From: Minchan Kim <minchan@kernel.org>
To: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Cc: Junil Lee <junil0814.lee@lge.com>,
Andrew Morton <akpm@linux-foundation.org>,
ngupta@vflare.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] zsmalloc: fix migrate_zspage-zs_free race condition
Date: Fri, 15 Jan 2016 13:49:16 +0900 [thread overview]
Message-ID: <20160115044916.GB11203@bbox> (raw)
In-Reply-To: <20160115032712.GC1993@swordfish>
On Fri, Jan 15, 2016 at 12:27:12PM +0900, Sergey Senozhatsky wrote:
> Cc Andrew,
>
> On (01/15/16 11:35), Minchan Kim wrote:
> [..]
> > > Signed-off-by: Junil Lee <junil0814.lee@lge.com>
> > > ---
> > > mm/zsmalloc.c | 1 +
> > > 1 file changed, 1 insertion(+)
> > >
> > > diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c
> > > index e7414ce..bb459ef 100644
> > > --- a/mm/zsmalloc.c
> > > +++ b/mm/zsmalloc.c
> > > @@ -1635,6 +1635,7 @@ static int migrate_zspage(struct zs_pool *pool, struct size_class *class,
> > > free_obj = obj_malloc(d_page, class, handle);
> > > zs_object_copy(free_obj, used_obj, class);
> > > index++;
> > > + free_obj |= BIT(HANDLE_PIN_BIT);
> > > record_obj(handle, free_obj);
> >
> > I think record_obj should store free_obj to *handle with masking off least bit.
> > IOW, how about this?
> >
> > record_obj(handle, obj)
> > {
> > *(unsigned long)handle = obj & ~(1<<HANDLE_PIN_BIT);
> > }
>
> [just a wild idea]
>
> or zs_free() can take spin_lock(&class->lock) earlier, it cannot free the
Earlier? What do you mean? For getting right class, we should get a stable
handle so we couldn't get class lock first than handle lock.
If I misunderstand, please elaborate a bit.
> object until the class is locked anyway, and migration is happening with
> the locked class. extending class->lock scope in zs_free() thus should
> not affect the perfomance. so it'll be either zs_free() is touching the
> object or the migration, not both.
>
> -ss
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Minchan Kim <minchan@kernel.org>
To: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Cc: Junil Lee <junil0814.lee@lge.com>,
Andrew Morton <akpm@linux-foundation.org>,
ngupta@vflare.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] zsmalloc: fix migrate_zspage-zs_free race condition
Date: Fri, 15 Jan 2016 13:49:16 +0900 [thread overview]
Message-ID: <20160115044916.GB11203@bbox> (raw)
In-Reply-To: <20160115032712.GC1993@swordfish>
On Fri, Jan 15, 2016 at 12:27:12PM +0900, Sergey Senozhatsky wrote:
> Cc Andrew,
>
> On (01/15/16 11:35), Minchan Kim wrote:
> [..]
> > > Signed-off-by: Junil Lee <junil0814.lee@lge.com>
> > > ---
> > > mm/zsmalloc.c | 1 +
> > > 1 file changed, 1 insertion(+)
> > >
> > > diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c
> > > index e7414ce..bb459ef 100644
> > > --- a/mm/zsmalloc.c
> > > +++ b/mm/zsmalloc.c
> > > @@ -1635,6 +1635,7 @@ static int migrate_zspage(struct zs_pool *pool, struct size_class *class,
> > > free_obj = obj_malloc(d_page, class, handle);
> > > zs_object_copy(free_obj, used_obj, class);
> > > index++;
> > > + free_obj |= BIT(HANDLE_PIN_BIT);
> > > record_obj(handle, free_obj);
> >
> > I think record_obj should store free_obj to *handle with masking off least bit.
> > IOW, how about this?
> >
> > record_obj(handle, obj)
> > {
> > *(unsigned long)handle = obj & ~(1<<HANDLE_PIN_BIT);
> > }
>
> [just a wild idea]
>
> or zs_free() can take spin_lock(&class->lock) earlier, it cannot free the
Earlier? What do you mean? For getting right class, we should get a stable
handle so we couldn't get class lock first than handle lock.
If I misunderstand, please elaborate a bit.
> object until the class is locked anyway, and migration is happening with
> the locked class. extending class->lock scope in zs_free() thus should
> not affect the perfomance. so it'll be either zs_free() is touching the
> object or the migration, not both.
>
> -ss
next prev parent reply other threads:[~2016-01-15 4:47 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-15 0:36 [PATCH] zsmalloc: fix migrate_zspage-zs_free race condition Junil Lee
2016-01-15 0:36 ` Junil Lee
2016-01-15 2:35 ` Minchan Kim
2016-01-15 2:35 ` Minchan Kim
2016-01-15 3:27 ` Sergey Senozhatsky
2016-01-15 3:27 ` Sergey Senozhatsky
2016-01-15 3:30 ` Sergey Senozhatsky
2016-01-15 3:30 ` Sergey Senozhatsky
2016-01-15 4:49 ` Minchan Kim [this message]
2016-01-15 4:49 ` Minchan Kim
2016-01-15 5:07 ` Sergey Senozhatsky
2016-01-15 5:07 ` Sergey Senozhatsky
2016-01-19 15:47 ` Russell Knize
2016-01-20 7:00 ` Minchan Kim
2016-01-20 7:00 ` Minchan Kim
2016-01-20 15:21 ` Russell Knize
2016-01-20 15:21 ` Russell Knize
2016-01-15 5:05 ` Minchan Kim
2016-01-15 5:05 ` Minchan Kim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160115044916.GB11203@bbox \
--to=minchan@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=junil0814.lee@lge.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=ngupta@vflare.org \
--cc=sergey.senozhatsky.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.