Re: mm, oom_reaper: How to handle race with oom_killer_disable() ?

From: Michal Hocko
Date: Mon Jun 13 2016 - 07:19:50 EST

Next message: Michal Hocko: "Re: [PATCH 0/10 -v4] Handle oom bypass more gracefully"
Previous message: Robin Murphy: "Re: [PATCH] iommu/arm-smmu: request pcie devices to enable ACS"
In reply to: Tetsuo Handa: "mm, oom_reaper: How to handle race with oom_killer_disable() ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri 10-06-16 23:23:36, Tetsuo Handa wrote:
[...]
> (1) freeze_processes() starts freezing user space threads.
> (2) Somebody (maybe a kenrel thread) calls out_of_memory().
> (3) The OOM killer calls mark_oom_victim() on a user space thread
> P1 which is already in __refrigerator().
> (4) oom_killer_disable() sets oom_killer_disabled = true.
> (5) P1 leaves __refrigerator() and enters do_exit().
> (6) The OOM reaper calls exit_oom_victim(P1) before P1 can call
> exit_oom_victim(P1).
> (7) oom_killer_disable() returns while P1 is not yet frozen
> again (i.e. not yet marked as PF_FROZEN).
> (8) P1 perform IO/interfere with the freezer.

You are right. I missed that kernel threads are still alive when writing
e26796066fdf929c ("oom: make oom_reaper freezable").

I am trying to remember why we are disabling oom killer before kernel
threads are frozen but not really sure about that right away. I guess it
has something to do with freeze_kernel_threads being called from
different contexts as well so freeze_processes was just more convinient
and was OK for correctness at the time.

> try_to_freeze_tasks(false) from freeze_kernel_threads() will freeze
> P1 again, but it seems to me that freeze_kernel_threads() is not
> always called when freeze_processes() suceeded.
>
> Therefore, we need to do like
>
> - exit_oom_victim(tsk);
> + mutex_lock(&oom_lock);
> + if (!oom_killer_disabled)
> + exit_oom_victim(tsk);
> + mutex_unlock(&oom_lock);
>
> in oom_reap_task(), don't we?

I do not like this very much. I would rather make sure that all
freezable kernel threads are frozen when disabling the oom killer.

[...]

> But we might be able to do like below patch rather than above patch.
> If below approach is OK, "[PATCH 10/10] mm, oom: hide mm which is shared
> with kthread or global init" will be able to call exit_oom_victim() when
> can_oom_reap became false.

I believe this is not really needed. I will follow up on the 10/10
later.
--
Michal Hocko
SUSE Labs

Next message: Michal Hocko: "Re: [PATCH 0/10 -v4] Handle oom bypass more gracefully"
Previous message: Robin Murphy: "Re: [PATCH] iommu/arm-smmu: request pcie devices to enable ACS"
In reply to: Tetsuo Handa: "mm, oom_reaper: How to handle race with oom_killer_disable() ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]