From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-io0-f200.google.com (mail-io0-f200.google.com [209.85.223.200]) by kanga.kvack.org (Postfix) with ESMTP id CC5E96B0266 for ; Wed, 25 Jul 2018 02:38:42 -0400 (EDT) Received: by mail-io0-f200.google.com with SMTP id t11-v6so4376208iog.15 for ; Tue, 24 Jul 2018 23:38:42 -0700 (PDT) Received: from mail.wingtech.com (mail.wingtech.com. [180.166.216.14]) by mx.google.com with ESMTPS id d129-v6si2838518itc.67.2018.07.24.23.38.40 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 24 Jul 2018 23:38:41 -0700 (PDT) Date: Wed, 25 Jul 2018 14:37:58 +0800 From: "zhaowuyun@wingtech.com" Subject: [PATCH] [PATCH] mm: disable preemption before swapcache_free Mime-Version: 1.0 Message-ID: <2018072514375722198958@wingtech.com> Content-Type: multipart/alternative; boundary="----=_001_NextPart513000047512_=----" Sender: owner-linux-mm@kvack.org List-ID: To: mgorman , akpm , minchan Cc: vinmenon , mhocko , hannes , "hillf.zj" , linux-mm , linux-kernel This is a multi-part message in MIME format. ------=_001_NextPart513000047512_=---- Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: base64 RnJvbTogemhhb3d1eXVuIDx6aGFvd3V5dW5Ad2luZ3RlY2guY29tPg0KIA0KaXNzdWUgaXMgdGhh dCB0aGVyZSBhcmUgdHdvIHByb2Nlc3NlcyBBIGFuZCBCLCBBIGlzIGt3b3JrZXIvdTE2OjgNCm5v cm1hbCBwcmlvcml0eSwgQiBpcyBBdWRpb1RyYWNrLCBSVCBwcmlvcml0eSwgdGhleSBhcmUgb24g dGhlDQpzYW1lIENQVSAzLg0KIA0KVGhlIHRhc2sgQSBwcmVlbXB0ZWQgYnkgdGFzayBCIGluIHRo ZSBtb21lbnQNCmFmdGVyIF9fZGVsZXRlX2Zyb21fc3dhcF9jYWNoZShwYWdlKSBhbmQgYmVmb3Jl IHN3YXBjYWNoZV9mcmVlKHN3YXApLg0KIA0KVGhlIHRhc2sgQiBkb2VzIF9fcmVhZF9zd2FwX2Nh Y2hlX2FzeW5jIGluIHRoZSBkbyB7fSB3aGlsZSBsb29wLCBpdA0Kd2lsbCBuZXZlciBmaW5kIHRo ZSBwYWdlIGZyb20gc3dhcHBlcl9zcGFjZSBiZWNhdXNlIHRoZSBwYWdlIGlzIHJlbW92ZWQNCmJ5 IHRoZSB0YXNrIEEsIGFuZCBpdCB3aWxsIG5ldmVyIHN1Y2Vzc2Z1bGx5IGluIHN3YXBjYWNoZV9w cmVwYXJlIGJlY2F1c2UNCnRoZSBlbnRyeSBpcyBFRVhJU1QuDQogDQpUaGUgdGFzayBCIHRoZW4g c3R1Y2sgaW4gdGhlIGxvb3AgaW5maW5pdGVseSBiZWNhdXNlIGl0IGlzIGEgUlQgdGFzaywNCm5v IG9uZSBjYW4gcHJlZW1wdCBpdC4NCiANCnNvIG5lZWQgdG8gZGlzYWJsZSBwcmVlbXB0aW9uIHVu dGlsIHRoZSBzd2FwY2FjaGVfZnJlZSBleGVjdXRlZC4NCiANClRBU0sgQToNCj09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQpQcm9jZXNzOiBrd29y a2VyL3UxNjo4LCBjcHU6IDMgcGlkOiAyMDI4OSBzdGFydDogMHhmZmZmZmZjMDM4NWY4ZTAwDQo9 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0KICAg IFRhc2sgbmFtZToga3dvcmtlci91MTY6OCBwaWQ6IDIwMjg5IGNwdTogMyBzdGFydDogZmZmZmZm