Hello.Before this commit, percpu_ref is embedded in cgroup, it can be freed along with cgroup, so there is no memory leak. Since this commit, it causes the memory leak.
On Thu, Oct 07, 2021 at 08:16:03PM +0800, quanyang.wang@xxxxxxxxxxxxx wrote:
This is because that root_cgrp->bpf.refcnt.data is allocated by the
function percpu_ref_init in cgroup_bpf_inherit which is called by
cgroup_setup_root when mounting, but not freed along with root_cgrp
when umounting.
Good catch!
Adding cgroup_bpf_offline which calls percpu_ref_kill to
cgroup_kill_sb can free root_cgrp->bpf.refcnt.data in umount path.
That is sensible.
Fixes: 2b0d3d3e4fcfb ("percpu_ref: reduce memory footprint of percpu_ref in fast path")
Why this Fixes:? Is the leak absent before the percpu_ref refactoring?
I guess the embedded data are free'd together with cgroup. Makes meThanks for pointing it out. I will send a V2 to fix this.
wonder why struct cgroup_bpf has a separate percpu_ref counter from
struct cgroup...
+++ b/kernel/cgroup/cgroup.c
@@ -2147,8 +2147,10 @@ static void cgroup_kill_sb(struct super_block *sb)
* And don't kill the default root.
*/
if (list_empty(&root->cgrp.self.children) && root != &cgrp_dfl_root &&
- !percpu_ref_is_dying(&root->cgrp.self.refcnt))
+ !percpu_ref_is_dying(&root->cgrp.self.refcnt)) {
+ cgroup_bpf_offline(&root->cgrp);
(You made some unnecessary whitespace here breaking indention :-)
percpu_ref_kill(&root->cgrp.self.refcnt);
+ }
cgroup_put(&root->cgrp);
kernfs_kill_sb(sb);
}