From: Li Zefan <lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
To: Tejun Heo <tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
mhocko-AlSwsSmVLrQ@public.gmane.org,
glommer-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org,
stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH 01/17] cgroup: remove incorrect dget/dput() pair in cgroup_create_dir()
Date: Mon, 19 Nov 2012 16:08:04 +0800 [thread overview]
Message-ID: <50A9E8E4.4050004@huawei.com> (raw)
In-Reply-To: <1352775704-9023-2-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
On 2012/11/13 11:01, Tejun Heo wrote:
> cgroup_create_dir() does weird dancing with dentry refcnt. On
> success, it gets and then puts it achieving nothing. On failure, it
> puts but there isn't no matching get anywhere leading to the following
> oops if cgroup_create_file() fails for whatever reason.
>
> ------------[ cut here ]------------
> kernel BUG at /work/os/work/fs/dcache.c:552!
> invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
> Modules linked in:
> CPU 2
> Pid: 697, comm: mkdir Not tainted 3.7.0-rc4-work+ #3 Bochs Bochs
> RIP: 0010:[<ffffffff811d9c0c>] [<ffffffff811d9c0c>] dput+0x1dc/0x1e0
> RSP: 0018:ffff88001a3ebef8 EFLAGS: 00010246
> RAX: 0000000000000000 RBX: ffff88000e5b1ef8 RCX: 0000000000000403
> RDX: 0000000000000303 RSI: 2000000000000000 RDI: ffff88000e5b1f58
> RBP: ffff88001a3ebf18 R08: ffffffff82c76960 R09: 0000000000000001
> R10: ffff880015022080 R11: ffd9bed70f48a041 R12: 00000000ffffffea
> R13: 0000000000000001 R14: ffff88000e5b1f58 R15: 00007fff57656d60
> FS: 00007ff05fcb3800(0000) GS:ffff88001fd00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00000000004046f0 CR3: 000000001315f000 CR4: 00000000000006e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> Process mkdir (pid: 697, threadinfo ffff88001a3ea000, task ffff880015022080)
> Stack:
> ffff88001a3ebf48 00000000ffffffea 0000000000000001 0000000000000000
> ffff88001a3ebf38 ffffffff811cc889 0000000000000001 ffff88000e5b1ef8
> ffff88001a3ebf68 ffffffff811d1fc9 ffff8800198d7f18 ffff880019106ef8
> Call Trace:
> [<ffffffff811cc889>] done_path_create+0x19/0x50
> [<ffffffff811d1fc9>] sys_mkdirat+0x59/0x80
> [<ffffffff811d2009>] sys_mkdir+0x19/0x20
> [<ffffffff81be1e02>] system_call_fastpath+0x16/0x1b
> Code: 00 48 8d 90 18 01 00 00 48 89 93 c0 00 00 00 4c 89 a0 18 01 00 00 48 8b 83 a0 00 00 00 83 80 28 01 00 00 01 e8 e6 6f a0 00 eb 92 <0f> 0b 66 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 49 89 fe 41
> RIP [<ffffffff811d9c0c>] dput+0x1dc/0x1e0
> RSP <ffff88001a3ebef8>
> ---[ end trace 1277bcfd9561ddb0 ]---
>
> Fix it by dropping the unnecessary dget/dput() pair.
>
> Signed-off-by: Tejun Heo <tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
> Cc: stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
> ---
> kernel/cgroup.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/kernel/cgroup.c b/kernel/cgroup.c
> index 0f8fa6a..d0803f0 100644
> --- a/kernel/cgroup.c
> +++ b/kernel/cgroup.c
> @@ -2684,9 +2684,7 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry,
> dentry->d_fsdata = cgrp;
> inc_nlink(parent->d_inode);
> rcu_assign_pointer(cgrp->dentry, dentry);
> - dget(dentry);
> }
> - dput(dentry);
>
The code has been there since cgroup was merged into mainline!
