On Sun, Jun 09, 2019 at 03:10:52PM +0300, Vladimir Davydov wrote: > On Tue, Jun 04, 2019 at 07:44:45PM -0700, Roman Gushchin wrote: > > Johannes noticed that reading the memcg kmem_cache pointer in > > cache_from_memcg_idx() is performed using READ_ONCE() macro, > > which doesn't implement a SMP barrier, which is required > > by the logic. > > > > Add a proper smp_rmb() to be paired with smp_wmb() in > > memcg_create_kmem_cache(). > > > > The same applies to memcg_create_kmem_cache() itself, > > which reads the same value without barriers and READ_ONCE(). > > > > Suggested-by: Johannes Weiner <hannes@xxxxxxxxxxx> > > Signed-off-by: Roman Gushchin <guro@xxxxxx> > > --- > > mm/slab.h | 1 + > > mm/slab_common.c | 3 ++- > > 2 files changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/mm/slab.h b/mm/slab.h > > index 739099af6cbb..1176b61bb8fc 100644 > > --- a/mm/slab.h > > +++ b/mm/slab.h > > @@ -260,6 +260,7 @@ cache_from_memcg_idx(struct kmem_cache *s, int idx) > > * memcg_caches issues a write barrier to match this (see > > * memcg_create_kmem_cache()). > > */ > > + smp_rmb(); > > cachep = READ_ONCE(arr->entries[idx]); > > Hmm, we used to have lockless_dereference() here, but it was replaced > with READ_ONCE some time ago. The commit message claims that READ_ONCE > has an implicit read barrier in it. Thanks for catching this Vladimir. I wasn't aware of this change to the memory model. Indeed, we don't need to change anything here.