YzAzODVmOGUwMA0KICAgIHN0YXRlOiAweDAgZXhpdF9zdGF0ZTogMHgwIHN0YWNrIGJhc2U6IDB4 ZmZmZmZmYzAxMmJhMDAwMCBQcmlvOiAxMjANCiAgICBTdGFjazoNCiAgICBbPGZmZmZmZjgwYmNh ODYxYTQ+XSBfX3N3aXRjaF90bysweDkwDQogICAgWzxmZmZmZmY4MGJkODNlZGRjPl0gX19zY2hl ZHVsZSsweDI5Yw0KICAgIFs8ZmZmZmZmODBiZDgzZjYwMD5dIHByZWVtcHRfc2NoZWR1bGVfY29t bW9uKzB4MjQNCiAgICBbPGZmZmZmZjgwYmQ4M2Y2M2M+XSBwcmVlbXB0X3NjaGVkdWxlLnBhcnQu MTY5KzB4MWMNCiAgICBbPGZmZmZmZjgwYmQ4M2Y2NjQ+XSBwcmVlbXB0X3NjaGVkdWxlKzB4MjAN CiAgICBbPGZmZmZmZjgwYmQ4NDM5NmM+XSBfcmF3X3NwaW5fdW5sb2NrX2lycXJlc3RvcmUrMHg0 MA0KICAgIFs8ZmZmZmZmODBiY2JjNDcxMD5dIF9fcmVtb3ZlX21hcHBpbmcrMHgxNzQNCiAgICBb PGZmZmZmZjgwYmNiYzc2OTg+XSBzaHJpbmtfcGFnZV9saXN0KzB4ODk0DQogICAgWzxmZmZmZmY4 MGJjYmM3ZDdjPl0gcmVjbGFpbV9wYWdlc19mcm9tX2xpc3QrMHhjOA0KICAgIFs8ZmZmZmZmODBi Y2M3YjkxMD5dIHJlY2xhaW1fcHRlX3JhbmdlKzB4MTU4DQogICAgWzxmZmZmZmY4MGJjYmY0NWQ0 Pl0gd2Fsa19wZ2RfcmFuZ2UrMHhkNA0KICAgIFs8ZmZmZmZmODBiY2JmNDc2Yz5dIHdhbGtfcGFn ZV9yYW5nZSsweDc0DQogICAgWzxmZmZmZmY4MGJjYzdjZDY0Pl0gcmVjbGFpbV90YXNrX2Fub24r MHhkYw0KICAgIFs8ZmZmZmZmODBiY2MwYTRjND5dIHN3YXBfZm4rMHgxYjgNCiAgICBbPGZmZmZm ZjgwYmNhYzJlODg+XSBwcm9jZXNzX29uZV93b3JrKzB4MTY4DQogICAgWzxmZmZmZmY4MGJjYWMz M2EwPl0gd29ya2VyX3RocmVhZCsweDIyNA0KICAgIFs8ZmZmZmZmODBiY2FjOTg2ND5dIGt0aHJl YWQrMHhlMA0KICAgIFs8ZmZmZmZmODBiY2E4MzZlMD5dIHJldF9mcm9tX2ZvcmsrMHgxMA0KIA0K VEFTSyBCOg0KWzUzNTQ3OC43MjQyNDldIENQVTogMyBQSUQ6IDQ2NDUgQ29tbTogQXVkaW9UcmFj ayBUYWludGVkOiBHRiAgICBVRCBXICBPIDQuOS44Mi1wZXJmKyAjMQ0KWzUzNTQ3OC43MjQzODVd IEhhcmR3YXJlIG5hbWU6IFF1YWxjb21tIFRlY2hub2xvZ2llcywgSW5jLiBTRE00NTAgUE1JNjMy IE1UUCBTMyAoRFQpDQpbNTM1NDc4LjcyNDQ3OV0gdGFzazogZmZmZmZmYzAyNmNlMmEwMCB0YXNr LnN0YWNrOiBmZmZmZmZjMDEyZTE0MDAwDQpbNTM1NDc4LjcyNDUzN10gUEMgaXMgYXQgX19yZWFk X3N3YXBfY2FjaGVfYXN5bmMrMHgxNTQvMHgyNWMNCls1MzU0NzguNzI0NjMwXSBMUiBpcyBhdCBf X3JlYWRfc3dhcF9jYWNoZV9hc3luYysweDljLzB4MjVjDQouLi4NCls1MzU0NzguNzM1NTQ2XSBb PGZmZmZmZjgwYmNiZjk5NzA+XSBfX3JlYWRfc3dhcF9jYWNoZV9hc3luYysweDE1NC8weDI1Yw0K WzUzNTQ3OC43MzU1OTldIFs8ZmZmZmZmODBiY2JmOWE5OD5dIHJlYWRfc3dhcF9jYWNoZV9hc3lu YysweDIwLzB4NTQNCls1MzU0NzguNzM1Njk3XSBbPGZmZmZmZjgwYmNiZjliMjQ+XSBzd2FwaW5f cmVhZGFoZWFkKzB4NTgvMHgyMTgNCls1MzU0NzguNzM1Nzk3XSBbPGZmZmZmZjgwYmNiZTUyNDA+ XSBkb19zd2FwX3BhZ2UrMHgzYzQvMHg0ZDANCls1MzU0NzguNzM1ODUwXSBbPGZmZmZmZjgwYmNi ZTZiZjg+XSBoYW5kbGVfbW1fZmF1bHQrMHgzNjQvMHhiYTQNCls1MzU0NzguNzM1OTQ5XSBbPGZm ZmZmZjgwYmNhOWI1YTg+XSBkb19wYWdlX2ZhdWx0KzB4MmEwLzB4MzhjDQpbNTM1NDc4LjczNjAw