From: Li Zefan <lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
To: Tejun Heo <tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
mhocko-AlSwsSmVLrQ@public.gmane.org,
glommer-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org,
stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH 01/17] cgroup: remove incorrect dget/dput() pair in cgroup_create_dir()
Date: Mon, 19 Nov 2012 16:08:04 +0800 [thread overview]
Message-ID: <50A9E8E4.4050004@huawei.com> (raw)
In-Reply-To: <1352775704-9023-2-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
On 2012/11/13 11:01, Tejun Heo wrote:
> cgroup_create_dir() does weird dancing with dentry refcnt. On
> success, it gets and then puts it achieving nothing. On failure, it
> puts but there isn't no matching get anywhere leading to the following
> oops if cgroup_create_file() fails for whatever reason.
>
> ------------[ cut here ]------------
> kernel BUG at /work/os/work/fs/dcache.c:552!
> invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
> Modules linked in:
> CPU 2
> Pid: 697, comm: mkdir Not tainted 3.7.0-rc4-work+ #3 Bochs Bochs
> RIP: 0010:[<ffffffff811d9c0c>] [<ffffffff811d9c0c>] dput+0x1dc/0x1e0
> RSP: 0018:ffff88001a3ebef8 EFLAGS: 00010246
> RAX: 0000000000000000 RBX: ffff88000e5b1ef8 RCX: 0000000000000403
> RDX: 0000000000000303 RSI: 2000000000000000 RDI: ffff88000e5b1f58
> RBP: ffff88001a3ebf18 R08: ffffffff82c76960 R09: 0000000000000001
> R10: ffff880015022080 R11: ffd9bed70f48a041 R12: 00000000ffffffea
> R13: 0000000000000001 R14: ffff88000e5b1f58 R15: 00007fff57656d60
> FS: 00007ff05fcb3800(0000) GS:ffff88001fd00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00000000004046f0 CR3: 000000001315f000 CR4: 00000000000006e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> Process mkdir (pid: 697, threadinfo ffff88001a3ea000, task ffff880015022080)
> Stack:
> ffff88001a3ebf48 00000000ffffffea 0000000000000001 0000000000000000
> ffff88001a3ebf38 ffffffff811cc889 0000000000000001 ffff88000e5b1ef8
> ffff88001a3ebf68 ffffffff811d1fc9 ffff8800198d7f18 ffff880019106ef8
> Call Trace:
> [<ffffffff811cc889>] done_path_create+0x19/0x50
> [<ffffffff811d1fc9>] sys_mkdirat+0x59/0x80
> [<ffffffff811d2009>] sys_mkdir+0x19/0x20
> [<ffffffff81be1e02>] system_call_fastpath+0x16/0x1b
> Code: 00 48 8d 90 18 01 00 00 48 89 93 c0 00 00 00 4c 89 a0 18 01 00 00 48 8b 83 a0 00 00 00 83 80 28 01 00 00 01 e8 e6 6f a0 00 eb 92 <0f> 0b 66 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 49 89 fe 41
> RIP [<ffffffff811d9c0c>] dput+0x1dc/0x1e0
> RSP <ffff88001a3ebef8>
> ---[ end trace 1277bcfd9561ddb0 ]---
>
> Fix it by dropping the unnecessary dget/dput() pair.
>
> Signed-off-by: Tejun Heo <tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
> Cc: stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
> ---
> kernel/cgroup.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/kernel/cgroup.c b/kernel/cgroup.c
> index 0f8fa6a..d0803f0 100644
> --- a/kernel/cgroup.c
> +++ b/kernel/cgroup.c
> @@ -2684,9 +2684,7 @@ static int cgroup_create_dir(struct cgroup *cgrp, struct dentry *dentry,
> dentry->d_fsdata = cgrp;
> inc_nlink(parent->d_inode);
> rcu_assign_pointer(cgrp->dentry, dentry);
> - dget(dentry);
> }
> - dput(dentry);
>
The code has been there since cgroup was merged into mainline!
