From: Andrew Morton <akpm@linux-foundation.org>
To: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>,
cl@linux-foundation.org, lee.schermerhorn@hp.com,
rientjes@google.com, Hugh Dickins <hugh.dickins@tiscali.co.uk>,
Rik van Riel <riel@redhat.com>,
Minchan Kim <minchan.kim@gmail.com>,
Andrea Arcangeli <aarcange@redhat.com>,
"David S. Miller" <davem@davemloft.net>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
Troels Liebe Bentsen <tlb@rapanden.dk>,
linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH] exit: fix oops in sync_mm_rss
Date: Tue, 30 Mar 2010 17:37:21 -0400 [thread overview]
Message-ID: <20100330173721.cbd442cb.akpm@linux-foundation.org> (raw)
In-Reply-To: <20100331092815.c8b9d89c.kamezawa.hiroyu@jp.fujitsu.com>
On Wed, 31 Mar 2010 09:28:15 +0900 KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> wrote:
> On Tue, 30 Mar 2010 13:56:34 -0700
> Andrew Morton <akpm@linux-foundation.org> wrote:
>
> > That new BUG_ON() is triggering in Troels's machine when a bluetooth
> > keyboard is enabled or disabled. See
> > (https://bugzilla.kernel.org/show_bug.cgi?id=15648.
> >
> > I guess the question is: how did a kernel thread get a non-zero
> > task->rss_stat.count[i]? If that's expected and OK then we will need
> > to take some kernel-thread-avoidance action there.
> >
> It seems my fault that it's not initialized to be 0 at do_fork(), copy_process.
>
> About do_exit, do_exit() does this check. So, tsk->mm can be NULL.
>
> 949 if (group_dead) {
> 950 hrtimer_cancel(&tsk->signal->real_timer);
> 951 exit_itimers(tsk->signal);
> 952 if (tsk->mm)
> 953 setmax_mm_hiwater_rss(&tsk->signal->maxrss, tsk->mm);
> 954 }
>
> > Could whoever fixes this please also make __sync_task_rss_stat()
> > static.
> >
> Ah, yes. I should do so.
>
> > I'll toss this over to Rafael/Maciej for tracking as a post-2.6.33
> > regression.
> >
> > Thanks.
> >
>
>
> ==
>
> task->rss_stat wasn't initialized to 0 at copy_process().
> at exit, tsk->mm may be NULL.
> And __sync_task_rss_stat() should be static.
>
> Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
> ---
> kernel/exit.c | 3 ++-
> kernel/fork.c | 3 +++
> mm/memory.c | 2 +-
> 3 files changed, 6 insertions(+), 2 deletions(-)
>
> Index: mmotm-2.6.34-Mar24/kernel/exit.c
> ===================================================================
> --- mmotm-2.6.34-Mar24.orig/kernel/exit.c
> +++ mmotm-2.6.34-Mar24/kernel/exit.c
> @@ -950,7 +950,8 @@ NORET_TYPE void do_exit(long code)
>
> acct_update_integrals(tsk);
> /* sync mm's RSS info before statistics gathering */
> - sync_mm_rss(tsk, tsk->mm);
> + if (tsk->mm)
> + sync_mm_rss(tsk, tsk->mm);
> group_dead = atomic_dec_and_test(&tsk->signal->live);
> if (group_dead) {
> hrtimer_cancel(&tsk->signal->real_timer);
> Index: mmotm-2.6.34-Mar24/mm/memory.c
> ===================================================================
> --- mmotm-2.6.34-Mar24.orig/mm/memory.c
> +++ mmotm-2.6.34-Mar24/mm/memory.c
> @@ -124,7 +124,7 @@ core_initcall(init_zero_pfn);
>
> #if defined(SPLIT_RSS_COUNTING)
>
> -void __sync_task_rss_stat(struct task_struct *task, struct mm_struct *mm)
> +static void __sync_task_rss_stat(struct task_struct *task, struct mm_struct *mm)
> {
> int i;
>
> Index: mmotm-2.6.34-Mar24/kernel/fork.c
> ===================================================================
> --- mmotm-2.6.34-Mar24.orig/kernel/fork.c
> +++ mmotm-2.6.34-Mar24/kernel/fork.c
> @@ -1060,6 +1060,9 @@ static struct task_struct *copy_process(
> p->prev_utime = cputime_zero;
> p->prev_stime = cputime_zero;
> #endif
> +#if defined(SPLIT_RSS_COUNTING)
> + memset(&p->rss_stat, 0, sizeof(p->rss_stat));
> +#endif
>
> p->default_timer_slack_ns = current->timer_slack_ns;
OK, so the kenrel thread inherited a non-zero rss_stat from a userspace
parent?
