On Mon, Aug 03, 2020 at 11:00:33AM +0200, Michal Hocko wrote: > On Tue 23-06-20 10:40:23, Roman Gushchin wrote: > > @@ -5456,7 +5460,10 @@ static int mem_cgroup_move_account(struct page *page, > > */ > > smp_mb(); > > > > - page->mem_cgroup = to; /* caller should have done css_get */ > > + css_get(&to->css); > > + css_put(&from->css); > > + > > + page->mem_cgroup = to; > > > > __unlock_page_memcg(from); > > What prevents from memcg to be released here? ->attach_task() and kill_css() are exclusive through the cgroup_mutex, so the base ref cannot disappear from under us during this operation.
