From: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
To: Minchan Kim <minchan@kernel.org>
Cc: Junil Lee <junil0814.lee@lge.com>,
Andrew Morton <akpm@linux-foundation.org>,
ngupta@vflare.org, sergey.senozhatsky.work@gmail.com,
linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] zsmalloc: fix migrate_zspage-zs_free race condition
Date: Fri, 15 Jan 2016 12:27:12 +0900 [thread overview]
Message-ID: <20160115032712.GC1993@swordfish> (raw)
In-Reply-To: <20160115023518.GA10843@bbox>
Cc Andrew,
On (01/15/16 11:35), Minchan Kim wrote:
[..]
> > Signed-off-by: Junil Lee <junil0814.lee@lge.com>
> > ---
> > mm/zsmalloc.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c
> > index e7414ce..bb459ef 100644
> > --- a/mm/zsmalloc.c
> > +++ b/mm/zsmalloc.c
> > @@ -1635,6 +1635,7 @@ static int migrate_zspage(struct zs_pool *pool, struct size_class *class,
> > free_obj = obj_malloc(d_page, class, handle);
> > zs_object_copy(free_obj, used_obj, class);
> > index++;
> > + free_obj |= BIT(HANDLE_PIN_BIT);
> > record_obj(handle, free_obj);
>
> I think record_obj should store free_obj to *handle with masking off least bit.
> IOW, how about this?
>
> record_obj(handle, obj)
> {
> *(unsigned long)handle = obj & ~(1<<HANDLE_PIN_BIT);
> }
[just a wild idea]
or zs_free() can take spin_lock(&class->lock) earlier, it cannot free the
object until the class is locked anyway, and migration is happening with
the locked class. extending class->lock scope in zs_free() thus should
not affect the perfomance. so it'll be either zs_free() is touching the
object or the migration, not both.
-ss
WARNING: multiple messages have this Message-ID (diff)
From: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
To: Minchan Kim <minchan@kernel.org>
Cc: Junil Lee <junil0814.lee@lge.com>,
Andrew Morton <akpm@linux-foundation.org>,
ngupta@vflare.org, sergey.senozhatsky.work@gmail.com,
linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] zsmalloc: fix migrate_zspage-zs_free race condition
Date: Fri, 15 Jan 2016 12:27:12 +0900 [thread overview]
Message-ID: <20160115032712.GC1993@swordfish> (raw)
In-Reply-To: <20160115023518.GA10843@bbox>
Cc Andrew,
On (01/15/16 11:35), Minchan Kim wrote:
[..]
> > Signed-off-by: Junil Lee <junil0814.lee@lge.com>
> > ---
> > mm/zsmalloc.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c
> > index e7414ce..bb459ef 100644
> > --- a/mm/zsmalloc.c
> > +++ b/mm/zsmalloc.c
> > @@ -1635,6 +1635,7 @@ static int migrate_zspage(struct zs_pool *pool, struct size_class *class,
> > free_obj = obj_malloc(d_page, class, handle);
> > zs_object_copy(free_obj, used_obj, class);
> > index++;
> > + free_obj |= BIT(HANDLE_PIN_BIT);
> > record_obj(handle, free_obj);
>
> I think record_obj should store free_obj to *handle with masking off least bit.
> IOW, how about this?
>
> record_obj(handle, obj)
> {
> *(unsigned long)handle = obj & ~(1<<HANDLE_PIN_BIT);
> }
[just a wild idea]
or zs_free() can take spin_lock(&class->lock) earlier, it cannot free the
object until the class is locked anyway, and migration is happening with
the locked class. extending class->lock scope in zs_free() thus should
not affect the perfomance. so it'll be either zs_free() is touching the
object or the migration, not both.
-ss
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-01-15 3:26 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-15 0:36 [PATCH] zsmalloc: fix migrate_zspage-zs_free race condition Junil Lee
2016-01-15 0:36 ` Junil Lee
2016-01-15 2:35 ` Minchan Kim
2016-01-15 2:35 ` Minchan Kim
2016-01-15 3:27 ` Sergey Senozhatsky [this message]
2016-01-15 3:27 ` Sergey Senozhatsky
2016-01-15 3:30 ` Sergey Senozhatsky
2016-01-15 3:30 ` Sergey Senozhatsky
2016-01-15 4:49 ` Minchan Kim
2016-01-15 4:49 ` Minchan Kim
2016-01-15 5:07 ` Sergey Senozhatsky
2016-01-15 5:07 ` Sergey Senozhatsky
2016-01-19 15:47 ` Russell Knize
2016-01-20 7:00 ` Minchan Kim
2016-01-20 7:00 ` Minchan Kim
2016-01-20 15:21 ` Russell Knize
2016-01-20 15:21 ` Russell Knize
2016-01-15 5:05 ` Minchan Kim
2016-01-15 5:05 ` Minchan Kim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160115032712.GC1993@swordfish \
--to=sergey.senozhatsky.work@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=junil0814.lee@lge.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=minchan@kernel.org \
--cc=ngupta@vflare.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.