Re: [PATCH v2 1/3] cgroup: Iterate tasks that did not finish do_exit()
From: Suren Baghdasaryan
Date: Wed Feb 05 2020 - 12:28:02 EST
On Fri, Jan 24, 2020 at 2:56 PM Suren Baghdasaryan <surenb@xxxxxxxxxx> wrote:
>
> On Fri, Jan 24, 2020 at 3:40 AM Michal Koutnà <mkoutny@xxxxxxxx> wrote:
> >
> > PF_EXITING is set earlier than actual removal from css_set when a task
> > is exitting. This can confuse cgroup.procs readers who see no PF_EXITING
> > tasks, however, rmdir is checking against css_set membership so it can
> > transitionally fail with EBUSY.
> >
> > Fix this by listing tasks that weren't unlinked from css_set active
> > lists.
> > It may happen that other users of the task iterator (without
> > CSS_TASK_ITER_PROCS) spot a PF_EXITING task before cgroup_exit(). This
> > is equal to the state before commit c03cd7738a83 ("cgroup: Include dying
> > leaders with live threads in PROCS iterations") but it may be reviewed
> > later.
> >
> > Reported-by: Suren Baghdasaryan <surenb@xxxxxxxxxx>
> > Fixes: c03cd7738a83 ("cgroup: Include dying leaders with live threads in PROCS iterations")
> > Signed-off-by: Michal Koutnà <mkoutny@xxxxxxxx>
> > ---
> > include/linux/cgroup.h | 1 +
> > kernel/cgroup/cgroup.c | 23 ++++++++++++++++-------
> > 2 files changed, 17 insertions(+), 7 deletions(-)
> >
> > diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h
> > index d7ddebd0cdec..e75d2191226b 100644
> > --- a/include/linux/cgroup.h
> > +++ b/include/linux/cgroup.h
> > @@ -62,6 +62,7 @@ struct css_task_iter {
> > struct list_head *mg_tasks_head;
> > struct list_head *dying_tasks_head;
> >
> > + struct list_head *cur_tasks_head;
> > struct css_set *cur_cset;
> > struct css_set *cur_dcset;
> > struct task_struct *cur_task;
> > diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
> > index 735af8f15f95..a6e3619e013b 100644
> > --- a/kernel/cgroup/cgroup.c
> > +++ b/kernel/cgroup/cgroup.c
> > @@ -4404,12 +4404,16 @@ static void css_task_iter_advance_css_set(struct css_task_iter *it)
> > }
> > } while (!css_set_populated(cset) && list_empty(&cset->dying_tasks));
> >
> > - if (!list_empty(&cset->tasks))
> > + if (!list_empty(&cset->tasks)) {
> > it->task_pos = cset->tasks.next;
> > - else if (!list_empty(&cset->mg_tasks))
> > + it->cur_tasks_head = &cset->tasks;
> > + } else if (!list_empty(&cset->mg_tasks)) {
> > it->task_pos = cset->mg_tasks.next;
> > - else
> > + it->cur_tasks_head = &cset->mg_tasks;
> > + } else {
> > it->task_pos = cset->dying_tasks.next;
> > + it->cur_tasks_head = &cset->dying_tasks;
> > + }
> >
> > it->tasks_head = &cset->tasks;
> > it->mg_tasks_head = &cset->mg_tasks;
> > @@ -4467,10 +4471,14 @@ static void css_task_iter_advance(struct css_task_iter *it)
> > else
> > it->task_pos = it->task_pos->next;
> >
> > - if (it->task_pos == it->tasks_head)
> > + if (it->task_pos == it->tasks_head) {
> > it->task_pos = it->mg_tasks_head->next;
> > - if (it->task_pos == it->mg_tasks_head)
> > + it->cur_tasks_head = it->mg_tasks_head;
> > + }
> > + if (it->task_pos == it->mg_tasks_head) {
> > it->task_pos = it->dying_tasks_head->next;
> > + it->cur_tasks_head = it->dying_tasks_head;
> > + }
> > if (it->task_pos == it->dying_tasks_head)
> > css_task_iter_advance_css_set(it);
> > } else {
> > @@ -4489,11 +4497,12 @@ static void css_task_iter_advance(struct css_task_iter *it)
> > goto repeat;
> >
> > /* and dying leaders w/o live member threads */
> > - if (!atomic_read(&task->signal->live))
> > + if (it->cur_tasks_head == it->dying_tasks_head &&
> > + !atomic_read(&task->signal->live))
> > goto repeat;
> > } else {
> > /* skip all dying ones */
> > - if (task->flags & PF_EXITING)
> > + if (it->cur_tasks_head == it->dying_tasks_head)
> > goto repeat;
> > }
> > }
> > --
> > 2.24.1
> >
>
> Tested-by: Suren Baghdasaryan <surenb@xxxxxxxxxx>
>
> Thanks!
Hi Folks,
If this new version looks good could we get an Ack please? I need to
start backporting this fix to Android and would like a confirmation
before doing so.
Thanks!