* [PATCH] memcg: avoid accessing memcg after releasing reference
@ 2013-04-01 2:39 Li Zefan
[not found] ` <5158F344.9020509-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
0 siblings, 1 reply; 3+ messages in thread
From: Li Zefan @ 2013-04-01 2:39 UTC (permalink / raw)
To: Glauber Costa
Cc: Michal Hocko, KAMEZAWA Hiroyuki, Johannes Weiner, LKML, Cgroups,
linux-mm-Bw31MaZKKs3YtjvyW6yDsg, Andrew Morton
This might cause use-after-free bug.
Signed-off-by: Li Zefan <lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
---
found when reading the code.
---
mm/memcontrol.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 8ec501c..6391046 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -3186,12 +3186,12 @@ void memcg_release_cache(struct kmem_cache *s)
root = s->memcg_params->root_cache;
root->memcg_params->memcg_caches[id] = NULL;
- mem_cgroup_put(memcg);
mutex_lock(&memcg->slab_caches_mutex);
list_del(&s->memcg_params->list);
mutex_unlock(&memcg->slab_caches_mutex);
+ mem_cgroup_put(memcg);
out:
kfree(s->memcg_params);
}
--
1.8.0.2
^ permalink raw reply related [flat|nested] 3+ messages in thread[parent not found: <5158F344.9020509-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>]
* Re: [PATCH] memcg: avoid accessing memcg after releasing reference [not found] ` <5158F344.9020509-hv44wF8Li93QT0dZR+AlfA@public.gmane.org> @ 2013-04-01 5:05 ` Kamezawa Hiroyuki 2013-04-01 9:39 ` Michal Hocko 1 sibling, 0 replies; 3+ messages in thread From: Kamezawa Hiroyuki @ 2013-04-01 5:05 UTC (permalink / raw) To: Li Zefan Cc: Glauber Costa, Michal Hocko, Johannes Weiner, LKML, Cgroups, linux-mm-Bw31MaZKKs3YtjvyW6yDsg, Andrew Morton (2013/04/01 11:39), Li Zefan wrote: > This might cause use-after-free bug. > > Signed-off-by: Li Zefan <lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org> Thank you. Acked-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org> ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] memcg: avoid accessing memcg after releasing reference [not found] ` <5158F344.9020509-hv44wF8Li93QT0dZR+AlfA@public.gmane.org> 2013-04-01 5:05 ` Kamezawa Hiroyuki @ 2013-04-01 9:39 ` Michal Hocko 1 sibling, 0 replies; 3+ messages in thread From: Michal Hocko @ 2013-04-01 9:39 UTC (permalink / raw) To: Li Zefan Cc: Glauber Costa, KAMEZAWA Hiroyuki, Johannes Weiner, LKML, Cgroups, linux-mm-Bw31MaZKKs3YtjvyW6yDsg, Andrew Morton On Mon 01-04-13 10:39:00, Li Zefan wrote: > This might cause use-after-free bug. > > Signed-off-by: Li Zefan <lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org> Acked-by: Michal Hocko <mhocko-AlSwsSmVLrQ@public.gmane.org> > --- > > found when reading the code. > > --- > mm/memcontrol.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/mm/memcontrol.c b/mm/memcontrol.c > index 8ec501c..6391046 100644 > --- a/mm/memcontrol.c > +++ b/mm/memcontrol.c > @@ -3186,12 +3186,12 @@ void memcg_release_cache(struct kmem_cache *s) > > root = s->memcg_params->root_cache; > root->memcg_params->memcg_caches[id] = NULL; > - mem_cgroup_put(memcg); > > mutex_lock(&memcg->slab_caches_mutex); > list_del(&s->memcg_params->list); > mutex_unlock(&memcg->slab_caches_mutex); > > + mem_cgroup_put(memcg); > out: > kfree(s->memcg_params); > } > -- > 1.8.0.2 -- Michal Hocko SUSE Labs ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-04-01 9:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-01 2:39 [PATCH] memcg: avoid accessing memcg after releasing reference Li Zefan
[not found] ` <5158F344.9020509-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2013-04-01 5:05 ` Kamezawa Hiroyuki
2013-04-01 9:39 ` Michal Hocko
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox