[PATCH 3/3] mm: memcontrol: add sanity checks for memcg->id.ref on get/put
From: Vladimir Davydov
Date: Mon Aug 01 2016 - 22:11:40 EST
Signed-off-by: Vladimir Davydov <vdavydov@xxxxxxxxxxxxx>
---
mm/memcontrol.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 58c229071fb1..cf7fb63860e5 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -4032,18 +4032,22 @@ static DEFINE_IDR(mem_cgroup_idr);
static void mem_cgroup_id_get_many(struct mem_cgroup *memcg, unsigned int n)
{
+ VM_BUG_ON(atomic_read(&memcg->id.ref) <= 0);
atomic_add(n, &memcg->id.ref);
}
static struct mem_cgroup *mem_cgroup_id_get_active(struct mem_cgroup *memcg)
{
- while (!atomic_inc_not_zero(&memcg->id.ref))
+ while (!atomic_inc_not_zero(&memcg->id.ref)) {
+ VM_BUG_ON(mem_cgroup_is_root(memcg));
memcg = parent_mem_cgroup(memcg);
+ }
return memcg;
}
static void mem_cgroup_id_put_many(struct mem_cgroup *memcg, unsigned int n)
{
+ VM_BUG_ON(atomic_read(&memcg->id.ref) < n);
if (atomic_sub_and_test(n, &memcg->id.ref)) {
idr_remove(&mem_cgroup_idr, memcg->id.id);
memcg->id.id = 0;
@@ -4164,6 +4168,7 @@ static struct mem_cgroup *mem_cgroup_alloc(void)
INIT_LIST_HEAD(&memcg->cgwb_list);
#endif
idr_replace(&mem_cgroup_idr, memcg, memcg->id.id);
+ atomic_set(&memcg->id.ref, 1);
return memcg;
fail:
if (memcg->id.id > 0)
@@ -4233,7 +4238,6 @@ fail:
static int mem_cgroup_css_online(struct cgroup_subsys_state *css)
{
/* Online state pins memcg ID, memcg ID pins CSS */
- mem_cgroup_id_get(mem_cgroup_from_css(css));
css_get(css);
return 0;
}
--
2.1.4