Chen Wandun <chenwandun@xxxxxxxxxx> writes: > I analysied the code about swapoff and swapout, and I suspected there may be a race. > The kernel version is 4.14 stable. > > CPU0 CPU1 > swapoff swap out > add_to_swap > get_swap_page > ...... get_swap_pages > spin_lock(&swap_avail_lock) > get swap_info_struct > spin_unlock(&swap_avail_lock) > spin_lock(&swap_avail_lock) > __def_from_avail_list(swap_info_struct) > spin_unlock(&swap_avail_lock) ...... > try_to_unuse // unuse all slot > /* get a free slot from swap_info_struct, > * and write data to slot later > */ > scan_swap_map_slots > free swap_info_struct > ....... > > > If CPU1 get the swap_info_struct first, then CPU0 delete it from list and > unuse all slot in swap_info_struct, before CPU0 free swap_info_struct CPU1 > call scan_swap_map_slots to alloc a free slot. > > I am not sure the analysis above is correct, > Please let me know if there is any mistake SWP_WRITEOK will be cleared during swapoff, and it is checked during swap slots allocation. Best Regards, Huang, Ying > Thanks > ChenWandun
