On Tue, 16 Nov 2010 19:17:48 +0900 Daisuke Nishimura <nishimura@xxxxxxxxxxxxxxxxx> wrote: > From: Daisuke Nishimura <nishimura@xxxxxxxxxxxxxxxxx> > > __mem_cgroup_try_charge() can be called under down_write(&mmap_sem)(e.g. > mlock does it). This means it can cause deadlock if it races with move charge: > > Ex.1) > move charge | try charge > --------------------------------------+------------------------------ > mem_cgroup_can_attach() | down_write(&mmap_sem) > mc.moving_task = current | .. > mem_cgroup_precharge_mc() | __mem_cgroup_try_charge() > mem_cgroup_count_precharge() | prepare_to_wait() > down_read(&mmap_sem) | if (mc.moving_task) > -> cannot aquire the lock | -> true > | schedule() > > Ex.2) > move charge | try charge > --------------------------------------+------------------------------ > mem_cgroup_can_attach() | > mc.moving_task = current | > mem_cgroup_precharge_mc() | > mem_cgroup_count_precharge() | > down_read(&mmap_sem) | > .. | > up_read(&mmap_sem) | > | down_write(&mmap_sem) > mem_cgroup_move_task() | .. > mem_cgroup_move_charge() | __mem_cgroup_try_charge() > down_read(&mmap_sem) | prepare_to_wait() > -> cannot aquire the lock | if (mc.moving_task) > | -> true > | schedule() > > To avoid this deadlock, we do all the move charge works (both can_attach() and > attach()) under one mmap_sem section. > And after this patch, we set/clear mc.moving_task outside mc.lock, because we > use the lock only to check mc.from/to. > > Signed-off-by: Daisuke Nishimura <nishimura@xxxxxxxxxxxxxxxxx> I put this in the send-to-Linus-in-about-a-week queue. > Cc: <stable@xxxxxxxxxx> The patch doesn't apply well to 2.6.36 so if we do want it backported then please prepare a tested backport for the -stable guys? Thanks. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxxx For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom policy in Canada: sign http://dissolvethecrtc.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a>