> return error;
> }
>
next prev parent reply other threads:[~2012-11-19 8:08 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-13 3:01 [PATCHSET cgroup/for-3.8] cgroup: allow ->post_create() to fail Tejun Heo
[not found] ` <1352775704-9023-1-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-13 3:01 ` [PATCH 01/17] cgroup: remove incorrect dget/dput() pair in cgroup_create_dir() Tejun Heo
[not found] ` <1352775704-9023-2-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-19 8:08 ` Li Zefan [this message]
[not found] ` <50A9E8E4.4050004-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-11-19 16:28 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 02/17] cgroup: initialize cgrp->allcg_node in init_cgroup_housekeeping() Tejun Heo
2012-11-13 3:01 ` [PATCH 03/17] cgroup: open-code cgroup_create_dir() Tejun Heo
2012-11-13 3:01 ` [PATCH 04/17] cgroup: create directory before linking while creating a new cgroup Tejun Heo
[not found] ` <1352775704-9023-5-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-14 3:20 ` Li Zefan
[not found] ` <50A30E0F.7000408-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-11-14 19:04 ` Tejun Heo
[not found] ` <20121114190407.GI21185-9pTldWuhBndy/B6EtB590w@public.gmane.org>
2012-11-16 6:04 ` Li Zefan
2012-11-14 19:48 ` [PATCH v2 " Tejun Heo
2012-11-13 3:01 ` [PATCH 05/17] cgroup: cgroup->dentry isn't a RCU pointer Tejun Heo
[not found] ` <1352775704-9023-6-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-14 11:05 ` Glauber Costa
[not found] ` <50A37B0A.7010608-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2012-11-14 18:55 ` Tejun Heo
[not found] ` <20121114185504.GG21185-9pTldWuhBndy/B6EtB590w@public.gmane.org>
2012-11-15 3:00 ` Glauber Costa
[not found] ` <50A45ABB.3040507-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2012-11-14 19:01 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 06/17] cgroup: remove duplicate RCU free on struct cgroup Tejun Heo
[not found] ` <1352775704-9023-7-git-send-email-tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2012-11-19 9:02 ` Li Zefan
[not found] ` <50A9F5B2.5080509-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-11-19 16:59 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 07/17] cgroup: make CSS_* flags bit masks instead of bit positions Tejun Heo
2012-11-13 3:01 ` [PATCH 08/17] cgroup: trivial cleanup for cgroup_init/load_subsys() Tejun Heo
2012-11-13 3:01 ` [PATCH 09/17] cgroup: lock cgroup_mutex in cgroup_init_subsys() Tejun Heo
2012-11-13 3:01 ` [PATCH 10/17] cgroup: fix harmless bugs in cgroup_load_subsys() fail path and cgroup_unload_subsys() Tejun Heo
2012-11-13 3:01 ` [PATCH 11/17] cgroup: separate out cgroup_destroy_locked() Tejun Heo
2012-11-13 3:01 ` [PATCH 13/17] cgroup: simplify cgroup_load_subsys() failure path Tejun Heo
2012-11-13 3:01 ` [PATCH 14/17] cgroup: use mutex_trylock() when grabbing i_mutex of a new cgroup directory Tejun Heo
2012-11-13 3:01 ` [PATCH 15/17] cgroup: update cgroup_create() failure path Tejun Heo
2012-11-13 3:01 ` [PATCH 16/17] cgroup: allow ->post_create() to fail Tejun Heo
2012-11-13 3:01 ` [PATCH 17/17] cgroup: rename ->create/post_create/pre_destroy/destroy() to ->css_alloc/online/offline/free() Tejun Heo
2012-11-19 8:54 ` [PATCHSET cgroup/for-3.8] cgroup: allow ->post_create() to fail Li Zefan
[not found] ` <50A9F3B3.2010607-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2012-11-19 16:34 ` Tejun Heo
2012-11-13 3:01 ` [PATCH 12/17] cgroup: introduce CSS_ONLINE flag and on/offline_css() helpers Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50A9E8E4.4050004@huawei.com \
--to=lizefan-hv44wf8li93qt0dzr+alfa@public.gmane.org \
--cc=cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=glommer-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=mhocko-AlSwsSmVLrQ@public.gmane.org \
--cc=stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).