With this fixed, the test for non-zero tsk->mm is't really needed in
do_exit(), is it? I guess it makes sense though - sync_mm_rss() only
really works for kernel threads by luck..
WARNING: multiple messages have this Message-ID (diff)
From: Andrew Morton <akpm@linux-foundation.org>
To: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>,
cl@linux-foundation.org, lee.schermerhorn@hp.com,
rientjes@google.com, Hugh Dickins <hugh.dickins@tiscali.co.uk>,
Rik van Riel <riel@redhat.com>,
Minchan Kim <minchan.kim@gmail.com>,
Andrea Arcangeli <aarcange@redhat.com>,
"David S. Miller" <davem@davemloft.net>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
Troels Liebe Bentsen <tlb@rapanden.dk>,
linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH] exit: fix oops in sync_mm_rss
Date: Tue, 30 Mar 2010 17:37:21 -0400 [thread overview]
Message-ID: <20100330173721.cbd442cb.akpm@linux-foundation.org> (raw)
In-Reply-To: <20100331092815.c8b9d89c.kamezawa.hiroyu@jp.fujitsu.com>
On Wed, 31 Mar 2010 09:28:15 +0900 KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> wrote:
> On Tue, 30 Mar 2010 13:56:34 -0700
> Andrew Morton <akpm@linux-foundation.org> wrote:
>
> > That new BUG_ON() is triggering in Troels's machine when a bluetooth
> > keyboard is enabled or disabled. See
> > (https://bugzilla.kernel.org/show_bug.cgi?id=15648.
> >
> > I guess the question is: how did a kernel thread get a non-zero
> > task->rss_stat.count[i]? If that's expected and OK then we will need
> > to take some kernel-thread-avoidance action there.
> >
> It seems my fault that it's not initialized to be 0 at do_fork(), copy_process.
>
> About do_exit, do_exit() does this check. So, tsk->mm can be NULL.
>
> 949 if (group_dead) {
> 950 hrtimer_cancel(&tsk->signal->real_timer);
> 951 exit_itimers(tsk->signal);
> 952 if (tsk->mm)
> 953 setmax_mm_hiwater_rss(&tsk->signal->maxrss, tsk->mm);
> 954 }
>
> > Could whoever fixes this please also make __sync_task_rss_stat()
> > static.
> >
> Ah, yes. I should do so.
>
> > I'll toss this over to Rafael/Maciej for tracking as a post-2.6.33
> > regression.
> >
> > Thanks.
> >
>
>
> ==
>
> task->rss_stat wasn't initialized to 0 at copy_process().
> at exit, tsk->mm may be NULL.
> And __sync_task_rss_stat() should be static.
