The patch titled
Subject: mm: check shrinker is memcg-aware in register_shrinker_prepared()
has been added to the -mm tree. Its filename is
mm-check-shrinker-is-memcg-aware-in-register_shrinker_prepared.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/mm-check-shrinker-is-memcg-aware-in-register_shrinker_prepared.patch
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/mm-check-shrinker-is-memcg-aware-in-register_shrinker_prepared.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
Subject: mm: check shrinker is memcg-aware in register_shrinker_prepared()
There is a sad BUG introduced in patch adding SHRINKER_REGISTERING.
shrinker_idr business is only for memcg-aware shrinkers. Only such type
of shrinkers have id and they must be finaly installed via idr_replace()
in this function. For !memcg-aware shrinkers we never initialize
shrinker->id field.
But there are all types of shrinkers passed to idr_replace(), and every
!memcg-aware shrinker with random ID (most probably, its id is 0) replaces
memcg-aware shrinker pointed by the ID in IDR.
This patch fixes the problem.
Link: http://lkml.kernel.org/r/8ff8a793-8211-713a-4ed9-d6e52390c2fc@xxxxxxxxxxxxx
Fixes: 7e010df53c80 "mm: use special value SHRINKER_REGISTERING instead of list_empty() check"
Signed-off-by: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx>
Reported-by: <syzbot+d5f648a1bfe15678786b@xxxxxxxxxxxxxxxxxxxxxxxxx>
Cc: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
Cc: Johannes Weiner <hannes@xxxxxxxxxxx>
Cc: Josef Bacik <jbacik@xxxxxx>
Cc: Mel Gorman <mgorman@xxxxxxxxxxxxxxxxxxx>
Cc: Michal Hocko <mhocko@xxxxxxxx>
Cc: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
Cc: Shakeel Butt <shakeelb@xxxxxxxxxx>
Cc: <syzkaller-bugs@xxxxxxxxxxxxxxxx>
Cc: Huang Ying <ying.huang@xxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
mm/vmscan.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/mm/vmscan.c~mm-check-shrinker-is-memcg-aware-in-register_shrinker_prepared
+++ a/mm/vmscan.c
@@ -408,7 +408,8 @@ void register_shrinker_prepared(struct s
down_write(&shrinker_rwsem);
list_add_tail(&shrinker->list, &shrinker_list);
#ifdef CONFIG_MEMCG_KMEM
- idr_replace(&shrinker_idr, shrinker, shrinker->id);
+ if (shrinker->flags & SHRINKER_MEMCG_AWARE)
+ idr_replace(&shrinker_idr, shrinker, shrinker->id);
#endif
up_write(&shrinker_rwsem);
}
_
Patches currently in -mm which might be from ktkhai@xxxxxxxxxxxxx are
mm-check-shrinker-is-memcg-aware-in-register_shrinker_prepared.patch
mm-keep-int-fields-in-struct-shrink_control-together.patch
mm-make-flags-of-unsigned-type-in-struct-shrinker.patch