M10gWzxmZmZmZmY4MGJjYTliNzljPl0gZG9fdHJhbnNsYXRpb25fZmF1bHQrMHg0MC8weDQ4DQpb NTM1NDc4LjczNjEwMF0gWzxmZmZmZmY4MGJjYTgxMzQwPl0gZG9fbWVtX2Fib3J0KzB4NTAvMHhj OA0KIA0KQ2hhbmdlLUlkOiBJMzZkOWRmN2NjZmY3N2M1ODliNzE1NzIyNTQxMDI2OWM2NzVhODUw NA0KU2lnbmVkLW9mZi1ieTogemhhb3d1eXVuIDx6aGFvd3V5dW5Ad2luZ3RlY2guY29tPg0KLS0t DQptbS92bXNjYW4uYyB8IDkgKysrKysrKysrDQoxIGZpbGUgY2hhbmdlZCwgOSBpbnNlcnRpb25z KCspDQogDQpkaWZmIC0tZ2l0IGEvbW0vdm1zY2FuLmMgYi9tbS92bXNjYW4uYw0KaW5kZXggMjc0 MDk3My4uYWNlZGUwMDIgMTAwNjQ0DQotLS0gYS9tbS92bXNjYW4uYw0KKysrIGIvbW0vdm1zY2Fu LmMNCkBAIC02NzQsNiArNjc0LDEyIEBAIHN0YXRpYyBpbnQgX19yZW1vdmVfbWFwcGluZyhzdHJ1 Y3QgYWRkcmVzc19zcGFjZSAqbWFwcGluZywgc3RydWN0IHBhZ2UgKnBhZ2UsDQpCVUdfT04oIVBh Z2VMb2NrZWQocGFnZSkpOw0KQlVHX09OKG1hcHBpbmcgIT0gcGFnZV9tYXBwaW5nKHBhZ2UpKTsN CisgLyoNCisgKiBwcmVlbXB0aW9uIG11c3QgYmUgZGlzYWJsZWQgdG8gcHJvdGVjdCBjdXJyZW50 IHRhc2sgcHJlZW1wdGVkIGJlZm9yZQ0KKyAqIHN3YXBjYWNoZV9mcmVlKHN3YXApIGludm9rZWQg YnkgdGhlIHRhc2sgd2hpY2ggZG8gdGhlDQorICogX19yZWFkX3N3YXBfY2FjaGVfYXN5bmMgam9i IG9uIHRoZSBzYW1lIHBhZ2UNCisgKi8NCisgcHJlZW1wdF9kaXNhYmxlKCk7DQpzcGluX2xvY2tf aXJxc2F2ZSgmbWFwcGluZy0+dHJlZV9sb2NrLCBmbGFncyk7DQovKg0KKiBUaGUgbm9uIHJhY3kg Y2hlY2sgZm9yIGEgYnVzeSBwYWdlLg0KQEAgLTcxNCw2ICs3MjAsNyBAQCBzdGF0aWMgaW50IF9f cmVtb3ZlX21hcHBpbmcoc3RydWN0IGFkZHJlc3Nfc3BhY2UgKm1hcHBpbmcsIHN0cnVjdCBwYWdl ICpwYWdlLA0KX19kZWxldGVfZnJvbV9zd2FwX2NhY2hlKHBhZ2UpOw0Kc3Bpbl91bmxvY2tfaXJx cmVzdG9yZSgmbWFwcGluZy0+dHJlZV9sb2NrLCBmbGFncyk7DQpzd2FwY2FjaGVfZnJlZShzd2Fw KTsNCisgcHJlZW1wdF9lbmFibGUoKTsNCn0gZWxzZSB7DQp2b2lkICgqZnJlZXBhZ2UpKHN0cnVj dCBwYWdlICopOw0Kdm9pZCAqc2hhZG93ID0gTlVMTDsNCkBAIC03NDAsNiArNzQ3LDcgQEAgc3Rh dGljIGludCBfX3JlbW92ZV9tYXBwaW5nKHN0cnVjdCBhZGRyZXNzX3NwYWNlICptYXBwaW5nLCBz dHJ1Y3QgcGFnZSAqcGFnZSwNCnNoYWRvdyA9IHdvcmtpbmdzZXRfZXZpY3Rpb24obWFwcGluZywg cGFnZSk7DQpfX2RlbGV0ZV9mcm9tX3BhZ2VfY2FjaGUocGFnZSwgc2hhZG93KTsNCnNwaW5fdW5s b2NrX2lycXJlc3RvcmUoJm1hcHBpbmctPnRyZWVfbG9jaywgZmxhZ3MpOw0KKyBwcmVlbXB0X2Vu YWJsZSgpOw0KaWYgKGZyZWVwYWdlICE9IE5VTEwpDQpmcmVlcGFnZShwYWdlKTsNCkBAIC03NDks NiArNzU3LDcgQEAgc3RhdGljIGludCBfX3JlbW92ZV9tYXBwaW5nKHN0cnVjdCBhZGRyZXNzX3Nw YWNlICptYXBwaW5nLCBzdHJ1Y3QgcGFnZSAqcGFnZSwNCmNhbm5vdF9mcmVlOg0Kc3Bpbl91bmxv Y2tfaXJxcmVzdG9yZSgmbWFwcGluZy0+dHJlZV9sb2NrLCBmbGFncyk7DQorIHByZWVtcHRfZW5h YmxlKCk7DQpyZXR1cm4gMDsNCn0NCi0tIA0KMS45LjENCiANCg== ------=_001_NextPart513000047512_=---- Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable =0A
From: zhaowuyun <zhaowu= yun@wingtech.com>
=0A
 
