drop_slab_node() is called as part of echo 2>/proc/sys/vm/drop_caches
operation. It iterates over all memcgs and calls shrink_slab() which in turn
iterates over all slab shrinkers. Freed objects are counted and as long as the
total number of freed objects from all memcgs and shrinkers is higher than 10,
drop_slab_node() loops for another full memcgs*shrinkers iteration.
This arbitrary constant threshold of 10 can result in effectively an infinite
loop on a system with large number of memcgs and/or parallel activity that
allocates new objects. This has been reported previously by Chunxin Zang [1]
and recently by our customer.
The previous report [1] has resulted in commit 069c411de40a ("mm/vmscan: fix
infinite loop in drop_slab_node") which added a check for signals allowing the
user to terminate the command writing to drop_caches. At the time it was also
considered to make the threshold grow with each iteration to guarantee
termination, but such patch hasn't been formally proposed yet.
This patch implements the dynamically growing threshold. At first iteration
it's enough to free one object to continue, and this threshold effectively
doubles with each iteration. Our customer's feedback was positive.
There is always a risk that this change will result on some system in a
previously terminating drop_caches operation to terminate sooner and free fewer
objects. Ideally the semantics would guarantee freeing all freeable objects
that existed at the moment of starting the operation, while not looping forever
for newly allocated objects, but that's not feasible to track. In the less
ideal solution based on thresholds, arguably the termination guarantee is more
important than the exhaustiveness guarantee. If there are reports of large
regression wrt being exhaustive, we can tune how fast the threshold grows.
[1] https://lore.kernel.org/lkml/20200909152047.27905-1-zangchunxin@xxxxxxxxxxxxx/T/#u
Reported-by: Chunxin Zang <zangchunxin@xxxxxxxxxxxxx>
Signed-off-by: Vlastimil Babka <vbabka@xxxxxxx>
---
mm/vmscan.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/vmscan.c b/mm/vmscan.c
index 403a175a720f..ef3554314b47 100644
--- a/mm/vmscan.c
+++ b/mm/vmscan.c
@@ -936,6 +936,7 @@ static unsigned long shrink_slab(gfp_t gfp_mask, int nid,
void drop_slab_node(int nid)
{
unsigned long freed;
+ int shift = 0;
do {
struct mem_cgroup *memcg = NULL;
@@ -948,7 +949,7 @@ void drop_slab_node(int nid)
do {
freed += shrink_slab(GFP_KERNEL, nid, memcg, 0);
} while ((memcg = mem_cgroup_iter(NULL, memcg, NULL)) != NULL);
- } while (freed > 10);
+ } while ((freed >> shift++) > 0);
}
void drop_slab(void)
--
2.32.0
