On 2017/10/05 16:57, Michal Hocko wrote: > On Wed 04-10-17 19:18:21, Johannes Weiner wrote: >> On Wed, Oct 04, 2017 at 03:32:45PM -0700, Andrew Morton wrote: > [...] >>> You don't think they should be backported into -stables? >> >> Good point. For this one, it makes sense to CC stable, for 4.11 and >> up. The second patch is more of a fortification against potential >> future issues, and probably shouldn't go into stable. > > I am not against. It is true that the memory reserves depletion fix was > theoretical because I haven't seen any real life bug. I would argue that > the more robust allocation failure behavior is a stable candidate as > well, though, because the allocation can fail regardless of the vmalloc > revert. It is less likely but still possible. > I don't want this patch backported. If you want to backport, "s/fatal_signal_pending/tsk_is_oom_victim/" is the safer way. On 2017/10/04 17:33, Michal Hocko wrote: > Now that we have cd04ae1e2dc8 ("mm, oom: do not rely on TIF_MEMDIE for > memory reserves access") the risk of the memory depletion is much > smaller so reverting the above commit should be acceptable. Are you aware that stable kernels do not have cd04ae1e2dc8 ? We added fatal_signal_pending() check inside read()/write() loop because one read()/write() request could consume 2GB of kernel memory. What if there is a kernel module which uses vmalloc(1GB) from some ioctl() for legitimate reason? You are going to allow such vmalloc() calls to deplete memory reserves completely. On 2017/10/05 8:21, Johannes Weiner wrote: > Generally, we should leave it to the page allocator to handle memory > reserves, not annotate random alloc_page() callsites. I disagree. Interrupting the loop as soon as possible is preferable. Since we don't have __GFP_KILLABLE, we had to do fatal_signal_pending() check inside read()/write() loop. Since vmalloc() resembles read()/write() in a sense that it can consume GB of memory, it is pointless to expect the caller of vmalloc() to check tsk_is_oom_victim(). Again, checking tsk_is_oom_victim() inside vmalloc() loop is the better. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a>