Re: can't oom-kill zap the victim's memory?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, Sep 19, 2015 at 3:24 PM, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
On Sat, Sep 19, 2015 at 8:03 AM, Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
+ +static void oom_unmap_func(struct work_struct *work) +{ + struct mm_struct *mm = xchg(&oom_unmap_mm, NULL); + + if (!atomic_inc_not_zero(&mm->mm_users)) + return; + + // If this is not safe we can do use_mm() + unuse_mm() + down_read(&mm->mmap_sem);
I don't think this is safe. What makes you sure that we might not deadlock on the mmap_sem here? For all we know, the process that is going out of memory is in the middle of a mmap(), and already holds the mmap_sem for writing. No? So at the very least that needs to be a trylock, I think. And I'm not sure zap_page_range() is ok with the mmap_sem only held for reading. Normally our rule is that you can *populate* the page tables concurrently, but you can't tear the down.

Is it also possible to have mmap fail with EINTR?  Presumably that would let a pending SIGKILL from the oom handler punch it out of the kernel and back to userspace.

Linus -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href="" email@xxxxxxxxx </a>
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]