On Tue, Jan 29, 2019 at 06:43:53PM +0800, Joseph Qi wrote:
> Hi,
>
> On 19/1/29 16:53, Aaron Lu wrote:
> > On 2019/1/29 15:21, Jiufei Xue wrote:
> >> Trinity reports BUG:
> >>
> >> sleeping function called from invalid context at mm/vmalloc.c:1477
> >> in_atomic(): 1, irqs_disabled(): 0, pid: 12269, name: trinity-c1
> >>
> >> [ 2748.573460] Call Trace:
> >> [ 2748.575935] dump_stack+0x91/0xeb
> >> [ 2748.578512] ___might_sleep+0x21c/0x250
> >> [ 2748.581090] remove_vm_area+0x1d/0x90
> >> [ 2748.583637] __vunmap+0x76/0x100
> >> [ 2748.586120] __se_sys_swapon+0xb9a/0x1220
> >> [ 2748.598973] do_syscall_64+0x60/0x210
> >> [ 2748.601439] entry_SYSCALL_64_after_hwframe+0x49/0xbe
> >>
> >> This is triggered by calling kvfree() inside spinlock() section in
> >> function alloc_swap_info().
> >> Fix this by moving the kvfree() after spin_unlock().
> >
> > The fix looks good to me.
> >
> > BTW, swap_info_struct's size has been reduced to its original size:
> > 272 bytes by commit 66f71da9dd38("mm/swap: use nr_node_ids for
> > avail_lists in swap_info_struct"). I didn't use back kzalloc/kfree
> > in that commit since I don't see any any harm by keep using
> > kvzalloc/kvfree, but now looks like they're causing some trouble.
> >
> > So what about using back kzalloc/kfree for swap_info_struct instead?
> > Can save one local variable and using kvzalloc/kvfree for a struct
> > that is 272 bytes doesn't really have any benefit.
> >
> avail_lists in swap_info_struct is dynamic allocated.
> So if we use back kzalloc/kfree, how to deal with the case that
> nr_node_ids is big?
Oh right, I missed that.
Acked-by: Aaron Lu <aaron.lu@xxxxxxxxxxxxxxxxx>
Thanks,
Aaron
> >>
> >> Fixes: 873d7bcfd066 ("mm/swapfile.c: use kvzalloc for swap_info_struct allocation")
> >> Cc: <stable@xxxxxxxxxxxxxxx>
> >> Reviewed-by: Joseph Qi <joseph.qi@xxxxxxxxxxxxxxxxx>
> >> Signed-off-by: Jiufei Xue <jiufei.xue@xxxxxxxxxxxxxxxxx>
> >> ---
> >> mm/swapfile.c | 6 ++++--
> >> 1 file changed, 4 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/mm/swapfile.c b/mm/swapfile.c
> >> index dbac1d49469d..d26c9eac3d64 100644
> >> --- a/mm/swapfile.c
> >> +++ b/mm/swapfile.c
> >> @@ -2810,7 +2810,7 @@ late_initcall(max_swapfiles_check);
> >>
> >> static struct swap_info_struct *alloc_swap_info(void)
> >> {
> >> - struct swap_info_struct *p;
> >> + struct swap_info_struct *p, *tmp = NULL;
> >> unsigned int type;
> >> int i;
> >> int size = sizeof(*p) + nr_node_ids * sizeof(struct plist_node);
> >> @@ -2840,7 +2840,7 @@ static struct swap_info_struct *alloc_swap_info(void)
> >> smp_wmb();
> >> nr_swapfiles++;
> >> } else {
> >> - kvfree(p);
> >> + tmp = p;
> >> p = swap_info[type];
> >> /*
> >> * Do not memset this entry: a racing procfs swap_next()
> >> @@ -2853,6 +2853,8 @@ static struct swap_info_struct *alloc_swap_info(void)
> >> plist_node_init(&p->avail_lists[i], 0);
> >> p->flags = SWP_USED;
> >> spin_unlock(&swap_lock);
> >> + kvfree(tmp);
> >> +
> >> spin_lock_init(&p->lock);
> >> spin_lock_init(&p->cont_lock);
> >>
> >>