=0A
issue is that= there are two processes A and B, A is kworker/u16:8
=0A
normal p= riority, B is AudioTrack, RT priority, they are on the
=0A
same C= PU 3.
=0A
 
=0A
The task A preempted by task B in t= he moment
=0A
after __delete_from_swap_cache(page) and before swa= pcache_free(swap).
=0A
 
=0A
The task B does __read= _swap_cache_async in the do {} while loop, it
=0A
will never find= the page from swapper_space because the page is removed
=0A
by t= he task A, and it will never sucessfully in swapcache_prepare because=0A
the entry is EEXIST.
=0A
 
=0A
The task B = then stuck in the loop infinitely because it is a RT task,
=0A
no= one can preempt it.
=0A
 
=0A
so need to disable p= reemption until the swapcache_free executed.
=0A
 
=0A<= div>TASK A:
=0A
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=0A
Process: kworker/u16:= 8, cpu: 3 pid: 20289 start: 0xffffffc0385f8e00
=0A
=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D
=0A
    Task name: kworker/u16:8 pid: 20289 cp= u: 3 start: ffffffc0385f8e00
=0A
    state: 0x0 ex= it_state: 0x0 stack base: 0xffffffc012ba0000 Prio: 120
=0A
 =    Stack:
=0A
    [<ffffff80bca861a4&= gt;] __switch_to+0x90
=0A
    [<ffffff80bd83edd= c>] __schedule+0x29c
=0A
    [<ffffff80bd83f= 600>] preempt_schedule_common+0x24
=0A
    [<= ;ffffff80bd83f63c>] preempt_schedule.part.169+0x1c
=0A
 &= nbsp;  [<ffffff80bd83f664>] preempt_schedule+0x20
=0A
=     [<ffffff80bd84396c>] _raw_spin_unlock_irqrestore+= 0x40
=0A
    [<ffffff80bcbc4710>] __remove_m= apping+0x174
=0A
    [<ffffff80bcbc7698>] sh= rink_page_list+0x894
=0A
    [<ffffff80bcbc7d7c= >] reclaim_pages_from_list+0xc8
=0A
    [<ff= ffff80bcc7b910>] reclaim_pte_range+0x158
=0A
   = ; [<ffffff80bcbf45d4>] walk_pgd_range+0xd4
=0A
  =   [<ffffff80bcbf476c>] walk_page_range+0x74
=0A
 =    [<ffffff80bcc7cd64>] reclaim_task_anon+0xdc
=0A    [<ffffff80bcc0a4c4>] swap_fn+0x1b8=0A    [<ffffff80bcac2e88>] process_one_work+0x168=0A
    [<ffffff80bcac33a0>] worker_thread+0x224=
=0A
    [<ffffff80bcac9864>] kthread+0xe0=0A
    [<ffffff80bca836e0>] ret_from_fork+0x= 10
=0A
 
