[RHEL7,COMMIT] mm: Warn on zero uncharge in memcg_uncharge_kmem()

Submitted by Konstantin Khorenko on May 15, 2020, 11:36 a.m.

Details

Message ID 202005151136.04FBa538023142@finist-ce7.sw.ru
State New
Series "Series without cover letter"
Headers show

Commit Message

Konstantin Khorenko May 15, 2020, 11:36 a.m.
The commit is pushed to "branch-rh7-3.10.0-1127.vz7.150.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1127.vz7.150.10
------>
commit fc1363c056f354c9519148234d6aa709a9d3577f
Author: Kirill Tkhai <ktkhai@virtuozzo.com>
Date:   Fri May 15 14:36:05 2020 +0300

    mm: Warn on zero uncharge in memcg_uncharge_kmem()
    
    page_counter_uncharge() must return 0 only on the final uncharge of kmem,
    but memcg_uncharge_kmem(0) may bring to use-after-free after it.
    WARN to find callers, who charge for 0.
    
    Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 mm/memcontrol.c | 3 +++
 1 file changed, 3 insertions(+)

Patch hide | download patch | download mbox

diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index c3586e8e27ca2..010d580f39ccc 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -3508,6 +3508,9 @@  void memcg_uncharge_kmem(struct mem_cgroup *memcg,
 {
 	u64 kmem;
 
+	if (WARN_ON_ONCE(!nr_pages))
+		return;
+
 	kmem = page_counter_uncharge(&memcg->kmem, nr_pages);
 
 	page_counter_uncharge(&memcg->memory, nr_pages);