CC: [email protected] TO: [email protected] tree: https://android.googlesource.com/kernel/common android-4.19-stable head: 5ab3ecd497440eb70b966032a11c0ea01804d0ec commit: 8e0f48a73d274a449aa2ae148ef0d5f2499e9b93 [4/12] UPSTREAM: cgroup: saner refcounting for cgroup_root :::::: branch date: 6 hours ago :::::: commit date: 6 hours ago config: x86_64-randconfig-c002-20200826 (attached as .config) compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> Reported-by: Julia Lawall <[email protected]> coccinelle warnings: (new ones prefixed by >>) >> kernel/cgroup/cgroup-v1.c:1220:44-48: ERROR: root is NULL but dereferenced. git remote add android-common https://android.googlesource.com/kernel/common git fetch --no-tags android-common android-4.19-stable git checkout 8e0f48a73d274a449aa2ae148ef0d5f2499e9b93 vim +1220 kernel/cgroup/cgroup-v1.c 1592c9b223749d Tejun Heo 2016-12-27 1116 1592c9b223749d Tejun Heo 2016-12-27 1117 struct dentry *cgroup1_mount(struct file_system_type *fs_type, int flags, 1592c9b223749d Tejun Heo 2016-12-27 1118 void *data, unsigned long magic, 1592c9b223749d Tejun Heo 2016-12-27 1119 struct cgroup_namespace *ns) 1592c9b223749d Tejun Heo 2016-12-27 1120 { 1592c9b223749d Tejun Heo 2016-12-27 1121 struct cgroup_sb_opts opts; 1592c9b223749d Tejun Heo 2016-12-27 1122 struct cgroup_root *root; 1592c9b223749d Tejun Heo 2016-12-27 1123 struct cgroup_subsys *ss; 1592c9b223749d Tejun Heo 2016-12-27 1124 struct dentry *dentry; 1592c9b223749d Tejun Heo 2016-12-27 1125 int i, ret; 1592c9b223749d Tejun Heo 2016-12-27 1126 1592c9b223749d Tejun Heo 2016-12-27 1127 cgroup_lock_and_drain_offline(&cgrp_dfl_root.cgrp); 1592c9b223749d Tejun Heo 2016-12-27 1128 1592c9b223749d Tejun Heo 2016-12-27 1129 /* First find the desired set of subsystems */ 1592c9b223749d Tejun Heo 2016-12-27 1130 ret = parse_cgroupfs_options(data, &opts); 1592c9b223749d Tejun Heo 2016-12-27 1131 if (ret) 1592c9b223749d Tejun Heo 2016-12-27 1132 goto out_unlock; 1592c9b223749d Tejun Heo 2016-12-27 1133 1592c9b223749d Tejun Heo 2016-12-27 1134 /* 1592c9b223749d Tejun Heo 2016-12-27 1135 * Destruction of cgroup root is asynchronous, so subsystems may 1592c9b223749d Tejun Heo 2016-12-27 1136 * still be dying after the previous unmount. Let's drain the 1592c9b223749d Tejun Heo 2016-12-27 1137 * dying subsystems. We just need to ensure that the ones 1592c9b223749d Tejun Heo 2016-12-27 1138 * unmounted previously finish dying and don't care about new ones 1592c9b223749d Tejun Heo 2016-12-27 1139 * starting. Testing ref liveliness is good enough. 1592c9b223749d Tejun Heo 2016-12-27 1140 */ 1592c9b223749d Tejun Heo 2016-12-27 1141 for_each_subsys(ss, i) { 1592c9b223749d Tejun Heo 2016-12-27 1142 if (!