[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20111028152321.103189a2.akpm@linux-foundation.org>
Date: Fri, 28 Oct 2011 15:23:21 -0700
From: Andrew Morton <akpm@...ux-foundation.org>
To: Michal Hocko <mhocko@...e.cz>
Cc: David Rientjes <rientjes@...gle.com>,
Konstantin Khlebnikov <khlebnikov@...nvz.org>,
Oleg Nesterov <oleg@...hat.com>,
KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>,
KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>,
"Rafael J. Wysocki" <rjw@...k.pl>,
Rusty Russell <rusty@...tcorp.com.au>,
Tejun Heo <htejun@...il.com>, linux-kernel@...r.kernel.org,
linux-mm@...ck.org
Subject: Re: [PATCH 2/2] oom: do not live lock on frozen tasks
On Tue, 27 Sep 2011 10:01:47 +0200
Michal Hocko <mhocko@...e.cz> wrote:
> Konstantin Khlebnikov has reported (https://lkml.org/lkml/2011/8/23/45)
> that OOM can end up in a live lock if select_bad_process picks up a frozen
> task.
> Unfortunately we cannot mark such processes as unkillable to ignore them
> because we could panic the system even though there is a chance that
> somebody could thaw the process so we can make a forward process (e.g. a
> process from another cpuset or with a different nodemask).
>
> Let's thaw an OOM selected frozen process right after we've sent fatal
> signal from oom_kill_task.
> Thawing is safe if the frozen task doesn't access any suspended device
> (e.g. by ioctl) on the way out to the userspace where we handle the
> signal and die. Note, we are not interested in the kernel threads because
> they are not oom killable.
>
> Accessing suspended devices by a userspace processes shouldn't be an
> issue because devices are suspended only after userspace is already
> frozen and oom is disabled at that time.
>
> Other than that userspace accesses the fridge only from the
> signal handling routines so we are able to handle SIGKILL without any
> negative side effects or we always check for pending signals after
> we return from try_to_freeze (e.g. in lguest).
>
> Signed-off-by: Michal Hocko <mhocko@...e.cz>
> Reported-by: Konstantin Khlebnikov <khlebnikov@...nvz.org>
> Reviewed-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
> Acked-by: Rafael J. Wysocki <rjw@...k.pl>
> Acked-by: David Rientjes <rientjes@...gle.com>
> ---
> mm/oom_kill.c | 6 ++++++
> 1 files changed, 6 insertions(+), 0 deletions(-)
>
> diff --git a/mm/oom_kill.c b/mm/oom_kill.c
> index 626303b..c419a7e 100644
> --- a/mm/oom_kill.c
> +++ b/mm/oom_kill.c
> @@ -32,6 +32,7 @@
> #include <linux/mempolicy.h>
> #include <linux/security.h>
> #include <linux/ptrace.h>
> +#include <linux/freezer.h>
>
> int sysctl_panic_on_oom;
> int sysctl_oom_kill_allocating_task;
> @@ -451,10 +452,15 @@ static int oom_kill_task(struct task_struct *p, struct mem_cgroup *mem)
> task_pid_nr(q), q->comm);
> task_unlock(q);
> force_sig(SIGKILL, q);
> +
> + if (frozen(q))
> + thaw_process(q);
> }
>
> set_tsk_thread_flag(p, TIF_MEMDIE);
> force_sig(SIGKILL, p);
> + if (frozen(p))
> + thaw_process(p);
>
> return 0;
> }
I'm not sure this is 1000% correct. Perhaps there's a conceivable
window after the "if (frozen)" test where the task can flip itself into
the frozen state.
thaw_process() itself appears to be callable regardless of the frozen
state and will do the right thing under the right lock. So this code
would be safer, correcter and slower if it unconditionally called
thaw_process().
I'm sure it doesn't matter though ;)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists