Re: clock_nanosleep() task_struct leak

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Stanislaw Gruszka <sgruszka@redhat.com>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: Oleg Nesterov <oleg@redhat.com>,
	Tommi Rantala <tt.rantala@gmail.com>,
	LKML <linux-kernel@vger.kernel.org>,
	Dave Jones <davej@redhat.com>,
	John Stultz <john.stultz@linaro.org>
Subject: Re: clock_nanosleep() task_struct leak
Date: Wed, 6 Feb 2013 12:23:27 +0100	[thread overview]
Message-ID: <20130206112327.GA1824@redhat.com> (raw)
In-Reply-To: <alpine.LFD.2.02.1302051155000.11905@ionos>

On Tue, Feb 05, 2013 at 11:55:19AM +0100, Thomas Gleixner wrote:
> On Tue, 5 Feb 2013, Stanislaw Gruszka wrote:
> > On Mon, Feb 04, 2013 at 08:32:23PM +0100, Oleg Nesterov wrote:
> > > On 02/01, Thomas Gleixner wrote:
> > > >
> > > > B1;2601;0cOn Fri, 1 Feb 2013, Tommi Rantala wrote:
> > > >
> > > > > Hello,
> > > > >
> > > > > Trinity discovered a task_struct leak with clock_nanosleep(), reproducible with:
> > > > >
> > > > > -----8<-----8<-----8<-----
> > > > > #include <time.h>
> > > > >
> > > > > static const struct timespec req;
> > > > >
> > > > > int main(void) {
> > > > >         return clock_nanosleep(CLOCK_PROCESS_CPUTIME_ID,
> > > > >                         TIMER_ABSTIME, &req, NULL);
> > > > > }
> > > > > -----8<-----8<-----8<-----
> > > 
> > > posix_cpu_timer_create()->get_task_struct() I guess...
> > > 
> > > Cough. I am not sure I ever understood this code, but now it certainly
> > > looks as if I never saw it before.
> > 
> > Looks on do_cpu_nanosleep() we call posix_cpu_timer_create(), but we do
> > not call posix_cpu_timer_del() at the end. Fix will not be super simple,
> > since we need to care about error cases. I can cook a patch if nobody
> > else want to do this.
> 
> Would be much appreciated!

Below is proposed fix. Error cases wasn't that bad since there are
various limitations when timer could be fired (i.e. timer which
already fired can not be fired again).

Tommi, please check if patch really fixes the problem. I tested it
with signal interrupt and timeout scenarios, but I don't know how
to confirm if it fix the leak or not.

diff --git a/kernel/posix-cpu-timers.c b/kernel/posix-cpu-timers.c
index 125cb67..07a38b6 100644
--- a/kernel/posix-cpu-timers.c
+++ b/kernel/posix-cpu-timers.c
@@ -1424,6 +1424,7 @@ static int do_cpu_nanosleep(const clockid_t which_clock, int flags,
 				/*
 				 * Our timer fired and was reset.
 				 */
+				posix_cpu_timer_del(&timer);
 				spin_unlock_irq(&timer.it_lock);
 				return 0;
 			}
@@ -1441,9 +1442,17 @@ static int do_cpu_nanosleep(const clockid_t which_clock, int flags,
 		 * We were interrupted by a signal.
 		 */
 		sample_to_timespec(which_clock, timer.it.cpu.expires, rqtp);
-		posix_cpu_timer_set(&timer, 0, &zero_it, it);
+		error = posix_cpu_timer_set(&timer, 0, &zero_it, it);
+		if (!error)
+			posix_cpu_timer_del(&timer);
 		spin_unlock_irq(&timer.it_lock);
 
+		while (error == TIMER_RETRY) {
+			spin_lock_irq(&timer.it_lock);
+			error = posix_cpu_timer_del(&timer);
+			spin_unlock_irq(&timer.it_lock);
+		}
+
 		if ((it->it_value.tv_sec | it->it_value.tv_nsec) == 0) {
 			/*
 			 * It actually did fire already.

next prev parent reply	other threads:[~2013-02-06 11:23 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-02-01 13:39 clock_nanosleep() task_struct leak Tommi Rantala
2013-02-01 13:52 ` Thomas Gleixner
2013-02-04 19:32   ` Oleg Nesterov
2013-02-05 10:34     ` Stanislaw Gruszka
2013-02-05 10:55       ` Thomas Gleixner
2013-02-06 11:23         ` Stanislaw Gruszka [this message]
2013-02-06 12:01           ` Tommi Rantala
2013-02-06 15:15             ` [PATCH] posix-cpu-timers: fix nanosleep " Stanislaw Gruszka
2013-02-06 16:10               ` Oleg Nesterov
2013-02-07 12:22                 ` Stanislaw Gruszka
2013-02-07 13:24                   ` Oleg Nesterov
2013-02-07 16:04                     ` [PATCH v2] " Stanislaw Gruszka
2013-02-07 18:37                       ` Oleg Nesterov

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:125cb67 dfblob:07a38b6 )
 OR (
bs:"Re: clock_nanosleep() task_struct leak" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130206112327.GA1824@redhat.com \
    --to=sgruszka@redhat.com \
    --cc=davej@redhat.com \
    --cc=john.stultz@linaro.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=oleg@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=tt.rantala@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.