(opts.subsys_mask & (1 << i)) || 1592c9b223749d Tejun Heo 2016-12-27 1143 ss->root == &cgrp_dfl_root) 1592c9b223749d Tejun Heo 2016-12-27 1144 continue; 1592c9b223749d Tejun Heo 2016-12-27 1145 1592c9b223749d Tejun Heo 2016-12-27 1146 if (!percpu_ref_tryget_live(&ss->root->cgrp.self.refcnt)) { 1592c9b223749d Tejun Heo 2016-12-27 1147 mutex_unlock(&cgroup_mutex); 1592c9b223749d Tejun Heo 2016-12-27 1148 msleep(10); 1592c9b223749d Tejun Heo 2016-12-27 1149 ret = restart_syscall(); 1592c9b223749d Tejun Heo 2016-12-27 1150 goto out_free; 1592c9b223749d Tejun Heo 2016-12-27 1151 } 1592c9b223749d Tejun Heo 2016-12-27 1152 cgroup_put(&ss->root->cgrp); 1592c9b223749d Tejun Heo 2016-12-27 1153 } 1592c9b223749d Tejun Heo 2016-12-27 1154 1592c9b223749d Tejun Heo 2016-12-27 1155 for_each_root(root) { 1592c9b223749d Tejun Heo 2016-12-27 1156 bool name_match = false; 1592c9b223749d Tejun Heo 2016-12-27 1157 1592c9b223749d Tejun Heo 2016-12-27 1158 if (root == &cgrp_dfl_root) 1592c9b223749d Tejun Heo 2016-12-27 1159 continue; 1592c9b223749d Tejun Heo 2016-12-27 1160 1592c9b223749d Tejun Heo 2016-12-27 1161 /* 1592c9b223749d Tejun Heo 2016-12-27 1162 * If we asked for a name then it must match. Also, if 1592c9b223749d Tejun Heo 2016-12-27 1163 * name matches but sybsys_mask doesn't, we should fail. 1592c9b223749d Tejun Heo 2016-12-27 1164 * Remember whether name matched. 1592c9b223749d Tejun Heo 2016-12-27 1165 */ 1592c9b223749d Tejun Heo 2016-12-27 1166 if (opts.name) { 1592c9b223749d Tejun Heo 2016-12-27 1167 if (strcmp(opts.name, root->name)) 1592c9b223749d Tejun Heo 2016-12-27 1168 continue; 1592c9b223749d Tejun Heo 2016-12-27 1169 name_match = true; 1592c9b223749d Tejun Heo 2016-12-27 1170 } 1592c9b223749d Tejun Heo 2016-12-27 1171 1592c9b223749d Tejun Heo 2016-12-27 1172 /* 1592c9b223749d Tejun Heo 2016-12-27 1173 * If we asked for subsystems (or explicitly for no 1592c9b223749d Tejun Heo 2016-12-27 1174 * subsystems) then they must match. 1592c9b223749d Tejun Heo 2016-12-27 1175 */ 1592c9b223749d Tejun Heo 2016-12-27 1176 if ((opts.subsys_mask || opts.none) && 1592c9b223749d Tejun Heo 2016-12-27 1177 (opts.subsys_mask != root->subsys_mask)) { 1592c9b223749d Tejun Heo 2016-12-27 1178 if (!name_match) 1592c9b223749d Tejun Heo 2016-12-27 1179 continue; 1592c9b223749d Tejun Heo 2016-12-27 1180 ret = -EBUSY; 1592c9b223749d Tejun Heo 2016-12-27 1181 goto out_unlock; 1592c9b223749d Tejun Heo 2016-12-27 1182 } 1592c9b223749d Tejun Heo 2016-12-27 1183 1592c9b223749d Tejun Heo 2016-12-27 1184 if (root->flags ^ opts.flags) 1592c9b223749d Tejun Heo 2016-12-27 1185 pr_warn("new mount options do not match the existing superblock, will be ignored\n"); 1592c9b223749d Tejun Heo 2016-12-27 1186 1592c9b223749d Tejun Heo 2016-12-27 1187 ret = 0; 1592c9b223749d Tejun Heo 2016-12-27 1188 goto out_unlock; 1592c9b223749d Tejun Heo 2016-12-27 1189 } 1592c9b223749d Tejun Heo 2016-12-27 1190 1592c9b223749d Tejun Heo 2016-12-27 1191 /* 1592c9b223749d Tejun Heo 2016-12-27 1192 * No such thing, create a new one. name= matching without subsys 1592c9b223749d Tejun Heo 2016-12-27 1193 * specification is allowed for already existing hierarchies but we 1592c9b223749d Tejun Heo 2016-12-27 1194 * can't create new one without subsys specification. 