[Devel] [PATCH vz7 v2] ve/cgroup: do not link a CT cpu cgroup twice into ve_root_list
Andrey Ryabinin
aryabinin at virtuozzo.com
Wed Sep 5 17:15:45 MSK 2018
On 09/05/2018 04:30 PM, Konstantin Khorenko wrote:
> Container's cpu cgroup is linked to "ve_root_list" on CT start.
> But if someone holds CT's cpu cgroup while CT is being stopped,
> next CT start tries to create same cpu cgroup (fails, already exists)
> and links this cpu cgroup to the "ve_root_list", thus corrupting it.
>
> As a consequence calc_load_ve() goes in an endless loop.
>
> Let's check if task_group has been already linked to the list and skip
> redundant linking.
>
> Locking scheme change:
> - drop rcu for list ve_root_list, we hold spinlocks anyway
> - use "load_ve_lock" spinlock for both list add/del/iterate,
> "task_group_lock" is unrelated here
>
> How to reproduce:
>
> # vzctl start 200
> # echo $$ > /sys/fs/cgroup/cpu/machine.slice/200/tasks
> # vzctl stop 200
> // At this moment VE cgroup got destroyed, but cpu cgroup is still alive
> // and linked to "ve_root_list" list
>
> # vzctl start 200
> // double add of same tg (same cpu cgroup) to "ve_root_list" list =>
> // list corruption => endless loop in next calc_load_ve() call
>
> https://jira.sw.ru/browse/PSBM-88251
>
> Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
>
> v2 changes:
> - change locking scheme: drop rcu, use "load_ve_lock" everywhere
> - drop tg->linked field, check if linked using list_empty()
> ---
Reviewed-by: Andrey Ryabinin <aryabinin at virtuozzo.com>
More information about the Devel
mailing list