On 2024/2/28 12:35, Sergey Senozhatsky wrote: > On (24/02/27 10:04), Andrew Morton wrote: >> The patch titled >> Subject: mm/zsmalloc: don't hold locks of all pages when free_zspage() >> has been added to the -mm mm-unstable branch. Its filename is >> mm-zsmalloc-dont-hold-locks-of-all-pages-when-free_zspage.patch >> >> This patch will shortly appear at >> https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patches/mm-zsmalloc-dont-hold-locks-of-all-pages-when-free_zspage.patch >> >> This patch will later appear in the mm-unstable branch at >> git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm >> >> Before you just go and hit "reply", please: >> a) Consider who else should be cc'ed >> b) Prefer to cc a suitable mailing list as well >> c) Ideally: find the original patch on the mailing list and do a >> reply-to-all to that, adding suitable additional cc's >> >> *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** >> >> The -mm tree is included into linux-next via the mm-everything >> branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm >> and is updated there every 2-3 working days >> >> ------------------------------------------------------ >> From: Chengming Zhou <zhouchengming@xxxxxxxxxxxxx> >> Subject: mm/zsmalloc: don't hold locks of all pages when free_zspage() >> Date: Tue, 27 Feb 2024 03:02:54 +0000 >> >> Patch series "mm/zsmalloc: simplify synchronization between >> zs_page_migrate() and free_zspage()". >> >> free_zspage() has to hold locks of all pages, since zs_page_migrate() path >> rely on this page lock to protect the race between zs_free() and it, so it >> can safely get zspage from page->private. >> >> But this way is not good and simple enough: >> >> 1. Since zs_free() couldn't be sleepable, it can only trylock pages, >> or has to kick_deferred_free() to defer that to a work. >> >> 2. Even in the worker context, async_free_zspage() can't simply >> lock all pages in lock_zspage(), it's still trylock because of >> the race between zs_free() and zs_page_migrate(). Please see >> the commit 2505a981114d ("zsmalloc: fix races between asynchronous >> zspage free and page migration") for details. >> >> Actually, all free_zspage() needs is to get zspage from page safely, we >> can use RCU to achieve it easily. Then free_zspage() don't need to hold >> locks of all pages, so don't need the deferred free mechanism at all. >> This patchset implements it and remove all of deferred free related code. >> >> >> This patch (of 2): >> >> free_zspage() has to hold locks of all pages, since zs_page_migrate() path >> rely on this page lock to protect the race between zs_free() and it, so it >> can safely get zspage from page->private. > > Andrew, please drop this series as it's NULL-deref crashing zsmalloc > (as far as I can tell). Right, will fix it and test thoroughly before sending the next version. Thanks!
