From: Tejun Heo <tj@kernel.org>
To: Oleg Nesterov <oleg@redhat.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>,
Li Zefan <lizefan@huawei.com>,
Herton Krzesinski <hkrzesin@redhat.com>,
Jan Stancek <jstancek@redhat.com>,
cgroups@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting
Date: Thu, 31 Jan 2019 06:56:20 -0800 [thread overview]
Message-ID: <20190131145620.GC50184@devbig004.ftw2.facebook.com> (raw)
In-Reply-To: <20190128160013.GA21219@redhat.com>
On Mon, Jan 28, 2019 at 05:00:13PM +0100, Oleg Nesterov wrote:
> The only user of cgroup_subsys->free() callback is pids_cgrp_subsys which
> needs pids_free() to uncharge the pid.
>
> However, ->free() is called from __put_task_struct()->cgroup_free() and this
> is too late. Even the trivial program which does
>
> for (;;) {
> int pid = fork();
> assert(pid >= 0);
> if (pid)
> wait(NULL);
> else
> exit(0);
> }
>
> can run out of limits because release_task()->call_rcu(delayed_put_task_struct)
> implies an RCU gp after the task/pid goes away and before the final put().
>
> Test-case:
>
> mkdir -p /tmp/CG
> mount -t cgroup2 none /tmp/CG
> echo '+pids' > /tmp/CG/cgroup.subtree_control
>
> mkdir /tmp/CG/PID
> echo 2 > /tmp/CG/PID/pids.max
>
> perl -e 'while ($p = fork) { wait; } $p // die "fork failed: $!\n"' &
> echo $! > /tmp/CG/PID/cgroup.procs
>
> Without this patch the forking process fails soon after migration.
>
> Rename cgroup_subsys->free() to cgroup_subsys->release() and move the callsite
> into the new helper, cgroup_release(), called by release_task() which actually
> frees the pid(s).
>
> Reported-by: Herton R. Krzesinski <hkrzesin@redhat.com>
> Reported-by: Jan Stancek <jstancek@redhat.com>
> Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Applied to cgroup/for-5.0.
Thanks, Oleg.
--
tejun
prev parent reply other threads:[~2019-01-31 14:56 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-28 16:00 [PATCH] cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting Oleg Nesterov
2019-01-31 14:56 ` Tejun Heo [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190131145620.GC50184@devbig004.ftw2.facebook.com \
--to=tj@kernel.org \
--cc=cgroups@vger.kernel.org \
--cc=hannes@cmpxchg.org \
--cc=hkrzesin@redhat.com \
--cc=jstancek@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lizefan@huawei.com \
--cc=oleg@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.