Re: [PATCH] memcg: don't initialize kmem-cache destroying work for root caches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon,  5 Aug 2013 20:09:40 +0400 Andrey Vagin <avagin@xxxxxxxxxx> wrote:

> struct memcg_cache_params has a union. Different parts of this union
> are used for root and non-root caches. A part with destroying work is
> used only for non-root caches.
> 
> I fixed the same problem in another place v3.9-rc1-16204-gf101a94, but
> didn't notice this one.
> 
> Cc: <stable@xxxxxxxxxxxxxxx>    [3.9.x]

hm, why the cc:stable?

> --- a/mm/memcontrol.c
> +++ b/mm/memcontrol.c
> @@ -3195,11 +3195,11 @@ int memcg_register_cache(struct mem_cgroup *memcg, struct kmem_cache *s,
>  	if (!s->memcg_params)
>  		return -ENOMEM;
>  
> -	INIT_WORK(&s->memcg_params->destroy,
> -			kmem_cache_destroy_work_func);
>  	if (memcg) {
>  		s->memcg_params->memcg = memcg;
>  		s->memcg_params->root_cache = root_cache;
> +		INIT_WORK(&s->memcg_params->destroy,
> +				kmem_cache_destroy_work_func);
>  	} else
>  		s->memcg_params->is_root_cache = true;

So the bug here is that we'll scribble on some entries in
memcg_caches[].  Those scribbles may or may not be within the part of
that array which is actually used.  If there's code which expects
memcg_caches[] entries to be zeroed at initialisation then yes, we have
a problem.

But I rather doubt whether this bug was causing runtime problems?


Presently memcg_register_cache() allocates too much memory for the
memcg_caches[] array.  If that was fixed then this INIT_WORK() might
scribble into unknown memory, which is of course serious.
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]