[Devel] [PATCH rh7 2/2] mm: Warn on zero uncharge in memcg_uncharge_kmem()
Kirill Tkhai
ktkhai at virtuozzo.com
Thu May 14 14:06:49 MSK 2020
page_counter_uncharge() must return 0 only on the final uncharge of kmem,
but memcg_uncharge_kmem(0) may bring to use-after-free after it.
WARN to find callers, who charge for 0.
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
mm/memcontrol.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index c3586e8e27ca..010d580f39cc 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -3508,6 +3508,9 @@ void memcg_uncharge_kmem(struct mem_cgroup *memcg,
{
u64 kmem;
+ if (WARN_ON_ONCE(!nr_pages))
+ return;
+
kmem = page_counter_uncharge(&memcg->kmem, nr_pages);
page_counter_uncharge(&memcg->memory, nr_pages);
More information about the Devel
mailing list