Re: [patch 1/5] mm: memcontrol: convert reclaim iterator to simple css refcounting

Wed, 15 Oct 2014 08:04:20 -0700 

On Tue 14-10-14 12:20:33, Johannes Weiner wrote:
> The memcg reclaim iterators use a complicated weak reference scheme to
> prevent pinning cgroups indefinitely in the absence of memory pressure.
> 
> However, during the ongoing cgroup core rework, css lifetime has been
> decoupled such that a pinned css no longer interferes with removal of
> the user-visible cgroup, and all this complexity is now unnecessary.
>
> Signed-off-by: Johannes Weiner <han...@cmpxchg.org>
> ---
>  mm/memcontrol.c | 250 
> +++++++++++++++++---------------------------------------
>  1 file changed, 76 insertions(+), 174 deletions(-)
> 
> diff --git a/mm/memcontrol.c b/mm/memcontrol.c
> index b62972c80055..67dabe8b0aa6 100644
> --- a/mm/memcontrol.c
> +++ b/mm/memcontrol.c
[...]
> +             do {
> +                     pos = ACCESS_ONCE(iter->position);
> +                     /*
> +                      * A racing update may change the position and
> +                      * put the last reference, hence css_tryget(),
> +                      * or retry to see the updated position.
> +                      */
> +             } while (pos && !css_tryget(&pos->css));
> +     }
[...]
> +     if (reclaim) {
> +             if (cmpxchg(&iter->position, pos, memcg) == pos && memcg)
> +                     css_get(&memcg->css);
> +
> +             if (pos)
> +                     css_put(&pos->css);

This looks like a reference leak. css_put pairs with the above
css_tryget but no css_put pairs with css_get for the cached one. We
need:
---
>From 2810937ec6c16afc0bf924e761ff8305bd478a42 Mon Sep 17 00:00:00 2001
From: Michal Hocko <mho...@suse.cz>
Date: Wed, 15 Oct 2014 16:26:22 +0200
Subject: [PATCH] 
 mm-memcontrol-convert-reclaim-iterator-to-simple-css-refcounting-fix

Make sure that the cached reference is always released.

Signed-off-by: Michal Hocko <mho...@suse.cz>
---
 mm/memcontrol.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index bdcd0416a017..42842a47b4c1 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -1160,9 +1160,17 @@ struct mem_cgroup *mem_cgroup_iter(struct mem_cgroup 
*root,
        }
 
        if (reclaim) {
-               if (cmpxchg(&iter->position, pos, memcg) == pos && memcg)
-                       css_get(&memcg->css);
+               if (cmpxchg(&iter->position, pos, memcg) == pos) {
+                       if (memcg)
+                               css_get(&memcg->css);
+                       if (pos)
+                               css_put(&pos->css);
+               }
 
+               /*
+                * pairs with css_tryget when dereferencing iter->position
+                * above.
+                */
                if (pos)
                        css_put(&pos->css);
 
-- 
2.1.1

-- 
Michal Hocko
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to