• KAMEZAWA Hiroyuki's avatar
    memcg: fix race in file_mapped accouting flag management · 0c270f8f
    KAMEZAWA Hiroyuki authored
    Presently memory cgroup accounts file-mapped by counter and flag.  counter
    is working in the same way with zone_stat but FileMapped flag only exists
    in memcg (for helping move_account).
    
    This flag can be updated wrongly in a case.  Assume CPU0 and CPU1 and a
    thread mapping a page on CPU0, another thread unmapping it on CPU1.
    
        CPU0                   		CPU1
    				rmv rmap (mapcount 1->0)
       add rmap (mapcount 0->1)
       lock_page_cgroup()
       memcg counter+1		(some delay)
       set MAPPED FLAG.
       unlock_page_cgroup()
    				lock_page_cgroup()
    				memcg counter-1
    				clear MAPPED flag
    
    In the above sequence counter is properly updated but FLAG is not.  This
    means that representing a state by a flag which is maintained by counter
    needs some special care.
    
    To handle this, when clearing a flag, this patch check mapcount directly
    and clear the flag only when mapcount == 0.  (if mapcount >0, someone will
    make it to zero later and flag will be cleared.)
    
    Reverse case, dec-after-inc cannot be a problem because page_table_lock()
    works well for it.  (IOW, to make above sequence, 2 processes should touch
    the same page at once with map/unmap.)
    Signed-off-by: default avatarKAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
    Cc: Balbir Singh <balbir@in.ibm.com>
    Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
    Cc: Greg Thelen <gthelen@google.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    0c270f8f
memcontrol.c 120 KB