Re: scheduling while atomic in z3fold

Mike Galbraith <efault@xxxxxx> · Mon, 07 Dec 2020 03:18:27 +0100



On Mon, 2020-12-07 at 02:05 +0100, Vitaly Wool wrote:
>
> Could you please try the following patch in your setup:

crash> gdb list *z3fold_zpool_free+0x527
0xffffffffc0e14487 is in z3fold_zpool_free (mm/z3fold.c:341).
336                     if (slots->slot[i]) {
337                             is_free = false;
338                             break;
339                     }
340             }
341             write_unlock(&slots->lock);  <== boom
342
343             if (is_free) {
344                     struct z3fold_pool *pool = slots_to_pool(slots);
345
crash> z3fold_buddy_slots -x ffff99a3287b8780
struct z3fold_buddy_slots {
  slot = {0xdeadbeef, 0xdeadbeef, 0xdeadbeef, 0xdeadbeef},
  pool = 0xffff99a3146b8400,
  lock = {
    rtmutex = {
      wait_lock = {
        raw_lock = {
          {
            val = {
              counter = 0x1
            },
            {
              locked = 0x1,
              pending = 0x0
            },
            {
              locked_pending = 0x1,
              tail = 0x0
            }
          }
        }
      },
      waiters = {
        rb_root = {
          rb_node = 0xffff99a3287b8e00
        },
        rb_leftmost = 0x0
      },
      owner = 0xffff99a355c24500,
      save_state = 0x1
    },
    readers = {
      counter = 0x80000000
    }
  }
}

> diff --git a/mm/z3fold.c b/mm/z3fold.c
> index 18feaa0bc537..efe9a012643d 100644
> --- a/mm/z3fold.c
> +++ b/mm/z3fold.c
> @@ -544,12 +544,17 @@ static void __release_z3fold_page(struct z3fold_header *zhdr, bool locked)
>  			break;
>  		}
>  	}
> -	if (!is_free)
> +	if (!is_free) {
>  		set_bit(HANDLES_ORPHANED, &zhdr->slots->pool);
> -	read_unlock(&zhdr->slots->lock);
> -
> -	if (is_free)
> +		read_unlock(&zhdr->slots->lock);
> +	} else {
> +		zhdr->slots->slot[0] =
> +			zhdr->slots->slot[1] =
> +			zhdr->slots->slot[2] =
> +			zhdr->slots->slot[3] = 0xdeadbeef;
> +		read_unlock(&zhdr->slots->lock);
>  		kmem_cache_free(pool->c_handle, zhdr->slots);
> +	}
>
>  	if (locked)
>  		z3fold_page_unlock(zhdr);