=0A
TASK B:
=0A
[535478.724249] C= PU: 3 PID: 4645 Comm: AudioTrack Tainted: GF    UD W  = O 4.9.82-perf+ #1
=0A
[535478.724385] Hardware name: Qualcomm Tec= hnologies, Inc. SDM450 PMI632 MTP S3 (DT)
=0A
[535478.724479] tas= k: ffffffc026ce2a00 task.stack: ffffffc012e14000
=0A
[535478.7245= 37] PC is at __read_swap_cache_async+0x154/0x25c
=0A
[535478.7246= 30] LR is at __read_swap_cache_async+0x9c/0x25c
=0A
...
=0A<= div>[535478.735546] [<ffffff80bcbf9970>] __read_swap_cache_async+0x1= 54/0x25c
=0A
[535478.735599] [<ffffff80bcbf9a98>] read_swap= _cache_async+0x20/0x54
=0A
[535478.735697] [<ffffff80bcbf9b24&= gt;] swapin_readahead+0x58/0x218
=0A
[535478.735797] [<ffffff8= 0bcbe5240>] do_swap_page+0x3c4/0x4d0
=0A
[535478.735850] [<= ffffff80bcbe6bf8>] handle_mm_fault+0x364/0xba4
=0A
[535478.735= 949] [<ffffff80bca9b5a8>] do_page_fault+0x2a0/0x38c
=0A
[53= 5478.736003] [<ffffff80bca9b79c>] do_translation_fault+0x40/0x48=0A
[535478.736100] [<ffffff80bca81340>] do_mem_abort+0x50/0xc= 8
=0A
 
=0A
Change-Id: I36d9df7ccff77c589b715722541= 0269c675a8504
=0A
Signed-off-by: zhaowuyun <zhaowuyun@wingtech= .com>
=0A
---
=0A
mm/vmscan.c | 9 +++++++++
=0A=
1 file changed, 9 insertions(+)
=0A
 
=0A
dif= f --git a/mm/vmscan.c b/mm/vmscan.c
=0A
index 2740973..acede002 1= 00644
=0A
--- a/mm/vmscan.c
=0A
+++ b/mm/vmscan.c
= =0A
@@ -674,6 +674,12 @@ static int __remove_mapping(struct address_sp= ace *mapping, struct page *page,
=0A
BUG_ON(!PageLocked(page));=
=0A
BUG_ON(mapping !=3D page_mapping(page));
=0A
=0A
+ /*
=0A
+ * preemption must be disabled to protect c= urrent task preempted before
=0A
+ * swapcache_free(swap) invoke= d by the task which do the
=0A
+ * __read_swap_cache_async job o= n the same page
=0A
+ */
=0A
+ preempt_disable();
= =0A
spin_lock_irqsave(&mapping->tree_lock, flags);
=0A /*
=0A
* The non racy check for a busy page.
=0A@@ -714,6 +720,7 @@ static int __remove_mapping(struct address_space *map= ping, struct page *page,
=0A
__delete_from_swap_cache(page);=0A
spin_unlock_irqrestore(&mapping->tree_lock, flags);<= /div>=0A
swapcache_free(swap);
=0A
+ preempt_enable();=0A
} else {
=0A
void (*freepage)(struct page *);=0A
void *shadow =3D NULL;
=0A
@@ -740,6 +747,7 @@ stati= c int __remove_mapping(struct address_space *mapping, struct page *page,=0A
shadow =3D workingset_eviction(mapping, page);
=0A __delete_from_page_cache(page, shadow);
=0A
spin_unlock_i= rqrestore(&mapping->tree_lock, flags);
=0A
+ preempt_enab= le();
=0A
=0A
if (freepage !=3D NULL)
=0A
= freepage(page);
=0A
@@ -749,6 +757,7 @@ static int __remove_m= apping(struct address_space *mapping, struct page *page,
=0A
=0A
cannot_free:
=0A
spin_unlock_irqrestore(&mappin= g->tree_lock, flags);
=0A
+ preempt_enable();
=0A
r= eturn 0;
=0A
}
=0A
=0A
--
=0A
1.9.= 1
=0A
 
=0A
=0A ------=_001_NextPart513000047512_=------