tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

memcg: fix race at move_parent around compound_order()

A fix up mem_cgroup_move_parent() which use compound_order() in
asynchronous manner. This compound_order() may return unknown value
because we don't take lock. Use PageTransHuge() and HPAGE_SIZE instead
of it.

Also clean up for mem_cgroup_move_parent().
- remove unnecessary initialization of local variable.
- rename charge_size -> page_size
- remove unnecessary (wrong) comment.
- added a comment about THP.

Note:
Current design take compound_page_lock() in caller of move_account().
This should be revisited when we implement direct move_task of hugepage
without splitting.

[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Reviewed-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Cc: Balbir Singh <balbir@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by KAMEZAWA Hiroyuki and committed by Linus Torvalds 52dbb905 3d37c4a9

+16 -9
unified split
+16 -9
mm/memcontrol.c
··· 2236 2236 { 2237 2237 int ret = -EINVAL; 2238 2238 unsigned long flags; 2239 - 2239 + /* 2240 + * The page is isolated from LRU. So, collapse function 2241 + * will not handle this page. But page splitting can happen. 2242 + * Do this check under compound_page_lock(). The caller should 2243 + * hold it. 2244 + */ 2240 2245 if ((charge_size > PAGE_SIZE) && !PageTransHuge(pc->page)) 2241 2246 return -EBUSY; 2242 2247 ··· 2273 2268 struct cgroup *cg = child->css.cgroup; 2274 2269 struct cgroup *pcg = cg->parent; 2275 2270 struct mem_cgroup *parent; 2276 - int charge = PAGE_SIZE; 2271 + int page_size = PAGE_SIZE; 2277 2272 unsigned long flags; 2278 2273 int ret; 2279 2274 ··· 2286 2281 goto out; 2287 2282 if (isolate_lru_page(page)) 2288 2283 goto put; 2289 - /* The page is isolated from LRU and we have no race with splitting */ 2290 - charge = PAGE_SIZE << compound_order(page); 2284 + 2285 + if (PageTransHuge(page)) 2286 + page_size = HPAGE_SIZE; 2291 2287 2292 2288 parent = mem_cgroup_from_cont(pcg); 2293 - ret = __mem_cgroup_try_charge(NULL, gfp_mask, &parent, false, charge); 2289 + ret = __mem_cgroup_try_charge(NULL, gfp_mask, 2290 + &parent, false, page_size); 2294 2291 if (ret || !parent) 2295 2292 goto put_back; 2296 2293 2297 - if (charge > PAGE_SIZE) 2294 + if (page_size > PAGE_SIZE) 2298 2295 flags = compound_lock_irqsave(page); 2299 2296 2300 - ret = mem_cgroup_move_account(pc, child, parent, true, charge); 2297 + ret = mem_cgroup_move_account(pc, child, parent, true, page_size); 2301 2298 if (ret) 2302 - mem_cgroup_cancel_charge(parent, charge); 2299 + mem_cgroup_cancel_charge(parent, page_size); 2303 2300 2304 - if (charge > PAGE_SIZE) 2301 + if (page_size > PAGE_SIZE) 2305 2302 compound_unlock_irqrestore(page, flags); 2306 2303 put_back: 2307 2304 putback_lru_page(page);