr9rjoJWHYm2 c+e92WpgvKMMoNiQvfe4MmNw8Uu8evtYlQ6ze0WBDFHf7kgprTVdi5tSNnKOo6jI8sIKUIY3Bm5 pKV0zO1V58l9Zchv4+Q== X-Google-Smtp-Source: AGHT+IG1/Hsqz9ICsfnUgUMjxMtXfDta6xfbiPArXWACl8gSYY8PEXXbSOk7GppsayLhkPPaDAta+w1h4X+ApK3c X-Received: from yosry.c.googlers.com ([fda3:e722:ac3:cc00:20:ed76:c0a8:29b4]) (user=yosryahmed job=sendgmr) by 2002:a05:6902:1b8c:b0:dc2:57c9:b462 with SMTP id ei12-20020a0569021b8c00b00dc257c9b462mr67730ybb.9.1706172690108; Thu, 25 Jan 2024 00:51:30 -0800 (PST) Date: Thu, 25 Jan 2024 08:51:27 +0000 Mime-Version: 1.0 X-Mailer: git-send-email 2.43.0.429.g432eaa2c6b-goog Message-ID: <20240125085127.1327013-1-yosryahmed@google.com> Subject: [PATCH] mm: zswap: fix missing folio cleanup in writeback race path From: Yosry Ahmed To: Andrew Morton Cc: Johannes Weiner , Nhat Pham , Chengming Zhou , Domenico Cerasuolo , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Yosry Ahmed , stable@vger.kernel.org X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: E6339140017 X-Stat-Signature: djeh74ynefukjwnt5bx6w7suexfyueeo X-HE-Tag: 1706172690-394468 X-HE-Meta: U2FsdGVkX1+WEC/ryd2iYDdCl52C8A4cg+DKCNf8vWLKhoJKEybG6YdpDRFLsEGf5OdI9W2mM5hNo6vx5uO/gVFGXS5b9jnoCLr8/kyvMr5q2g3oPNqK/PR/+WRi5RQOnjvaBuA3ASpePOgUopvak7MQWCCq1YElJ4nBTIFRJVeKIwEk6Lapjmr7Exw0TAVYTYYATIih/4LGFo6/ZNRTM9PgE3ZeALGaYe/RJLR6V1nAL9Iwm/esDM0iiRF7SAjs794LnqF+rdYPNBsvkIp9LvSvjP2A4yCpil67ir5ke03Get5tSvfjG1Yz7WDuobP5BofDhjEKKijUgylCvJvr1KLlQiS9NqkxM5XIYc+qYccK4p9AJzv2sgXnh39FTmNlZ2CavDa7PRIol1CKL9stS0FCoFWOfppdbZZOuVLurNFN8RJiMAzRfBTtHcjHBTkWW9PQWGl83AeTAehoePLKa6JOqgw1DGFXGQbrPIxaTHePchYqxHyVsUF32zvO2mCeujuA41tR6zTCGnoLYqLdOfAQ6XUzjdS7zvVA8RR7zkyx5oYQ9DswDoJ/vMGF9kXryzZUs1wP0cFIIzpD2OpcP7eaQdT/rXw6uasH9fA3aDmdBPmzBPFF73hHoRD26wdwHzWN+CJYXkZbG5g1rDw99ANgMT15IHLfJ6lh8YEvAQ3W8y/z8frlUR+IR5VwNqyQAdrkcXxu59f4o0Boq/ml2Ndc+cr+gbXPxKvwG8nGb13NIP34FHdfY6IuM4uvtkMH/yCrc42W07WasRQ3K3GAFuv0FTVfX59x71mhbBQ6R17mIEb6XThcEQ4qmUc+1VBjuD6Gd0Ztk3qqCy6Yj4bSDsRGOugKaCJ9RdP0sCujzwKYVuyyt2wWuxXUDWKzG6p3CCcGpOG5ri8YChS+2bQN5rqN6PAgoB6aveEGf4dvRM4lPaPEzQ+bfXYgE/pEbh9ajLSqUzDdu/bN7PiHkpB X6RuPS1+ 7SPslkIHeBGn2xTRq6uOvUklsh+tAJoJQ06W2yo4Zg8ZJ8j2f7sTcm3dc7WHc9OJGvaRon7SXcUIau9zflzcyW2X+ykiKF5wD73xbzsfYE9rDWXkJlSTzQtNMyvDyyM/1xDhBV1tAJoDGR28Y3zlPtDt9aOlR6FOfz+JixWdo7LbBNohU+N6zKH/NR1HWQbTbdcP6tWGGITmbcV9ZK3ZSdB+LzIE+qVI3DndroGe3+YXdhtRt/uYmgTg6fSNRCjX8Hzsh6F/45S/P/Z85x3KhIL3DIt/DTmo21zFe2HKbe2oxBWmbzibMFLZ5+3pYmVEGHz/URwzKT8sST45aaUyvCgl7UOfnynSlfMYAU74aTKvyrFldzoIOWAmsZVwV6RyO/Nsmo5PMTupaqVksDNbAGewratxL1vGBYArRmHTzevEkjO053+Dy1ty1ay+1ZWeiurGT4u6+nAKZdZF37jh5mf6IeaNh+Qe4/rC4UxhfUWuWe4t4KThoonnyn+JB93PFnqpemlS/MtoU7XgX1SrEayScNxXlQMeDytz/ZkfkzvH1tgn5fqVdpD/lHRmLaAF9EN+bEGLtGGv9ycGHxwI3+eau7DtruCM1DSmOLPyXWOpByEZtjfKDjbgwHFs5iozDO4c/yNr+JLGjiD9gABc2EEQlpi2WK+EAyHjBh2DHygJap4EID816+S8vZP00qomtZat3n9RQLcJrxeQaqEoxAFzrLg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not invalidated and recycled. If it was, we delete the folio we just added to the swap cache and exit. However, __read_swap_cache_async() returns the folio locked when it is newly allocated, which is always true for this path, and the folio is ref'd. Make sure to unlock and put the folio before returning. This was discovered by code inspection, probably because this path handles a race condition that should not happen often, and the bug would not crash the system, it will only strand the folio indefinitely. Fixes: 04fc7816089c ("mm: fix zswap writeback race condition") Cc: stable@vger.kernel.org Signed-off-by: Yosry Ahmed Reviewed-by: Chengming Zhou Acked-by: Johannes Weiner Reviewed-by: Nhat Pham --- mm/zswap.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mm/zswap.c b/mm/zswap.c index 8f4a7efc2bdae..00e90b9b5417d 100644 --- a/mm/zswap.c +++ b/mm/zswap.c @@ -1448,6 +1448,8 @@ static int zswap_writeback_entry(struct zswap_entry *entry, if (zswap_rb_search(&tree->rbroot, swp_offset(entry->swpentry)) != entry) { spin_unlock(&tree->lock); delete_from_swap_cache(folio); + folio_unlock(folio); + folio_put(folio); return -ENOMEM; } spin_unlock(&tree->lock);