Andrew Morton wrote:
> On Mon, 6 Jun 2016 14:13:40 -0700 Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> > On Sat, 4 Jun 2016 16:19:19 +0900 Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote:
> >
> > > Since commit 36324a990cf578b5 ("oom: clear TIF_MEMDIE after oom_reaper
> > > managed to unmap the address space") changed to use find_lock_task_mm()
> > > for finding a mm_struct to reap, it is guaranteed that mm->mm_users > 0
> > > because find_lock_task_mm() returns a task_struct with ->mm != NULL.
> > > Therefore, we can safely use atomic_inc().
> > >
> > > ...
> > >
> > > --- a/mm/oom_kill.c
> > > +++ b/mm/oom_kill.c
> > > @@ -474,13 +474,8 @@ static bool __oom_reap_task(struct task_struct *tsk)
> > > p = find_lock_task_mm(tsk);
> > > if (!p)
> > > goto unlock_oom;
> > > -
> > > mm = p->mm;
> > > - if (!atomic_inc_not_zero(&mm->mm_users)) {
> > > - task_unlock(p);
> > > - goto unlock_oom;
> > > - }
> > > -
> > > + atomic_inc(&mm->mm_users);
> > > task_unlock(p);
> > >
> > > if (!down_read_trylock(&mm->mmap_sem)) {
> >
> > In an off-list email (please don't do that!) you asked me to replace
> > mmoom_reaper-dont-call-mmput_async-without-atomic_inc_not_zero.patch
> > with this above patch.
> >
> > But the
> > mmoom_reaper-dont-call-mmput_async-without-atomic_inc_not_zero.patch
> > changelog is pretty crappy:
> >
> > : Commit e2fe14564d3316d1 ("oom_reaper: close race with exiting task")
> > : reduced frequency of needlessly selecting next OOM victim, but was
> > : calling mmput_async() when atomic_inc_not_zero() failed.
> >
> > because it doesn't explain that the patch potentially fixes a kernel
> > crash.
> >
> > And the changelog for this above patch is similarly crappy - it fails
> > to described the end-user visible effects of the bug which is being
> > fixed. Please *always* do this. Always always always.
> >
> > Please send me a complete changelog for this patch, thanks.
>
> Ping? Can we have a better changelog on this one?
>
> That changelog will help us to decide whether to backport this into
> 4.6.x.
>
No need to backport. There was no possibility of kernel crash from the
beginning. What I thought it might cause a problem did not exist.
We just forgot to convert atomic_inc_not_zero() to atomic_inc().
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>