(3/6/12 9:25 PM), David Rientjes wrote:
The tasklist iteration only checks processes and avoids individual
threads so it is possible that threads that are currently exiting may not
appropriately being selected for oom kill. This can lead to negative
results such as an innocent process being killed in the interim or, in
the worst case, the machine panicking because there is nothing else to kill.
We automatically select PF_EXITING threads during the tasklist iteration,
so this saves time and prevents threads that haven't yet exited (although
their parent has been oom killed) from getting missed.
Note that by doing this we aren't actually oom killing an exiting thread
but rather giving it full access to memory reserves so it may quickly
exit and free its memory.
Signed-off-by: David Rientjes<rientjes@xxxxxxxxxx>
As far as I remembered, this idea was sometimes NAKed and you don't bring new idea here.
When exiting a process which have plenty threads, this patch allow to eat all of reserve memory
and bring us new serious failure.
Moreover, creating new thread isn't needed root privilege, then this trick can be used by attacker.
- kosaki
---
mm/oom_kill.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/mm/oom_kill.c b/mm/oom_kill.c
--- a/mm/oom_kill.c
+++ b/mm/oom_kill.c
@@ -568,11 +568,11 @@ void mem_cgroup_out_of_memory(struct mem_cgroup *memcg, gfp_t gfp_mask)
struct task_struct *p;
/*
- * If current has a pending SIGKILL, then automatically select it. The
- * goal is to allow it to allocate so that it may quickly exit and free
- * its memory.
+ * If current is exiting (or going to exit), then automatically select
+ * it. The goal is to allow it to allocate so that it may quickly exit
+ * and free its memory.
*/
- if (fatal_signal_pending(current)) {
+ if (fatal_signal_pending(current) || (current->flags& PF_EXITING)) {
set_thread_flag(TIF_MEMDIE);
return;
}
@@ -723,11 +723,11 @@ void out_of_memory(struct zonelist *zonelist, gfp_t gfp_mask,
return;
/*
- * If current has a pending SIGKILL, then automatically select it. The
- * goal is to allow it to allocate so that it may quickly exit and free
- * its memory.
+ * If current is exiting (or going to exit), then automatically select
+ * it. The goal is to allow it to allocate so that it may quickly exit
+ * and free its memory.
*/
- if (fatal_signal_pending(current)) {
+ if (fatal_signal_pending(current) || (current->flags& PF_EXITING)) {
set_thread_flag(TIF_MEMDIE);
return;
}
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email:<a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx</a>
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>