> return error;
> }
>
WARNING: multiple messages have this Message-ID (diff)
From: Li Zefan <lizefan@huawei.com>
To: Tejun Heo <tj@kernel.org>
Cc: <containers@lists.linux-foundation.org>,
<cgroups@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<mhocko@suse.cz>, <glommer@parallels.com>,
<stable@vger.kernel.org>
Subject: Re: [PATCH 01/17] cgroup: remove incorrect dget/dput() pair in cgroup_create_dir()
Date: Mon, 19 Nov 2012 16:08:04 +0800 [thread overview]
Message-ID: <50A9E8E4.4050004@huawei.com> (raw)
In-Reply-To: <1352775704-9023-2-git-send-email-tj@kernel.org>
On 2012/11/13 11:01, Tejun Heo wrote:
> cgroup_create_dir() does weird dancing with dentry refcnt. On
> success, it gets and then puts it achieving nothing. On failure, it
> puts but there isn't no matching get anywhere leading to the following
> oops if cgroup_create_file() fails for whatever reason.
>
> ------------[ cut here ]------------
> kernel BUG at /work/os/work/fs/dcache.c:552!
> invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
> Modules linked in:
> CPU 2
> Pid: 697, comm: mkdir Not tainted 3.7.0-rc4-work+ #3 Bochs Bochs
> RIP: 0010:[<ffffffff811d9c0c>] [<ffffffff811d9c0c>] dput+0x1dc/0x1e0
> RSP: 0018:ffff88001a3ebef8 EFLAGS: 00010246
> RAX: 0000000000000000 RBX: ffff88000e5b1ef8 RCX: 0000000000000403
> RDX: 0000000000000303 RSI: 2000000000000000 RDI: ffff88000e5b1f58
> RBP: ffff88001a3ebf18 R08: ffffffff82c76960 R09: 0000000000000001
> R10: ffff880015022080 R11: ffd9bed70f48a041 R12: 00000000ffffffea
> R13: 0000000000000001 R14: ffff88000e5b1f58 R15: 00007fff57656d60
> FS: 00007ff05fcb3800(0000) GS:ffff88001fd00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00000000004046f0 CR3: 000000001315f000 CR4: 00000000000006e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> Process mkdir (pid: 697, threadinfo ffff88001a3ea000, task ffff880015022080)
> Stack:
> ffff88001a3ebf48 00000000ffffffea 0000000000000001 0000000000000000
> ffff88001a3ebf38 ffffffff811cc889 0000000000000001 ffff88000e5b1ef8
> ffff88001a3ebf68 ffffffff811d1fc9 ffff8800198d7f18 ffff880019106ef8
> Call Trace:
> [<ffffffff811cc889>] done_path_create+0x19/0x50
> [<ffffffff811d1fc9>] sys_mkdirat+0x59/0x80
> [<ffffffff811d2009>] sys_mkdir+0x19/0x20
> [<ffffffff81be1e02>] system_call_fastpath+0x16/0x1b
> Code: 00 48 8d 90 18 01 00 00 48 89 93 c0 00 00 00 4c 89 a0 18 01 00 00 48 8b 83 a0 00 00 00 83 80 28 01 00 00 01 e8 e6 6f a0 00 eb 92 <0f> 0b 66 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 49 89 fe 41
> RIP [<ffffffff811d9c0c>] dput+0x1dc/0x1e0
> RSP <ffff88001a3ebef8>
> ---[ end trace 1277bcfd9561ddb0 ]---
>
> Fix it by dropping the unnecessary dget/dput() pair.
>
> Signed-off-by: Tejun Heo <tj@kernel.org>
> Cc: stable@vger.kernel.org
> ---
> kernel/cgroup.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/kernel/cgroup.c b/kernel/cgroup.c
> index 0f8fa6a..d0803f0 100644
> --- a/kernel/cgroup.c
> +++ b/kernel/cgroup.c
> @@ -2684,9 +2684,7 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry,
> dentry->d_fsdata = cgrp;
> inc_nlink(parent->d_inode);
> rcu_assign_pointer(cgrp->dentry, dentry);
> - dget(dentry);
> }
> - dput(dentry);
>
The code has been there since cgroup was merged into mainline!
