[PATCH 0/2] fix stale swap cache account leak in memcg v6

From: KAMEZAWA Hiroyuki
Date: Fri May 08 2009 - 01:07:29 EST

Next message: KAMEZAWA Hiroyuki: "[PATCH 1/2] add mem cgroup is activated check"
Previous message: Jarod Wilson: "[PATCH 2/2] crypto: skip algs not flagged fips_allowed in fips mode"
Next in thread: KAMEZAWA Hiroyuki: "[PATCH 1/2] add mem cgroup is activated check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

As Nishimura reported, there is a race at handling swap cache.

Typical cases are following (from Nishimura's mail)

== Type-1 ==
If some pages of processA has been swapped out, it calls free_swap_and_cache().
And if at the same time, processB is calling read_swap_cache_async() about
a swap entry *that is used by processA*, a race like below can happen.

processA | processB
-------------------------------------+-------------------------------------
(free_swap_and_cache()) | (read_swap_cache_async())
| swap_duplicate()
| __set_page_locked()
| add_to_swap_cache()
swap_entry_free() == 0 |
find_get_page() -> found |
try_lock_page() -> fail & return |
| lru_cache_add_anon()
| doesn't link this page to memcg's
| LRU, because of !PageCgroupUsed.

This type of leak can be avoided by setting /proc/sys/vm/page-cluster to 0.

== Type-2 ==
Assume processA is exiting and pte points to a page(!PageSwapCache).
And processB is trying reclaim the page.

processA | processB
-------------------------------------+-------------------------------------
(page_remove_rmap()) | (shrink_page_list())
mem_cgroup_uncharge_page() |
->uncharged because it's not |
PageSwapCache yet. |
So, both mem/memsw.usage |
are decremented. |
| add_to_swap() -> added to swap cache.

If this page goes thorough without being freed for some reason, this page
doesn't goes back to memcg's LRU because of !PageCgroupUsed.

Considering Type-1, it's better to avoid swapin-readahead when memcg is used.
swapin-readahead just read swp_entries which are near to requested entry. So,
pages not to be used can be on memory (on global LRU). When memcg is used,
this is not good behavior anyway.

Considering Type-2, the page should be freed from SwapCache right after WriteBack.
Free swapped out pages as soon as possible is a good nature to memcg, anyway.

The patch set includes followng
[1/2] add mem_cgroup_is_activated() function. which tell us memcg is _really_ used.
[2/2] fix swap cache handling.

Test result is good under my test. Nishimura, could you try ?

Thanks,
-Kame

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: KAMEZAWA Hiroyuki: "[PATCH 1/2] add mem cgroup is activated check"
Previous message: Jarod Wilson: "[PATCH 2/2] crypto: skip algs not flagged fips_allowed in fips mode"
Next in thread: KAMEZAWA Hiroyuki: "[PATCH 1/2] add mem cgroup is activated check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]