on 6/6/2025 9:11 AM, Kemeng Shi wrote: > > > on 6/6/2025 3:57 AM, Andrew Morton wrote: >> On Fri, 6 Jun 2025 06:10:31 +0800 Kemeng Shi <shikemeng@xxxxxxxxxxxxxxx> wrote: >> >>> As noted in the comments, we need to release block usage for swap entry >>> which was replaced with poisoned swap entry. However, no block usage is >>> actually freed by calling shmem_recalc_inode(inode, -nr_pages, -nr_pages). >>> Instead, call shmem_recalc_inode(inode, 0, -nr_pages) can correctly release >>> the block usage. >>> >>> ... >>> >>> --- a/mm/shmem.c >>> +++ b/mm/shmem.c >>> @@ -2145,7 +2145,7 @@ static void shmem_set_folio_swapin_error(struct inode *inode, pgoff_t index, >>> * won't be 0 when inode is released and thus trigger WARN_ON(i_blocks) >>> * in shmem_evict_inode(). >>> */ >>> - shmem_recalc_inode(inode, -nr_pages, -nr_pages); >>> + shmem_recalc_inode(inode, 0, -nr_pages); >>> swap_free_nr(swap, nr_pages); >>> } >> >> Huh, three years ago. What do we think might be the userspace-visible >> runtime effects of this? > This could trigger WARN_ON(i_blocks) in shmem_evict_inode() as i_blocks > is supposed to be dropped in the quota free routine. Besides, the leak of block usage will reduce the available space to user. As the amount of leakage accumulates over time, the available space may eventually be exhausted. >> >>
