On Fri, Jul 19, 2013 at 06:51:11PM +0200, Michal Hocko wrote: > vmpressure is called synchronously from the reclaim where the > target_memcg is guaranteed to be alive but the eventfd is signaled from > the work queue context. This means that memcg (along with vmpressure > structure which is embedded into it) might go away while the work item > is pending which would result in use-after-release bug. > > We have two possible ways how to fix this. Either vmpressure pins memcg > before it schedules vmpr->work and unpin it in vmpressure_work_fn or > explicitely flush the work item from the css_offline context (as > suggested by Tejun). > > This patch implements the later one and it introduces vmpressure_cleanup > which flushes the vmpressure work queue item item. It hooks into > mem_cgroup_css_offline after the memcg itself is cleaned up. > > Reported-by: Tejun Heo <tj@xxxxxxxxxx> > Signed-off-by: Michal Hocko <mhocko@xxxxxxx> Acked-by: Tejun Heo <tj@xxxxxxxxxx> Thanks! -- tejun -- To unsubscribe from this list: send the line "unsubscribe cgroups" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