> return error;
> }
>
next prev parent reply other threads:[~2012-11-19 8:08 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-13 3:01 [PATCHSET cgroup/for-3.8] cgroup: allow ->post_create() to fail Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 12/17] cgroup: introduce CSS_ONLINE flag and on/offline_css() helpers Tejun Heo
[not found] ` <1352775704-9023-1-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-13 3:01 ` [PATCH 01/17] cgroup: remove incorrect dget/dput() pair in cgroup_create_dir() Tejun Heo
2012-11-13 3:01 ` Tejun Heo
[not found] ` <1352775704-9023-2-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-19 8:08 ` Li Zefan
2012-11-19 8:08 ` Li Zefan [this message]
2012-11-19 8:08 ` Li Zefan
[not found] ` <50A9E8E4.4050004-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-11-19 16:28 ` Tejun Heo
2012-11-19 16:28 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 02/17] cgroup: initialize cgrp->allcg_node in init_cgroup_housekeeping() Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 03/17] cgroup: open-code cgroup_create_dir() Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 04/17] cgroup: create directory before linking while creating a new cgroup Tejun Heo
2012-11-13 3:01 ` Tejun Heo
[not found] ` <1352775704-9023-5-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-14 3:20 ` Li Zefan
2012-11-14 3:20 ` Li Zefan
[not found] ` <50A30E0F.7000408-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-11-14 19:04 ` Tejun Heo
2012-11-14 19:04 ` Tejun Heo
2012-11-14 19:04 ` Tejun Heo
[not found] ` <20121114190407.GI21185-9pTldWuhBndy/B6EtB590w@public.gmane.org>
2012-11-16 6:04 ` Li Zefan
2012-11-16 6:04 ` Li Zefan
2012-11-16 6:04 ` Li Zefan
2012-11-14 19:48 ` [PATCH v2 " Tejun Heo
2012-11-14 19:48 ` Tejun Heo
2012-11-14 19:48 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 05/17] cgroup: cgroup->dentry isn't a RCU pointer Tejun Heo
2012-11-13 3:01 ` Tejun Heo
[not found] ` <1352775704-9023-6-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-14 11:05 ` Glauber Costa
2012-11-14 11:05 ` Glauber Costa
[not found] ` <50A37B0A.7010608-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2012-11-14 18:55 ` Tejun Heo
2012-11-14 18:55 ` Tejun Heo
[not found] ` <20121114185504.GG21185-9pTldWuhBndy/B6EtB590w@public.gmane.org>
2012-11-15 3:00 ` Glauber Costa
2012-11-15 3:00 ` Glauber Costa
[not found] ` <50A45ABB.3040507-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2012-11-14 19:01 ` Tejun Heo
2012-11-14 19:01 ` Tejun Heo
2012-11-15 3:00 ` Glauber Costa
2012-11-14 11:05 ` Glauber Costa
2012-11-13 3:01 ` [PATCH 06/17] cgroup: remove duplicate RCU free on struct cgroup Tejun Heo
2012-11-13 3:01 ` Tejun Heo
[not found] ` <1352775704-9023-7-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-19 9:02 ` Li Zefan
2012-11-19 9:02 ` Li Zefan
[not found] ` <50A9F5B2.5080509-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-11-19 16:59 ` Tejun Heo
2012-11-19 16:59 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 07/17] cgroup: make CSS_* flags bit masks instead of bit positions Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 08/17] cgroup: trivial cleanup for cgroup_init/load_subsys() Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 09/17] cgroup: lock cgroup_mutex in cgroup_init_subsys() Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 10/17] cgroup: fix harmless bugs in cgroup_load_subsys() fail path and cgroup_unload_subsys() Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 11/17] cgroup: separate out cgroup_destroy_locked() Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 12/17] cgroup: introduce CSS_ONLINE flag and on/offline_css() helpers Tejun Heo
2012-11-13 3:01 ` [PATCH 13/17] cgroup: simplify cgroup_load_subsys() failure path Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 14/17] cgroup: use mutex_trylock() when grabbing i_mutex of a new cgroup directory Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 15/17] cgroup: update cgroup_create() failure path Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 16/17] cgroup: allow ->post_create() to fail Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 17/17] cgroup: rename ->create/post_create/pre_destroy/destroy() to ->css_alloc/online/offline/free() Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-13 3:01 ` Tejun Heo
2012-11-19 8:54 ` [PATCHSET cgroup/for-3.8] cgroup: allow ->post_create() to fail Li Zefan
2012-11-19 8:54 ` Li Zefan
[not found] ` <50A9F3B3.2010607-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-11-19 16:34 ` Tejun Heo
2012-11-19 16:34 ` Tejun Heo
2012-11-19 16:34 ` Tejun Heo
2012-11-19 8:54 ` Li Zefan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50A9E8E4.4050004@huawei.com \
--to=lizefan-hv44wf8li93qt0dzr+alfa@public.gmane.org \
--cc=cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=glommer-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=mhocko-AlSwsSmVLrQ@public.gmane.org \
--cc=stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.