Re: [PATCH v2 1/2] mm/memcg: rename mem_cgroup_split_huge_fixup to split_page_memcg
From: Singh, Balbir
Date: Wed Mar 10 2021 - 16:45:29 EST
On 9/3/21 7:28 pm, Michal Hocko wrote:
> On Tue 09-03-21 09:37:29, Balbir Singh wrote:
>> On 4/3/21 6:40 pm, Zhou Guanghui wrote:
> [...]
>>> -#ifdef CONFIG_TRANSPARENT_HUGEPAGE
>>> /*
>>> - * Because page_memcg(head) is not set on compound tails, set it now.
>>> + * Because page_memcg(head) is not set on tails, set it now.
>>> */
>>> -void mem_cgroup_split_huge_fixup(struct page *head)
>>> +void split_page_memcg(struct page *head, unsigned int nr)
>>> {
>>
>> Do we need input validation on nr? Can nr be aribtrary or can we enforce
>>
>> VM_BUG_ON(!is_power_of_2(nr));
>
> In practice this will be power of 2 but why should we bother to sanitze
> that?
>
Just when DEBUG_VM is enabled to ensure the contract is valid, given that
nr is now variable, we could end up with subtle bugs unless we can audit
all callers. Even the power of 2 check does not catch the fact that nr
is indeed what we expect, but it still checks a large range of invalid
inputs.
Balbir Singh.