From: Andrew Morton <akpm@linux-foundation.org>
To: Frederic Weisbecker <fweisbec@gmail.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
Paul Menage <paul@paulmenage.org>, Li Zefan <lizf@cn.fujitsu.com>,
Johannes Weiner <hannes@cmpxchg.org>,
Aditya Kali <adityakali@google.com>,
Oleg Nesterov <oleg@redhat.com>,
Kay Sievers <kay.sievers@vrfy.org>,
Tim Hockin <thockin@hockin.org>, Tejun Heo <tj@kernel.org>
Subject: Re: [PATCH 08/12] cgroups: Pull up res counter charge failure interpretation to caller
Date: Fri, 9 Sep 2011 08:17:11 -0700 [thread overview]
Message-ID: <20110909081711.d2420255.akpm@linux-foundation.org> (raw)
In-Reply-To: <20110909133316.GB14072@somewhere.redhat.com>
On Fri, 9 Sep 2011 15:33:20 +0200 Frederic Weisbecker <fweisbec@gmail.com> wrote:
> On Tue, Sep 06, 2011 at 03:26:50PM -0700, Andrew Morton wrote:
> > On Tue, 6 Sep 2011 02:13:02 +0200
> > Frederic Weisbecker <fweisbec@gmail.com> wrote:
> >
> > > res_counter_charge() always returns -ENOMEM when the limit is reached
> > > and the charge thus can't happen.
> > >
> > > However it's up to the caller to interpret this failure and return
> > > the appropriate error value. The task counter subsystem will need
> > > to report the user that a fork() has been cancelled because of some
> > > limit reached, not because we are too short on memory.
> > >
> > > Fix this by returning -1 when res_counter_charge() fails.
> > >
> > > Signed-off-by: Frederic Weisbecker <fweisbec@gmail.com>
> > > Cc: Paul Menage <paul@paulmenage.org>
> > > Cc: Li Zefan <lizf@cn.fujitsu.com>
> > > Cc: Johannes Weiner <hannes@cmpxchg.org>
> > > Cc: Aditya Kali <adityakali@google.com>
> > > Cc: Oleg Nesterov <oleg@redhat.com>
> > > Cc: Andrew Morton <akpm@linux-foundation.org>
> > > Cc: Kay Sievers <kay.sievers@vrfy.org>
> > > Cc: Tim Hockin <thockin@hockin.org>
> > > Cc: Tejun Heo <tj@kernel.org>
> > > ---
> > > kernel/res_counter.c | 2 +-
> > > 1 files changed, 1 insertions(+), 1 deletions(-)
> > >
> > > diff --git a/kernel/res_counter.c b/kernel/res_counter.c
> > > index 4aaa790..45fa6fb 100644
> > > --- a/kernel/res_counter.c
> > > +++ b/kernel/res_counter.c
> > > @@ -26,7 +26,7 @@ int res_counter_charge_locked(struct res_counter *counter, unsigned long val)
> > > {
> > > if (counter->usage + val > counter->limit) {
> > > counter->failcnt++;
> > > - return -ENOMEM;
> > > + return -1;
> > > }
> > >
> > > counter->usage += val;
> >
> > This also affects the return value of your new and undocumented
> > res_counter_charge_until().
> >
> > That's a bit of a hand-grenade which could lead to system calls
> > returning -1 (ie: EPERM) to userspace.
>
> Right. What about making it a boolean?
mmm, not sure. 0/-1 is a reasonable return value for a function which
either did or didn't succeed. Adding appropriate interface
documentation is a way of reducing the opportunity for making this mistake.
next prev parent reply other threads:[~2011-09-09 15:13 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-06 0:12 [PATCH 00/12 v4][RESEND] cgroups: Task counter subsystem Frederic Weisbecker
2011-09-06 0:12 ` [PATCH 01/12] cgroups: Add res_counter_write_u64() API Frederic Weisbecker
2011-09-06 0:12 ` [PATCH 02/12] cgroups: New resource counter inheritance API Frederic Weisbecker
2011-09-06 22:17 ` Andrew Morton
2011-09-08 13:25 ` Frederic Weisbecker
2011-09-06 0:12 ` [PATCH 03/12] cgroups: Add previous cgroup in can_attach_task/attach_task callbacks Frederic Weisbecker
2011-09-06 0:12 ` [PATCH 04/12] cgroups: New cancel_attach_task subsystem callback Frederic Weisbecker
2011-09-06 0:12 ` [PATCH 05/12] cgroups: Ability to stop res charge propagation on bounded ancestor Frederic Weisbecker
2011-09-06 0:13 ` [PATCH 06/12] cgroups: Add res counter common ancestor searching Frederic Weisbecker
2011-09-06 22:21 ` Andrew Morton
2011-09-09 12:31 ` Frederic Weisbecker
2011-09-06 0:13 ` [PATCH 07/12] res_counter: Allow charge failure pointer to be null Frederic Weisbecker
2011-09-06 0:13 ` [PATCH 08/12] cgroups: Pull up res counter charge failure interpretation to caller Frederic Weisbecker
2011-09-06 22:26 ` Andrew Morton
2011-09-09 13:33 ` Frederic Weisbecker
2011-09-09 15:17 ` Andrew Morton [this message]
2011-09-06 0:13 ` [PATCH 09/12] cgroups: Add a task counter subsystem Frederic Weisbecker
2011-09-06 22:40 ` Andrew Morton
2011-09-13 15:13 ` Frederic Weisbecker
2011-09-06 0:13 ` [PATCH 10/12] cgroups: Add documentation for " Frederic Weisbecker
2011-09-06 22:41 ` Andrew Morton
2011-09-13 17:35 ` Frederic Weisbecker
2011-09-06 0:13 ` [RFC PATCH 11/12] cgroups: Allow subsystems to cancel a fork Frederic Weisbecker
2011-09-15 21:09 ` Andrew Morton
2011-10-01 15:29 ` Frederic Weisbecker
2011-09-06 0:13 ` [RFC PATCH 12/12] cgroups: Convert task counter to use the subsys fork callback Frederic Weisbecker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110909081711.d2420255.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=adityakali@google.com \
--cc=fweisbec@gmail.com \
--cc=hannes@cmpxchg.org \
--cc=kay.sievers@vrfy.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lizf@cn.fujitsu.com \
--cc=oleg@redhat.com \
--cc=paul@paulmenage.org \
--cc=thockin@hockin.org \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.