• Konstantin Khlebnikov's avatar
    mm: correctly synchronize rss-counters at exit/exec · 40af1bbd
    Konstantin Khlebnikov authored
    mm->rss_stat counters have per-task delta: task->rss_stat.  Before
    changing task->mm pointer the kernel must flush this delta with
    sync_mm_rss().
    
    do_exit() already calls sync_mm_rss() to flush the rss-counters before
    committing the rss statistics into task->signal->maxrss, taskstats,
    audit and other stuff.  Unfortunately the kernel does this before
    calling mm_release(), which can call put_user() for processing
    task->clear_child_tid.  So at this point we can trigger page-faults and
    task->rss_stat becomes non-zero again.  As a result mm->rss_stat becomes
    inconsistent and check_mm() will print something like this:
    
    | BUG: Bad rss-counter state mm:ffff88020813c380 idx:1 val:-1
    | BUG: Bad rss-counter state mm:ffff88020813c380 idx:2 val:1
    
    This patch moves sync_mm_rss() into mm_release(), and moves mm_release()
    out of do_exit() and calls it earlier.  After mm_release() there should
    be no pagefaults.
    
    [akpm@linux-foundation.org: tweak comment]
    Signed-off-by: default avatarKonstantin Khlebnikov <khlebnikov@openvz.org>
    Reported-by: default avatarMarkus Trippelsdorf <markus@trippelsdorf.de>
    Cc: Hugh Dickins <hughd@google.com>
    Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
    Cc: Oleg Nesterov <oleg@redhat.com>
    Cc: <stable@vger.kernel.org>		[3.4.x]
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    40af1bbd
exec.c 53.1 KB