1592c9b223749d Tejun Heo 2016-12-27 1195 */ 1592c9b223749d Tejun Heo 2016-12-27 1196 if (!opts.subsys_mask && !opts.none) { 1592c9b223749d Tejun Heo 2016-12-27 1197 ret = -EINVAL; 1592c9b223749d Tejun Heo 2016-12-27 1198 goto out_unlock; 1592c9b223749d Tejun Heo 2016-12-27 1199 } 1592c9b223749d Tejun Heo 2016-12-27 1200 1592c9b223749d Tejun Heo 2016-12-27 1201 /* Hierarchies may only be created in the initial cgroup namespace. */ 1592c9b223749d Tejun Heo 2016-12-27 1202 if (ns != &init_cgroup_ns) { 1592c9b223749d Tejun Heo 2016-12-27 1203 ret = -EPERM; 1592c9b223749d Tejun Heo 2016-12-27 1204 goto out_unlock; 1592c9b223749d Tejun Heo 2016-12-27 1205 } 1592c9b223749d Tejun Heo 2016-12-27 1206 1592c9b223749d Tejun Heo 2016-12-27 1207 root = kzalloc(sizeof(*root), GFP_KERNEL); 1592c9b223749d Tejun Heo 2016-12-27 1208 if (!root) { 1592c9b223749d Tejun Heo 2016-12-27 1209 ret = -ENOMEM; 1592c9b223749d Tejun Heo 2016-12-27 1210 goto out_unlock; 1592c9b223749d Tejun Heo 2016-12-27 1211 } 1592c9b223749d Tejun Heo 2016-12-27 1212 1592c9b223749d Tejun Heo 2016-12-27 1213 init_cgroup_root(root, &opts); 1592c9b223749d Tejun Heo 2016-12-27 1214 8e0f48a73d274a Al Viro 2019-01-12 1215 ret = cgroup_setup_root(root, opts.subsys_mask); 1592c9b223749d Tejun Heo 2016-12-27 1216 if (ret) 1592c9b223749d Tejun Heo 2016-12-27 1217 cgroup_free_root(root); 1592c9b223749d Tejun Heo 2016-12-27 1218 1592c9b223749d Tejun Heo 2016-12-27 1219 out_unlock: 8e0f48a73d274a Al Viro 2019-01-12 @1220 if (!ret && !percpu_ref_tryget_live(&root->cgrp.self.refcnt)) { 8e0f48a73d274a Al Viro 2019-01-12 1221 mutex_unlock(&cgroup_mutex); 8e0f48a73d274a Al Viro 2019-01-12 1222 msleep(10); 8e0f48a73d274a Al Viro 2019-01-12 1223 ret = restart_syscall(); 8e0f48a73d274a Al Viro 2019-01-12 1224 goto out_free; 8e0f48a73d274a Al Viro 2019-01-12 1225 } 1592c9b223749d Tejun Heo 2016-12-27 1226 mutex_unlock(&cgroup_mutex); 1592c9b223749d Tejun Heo 2016-12-27 1227 out_free: 1592c9b223749d Tejun Heo 2016-12-27 1228 kfree(opts.release_agent); 1592c9b223749d Tejun Heo 2016-12-27 1229 kfree(opts.name); 1592c9b223749d Tejun Heo 2016-12-27 1230 1592c9b223749d Tejun Heo 2016-12-27 1231 if (ret) 1592c9b223749d Tejun Heo 2016-12-27 1232 return ERR_PTR(ret); 1592c9b223749d Tejun Heo 2016-12-27 1233 1592c9b223749d Tejun Heo 2016-12-27 1234 dentry = cgroup_do_mount(&cgroup_fs_type, flags, root, 1592c9b223749d Tejun Heo 2016-12-27 1235 CGROUP_SUPER_MAGIC, ns); 1592c9b223749d Tejun Heo 2016-12-27 1236 8e0f48a73d274a Al Viro 2019-01-12 1237 if (!IS_ERR(dentry) && percpu_ref_is_dying(&root->cgrp.self.refcnt)) { 8e0f48a73d274a Al Viro 2019-01-12 1238 struct super_block *sb = dentry->d_sb; 8e0f48a73d274a Al Viro 2019-01-12 1239 dput(dentry); 8e0f48a73d274a Al Viro 2019-01-12 1240 deactivate_locked_super(sb); 8e0f48a73d274a Al Viro 2019-01-12 1241 msleep(10); 8e0f48a73d274a Al Viro 2019-01-12 1242 dentry = ERR_PTR(restart_syscall()); 9732adc5d65202 Zefan Li 2017-04-19 1243 } 1592c9b223749d Tejun Heo 2016-12-27 1244 return dentry; 1592c9b223749d Tejun Heo 2016-12-27 1245 } 1592c9b223749d Tejun Heo 2016-12-27 1246 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected]
.config.gz
Description: application/gzip
_______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
