[Suggestion] kernel/cgroup.c: about kfree after 'get_new_cssid'

[Suggestion] kernel/cgroup.c: about kfree after 'get_new_cssid'

[Chen Gang]

Hello Maintainers:

After call get_new_cssid(), I can not find the related free function
(it seems free_css_id() is for that, but not used).

The memory location is:
  get_new_cssid() --> kzalloc() for 'struct css_id'
  get_new_cssid() --> idr_alloc() for 'ss->idr'

One work flow:
  cgroup_load_subsys() --> cgroup_init_idr() --> get_new_cssid()
  when get_new_cssid() fails, it will:
  cgroup_load_subsys() --> cgroup_unload_subsys() --> idr_destroy(),
  and also:
  cgroup_load_subsys() --> cgroup_unload_subsys() --> ss->css_free();
    ('css_free' may 'debug_css_free', or 'freezer_css_free' ...)

It seems the work flow above is not 'kfree' 'struct css_id', is it true?

BTW: I also guess, for cgroup_init_idr() in cgroup_init(), need check
the return value.

Please help check.


Thanks.

--
 Chen Gang

 Asianux Corporation

Re: [Suggestion] kernel/cgroup.c: about kfree after 'get_new_cssid'

[Li Zefan]

On 2013/5/7 18:46, Chen Gang wrote:
> Hello Maintainers:
> 
> After call get_new_cssid(), I can not find the related free function
> (it seems free_css_id() is for that, but not used).
> 
> The memory location is:
>   get_new_cssid() --> kzalloc() for 'struct css_id'
>   get_new_cssid() --> idr_alloc() for 'ss->idr'
> 
> One work flow:
>   cgroup_load_subsys() --> cgroup_init_idr() --> get_new_cssid()
>   when get_new_cssid() fails, it will:
>   cgroup_load_subsys() --> cgroup_unload_subsys() --> idr_destroy(),
>   and also:
>   cgroup_load_subsys() --> cgroup_unload_subsys() --> ss->css_free();
>     ('css_free' may 'debug_css_free', or 'freezer_css_free' ...)
> 
> It seems the work flow above is not 'kfree' 'struct css_id', is it true?
> 
> BTW: I also guess, for cgroup_init_idr() in cgroup_init(), need check
> the return value.
> 
> Please help check.
> 

It's the specific cgroup subsystem that calls free_css_id() in it's subsys->css_free()
callback. See __mem_cgroup_free() for example.

There's a bug in cgroup_unload_subsys() that idr_destroy() should be called after
ss->css_free(). That said, given there's no modular cgroup subsystem using css_id,
and the whole css_id thing will be eliminated in 3.11, why bother fixing it.

Re: [Suggestion] kernel/cgroup.c: about kfree after 'get_new_cssid'

[Chen Gang]

On 2013年05月07日 19:01, Li Zefan wrote:
> On 2013/5/7 18:46, Chen Gang wrote:
>> Hello Maintainers:
>>
>> After call get_new_cssid(), I can not find the related free function
>> (it seems free_css_id() is for that, but not used).
>>
>> The memory location is:
>>   get_new_cssid() --> kzalloc() for 'struct css_id'
>>   get_new_cssid() --> idr_alloc() for 'ss->idr'
>>
>> One work flow:
>>   cgroup_load_subsys() --> cgroup_init_idr() --> get_new_cssid()
>>   when get_new_cssid() fails, it will:
>>   cgroup_load_subsys() --> cgroup_unload_subsys() --> idr_destroy(),
>>   and also:
>>   cgroup_load_subsys() --> cgroup_unload_subsys() --> ss->css_free();
>>     ('css_free' may 'debug_css_free', or 'freezer_css_free' ...)
>>
>> It seems the work flow above is not 'kfree' 'struct css_id', is it true?
>>
>> BTW: I also guess, for cgroup_init_idr() in cgroup_init(), need check
>> the return value.
>>
>> Please help check.
>>
> 
> It's the specific cgroup subsystem that calls free_css_id() in it's subsys->css_free()
> callback. See __mem_cgroup_free() for example.
> 

OK, thank you for your confirmation.

> There's a bug in cgroup_unload_subsys() that idr_destroy() should be called after
> ss->css_free(). That said, given there's no modular cgroup subsystem using css_id,
> and the whole css_id thing will be eliminated in 3.11, why bother fixing it.
> 

I just find it by reading code (I also want to learn about kernel).

I guess, for some stable versions, may focus on it, they are the
different branches from the latest version.

So, is it suitable to send related patch for the bug ?

Thanks.

-- 
Chen Gang

Asianux Corporation

Re: [Suggestion] kernel/cgroup.c: about kfree after 'get_new_cssid'

[Li Zefan]

>> There's a bug in cgroup_unload_subsys() that idr_destroy() should be called after
>> ss->css_free(). That said, given there's no modular cgroup subsystem using css_id,
>> and the whole css_id thing will be eliminated in 3.11, why bother fixing it.
>>
> 
> I just find it by reading code (I also want to learn about kernel).
> 
> I guess, for some stable versions, may focus on it, they are the
> different branches from the latest version.
> 
> So, is it suitable to send related patch for the bug ?
> 

As I said, there's no modular cgroup subsystem using css_id, so the bug
doesn't exist in real world.

Re: [Suggestion] kernel/cgroup.c: about kfree after 'get_new_cssid'

[Chen Gang]

On 2013年05月08日 08:50, Li Zefan wrote:
>>> There's a bug in cgroup_unload_subsys() that idr_destroy() should be called after
>>> >> ss->css_free(). That said, given there's no modular cgroup subsystem using css_id,
>>> >> and the whole css_id thing will be eliminated in 3.11, why bother fixing it.
>>> >>
>> > 
>> > I just find it by reading code (I also want to learn about kernel).
>> > 
>> > I guess, for some stable versions, may focus on it, they are the
>> > different branches from the latest version.
>> > 
>> > So, is it suitable to send related patch for the bug ?
>> > 
> As I said, there's no modular cgroup subsystem using css_id, so the bug
> doesn't exist in real world.
> 
> 
> 

Excuse me, my English is not quite well, I guess what you said is:

  a. idr_destroy() should be called after ss->css_free()
  b. need check the return value of cgroup_init_idr() in cgroup_init().

  but all features which related with the 2 issues above, never be used
in any main linux main branches.
  so, the 2 bugs doesn't exist in real world.

Is what I guess correct ?

Thanks.

-- 
Chen Gang

Asianux Corporation