>
> Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
> ---
> kernel/exit.c | 3 ++-
> kernel/fork.c | 3 +++
> mm/memory.c | 2 +-
> 3 files changed, 6 insertions(+), 2 deletions(-)
>
> Index: mmotm-2.6.34-Mar24/kernel/exit.c
> ===================================================================
> --- mmotm-2.6.34-Mar24.orig/kernel/exit.c
> +++ mmotm-2.6.34-Mar24/kernel/exit.c
> @@ -950,7 +950,8 @@ NORET_TYPE void do_exit(long code)
>
> acct_update_integrals(tsk);
> /* sync mm's RSS info before statistics gathering */
> - sync_mm_rss(tsk, tsk->mm);
> + if (tsk->mm)
> + sync_mm_rss(tsk, tsk->mm);
> group_dead = atomic_dec_and_test(&tsk->signal->live);
> if (group_dead) {
> hrtimer_cancel(&tsk->signal->real_timer);
> Index: mmotm-2.6.34-Mar24/mm/memory.c
> ===================================================================
> --- mmotm-2.6.34-Mar24.orig/mm/memory.c
> +++ mmotm-2.6.34-Mar24/mm/memory.c
> @@ -124,7 +124,7 @@ core_initcall(init_zero_pfn);
>
> #if defined(SPLIT_RSS_COUNTING)
>
> -void __sync_task_rss_stat(struct task_struct *task, struct mm_struct *mm)
> +static void __sync_task_rss_stat(struct task_struct *task, struct mm_struct *mm)
> {
> int i;
>
> Index: mmotm-2.6.34-Mar24/kernel/fork.c
> ===================================================================
> --- mmotm-2.6.34-Mar24.orig/kernel/fork.c
> +++ mmotm-2.6.34-Mar24/kernel/fork.c
> @@ -1060,6 +1060,9 @@ static struct task_struct *copy_process(
> p->prev_utime = cputime_zero;
> p->prev_stime = cputime_zero;
> #endif
> +#if defined(SPLIT_RSS_COUNTING)
> + memset(&p->rss_stat, 0, sizeof(p->rss_stat));
> +#endif
>
> p->default_timer_slack_ns = current->timer_slack_ns;
OK, so the kenrel thread inherited a non-zero rss_stat from a userspace
parent?
With this fixed, the test for non-zero tsk->mm is't really needed in
do_exit(), is it? I guess it makes sense though - sync_mm_rss() only
really works for kernel threads by luck..
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2010-03-31 0:40 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-16 17:08 [PATCH] exit: fix oops in sync_mm_rss Michael S. Tsirkin
2010-03-16 17:08 ` Michael S. Tsirkin
2010-03-16 17:51 ` Andrea Arcangeli
2010-03-16 17:51 ` Andrea Arcangeli
2010-03-16 17:52 ` Rik van Riel
2010-03-16 17:52 ` Rik van Riel
2010-03-16 23:41 ` KAMEZAWA Hiroyuki
2010-03-16 23:41 ` KAMEZAWA Hiroyuki
2010-03-17 2:26 ` Minchan Kim
2010-03-17 2:26 ` Minchan Kim
2010-03-30 20:56 ` Andrew Morton
2010-03-30 20:56 ` Andrew Morton
2010-03-31 0:28 ` KAMEZAWA Hiroyuki
2010-03-31 0:28 ` KAMEZAWA Hiroyuki
2010-03-30 21:37 ` Andrew Morton [this message]
2010-03-30 21:37 ` Andrew Morton
2010-03-31 0:41 ` KAMEZAWA Hiroyuki
2010-03-31 0:41 ` KAMEZAWA Hiroyuki
2010-03-30 22:22 ` Andrew Morton
2010-03-30 22:22 ` Andrew Morton
2010-03-31 1:27 ` KAMEZAWA Hiroyuki
2010-03-31 1:27 ` KAMEZAWA Hiroyuki
2010-03-31 2:53 ` Minchan Kim
2010-03-31 2:53 ` Minchan Kim
2010-03-31 0:03 ` Andrew Morton
2010-03-31 0:03 ` Andrew Morton
2010-03-31 3:11 ` KAMEZAWA Hiroyuki
2010-03-31 3:11 ` KAMEZAWA Hiroyuki
2010-03-31 1:57 ` Minchan Kim
2010-03-31 1:57 ` Minchan Kim
2010-03-31 2:12 ` KAMEZAWA Hiroyuki
2010-03-31 2:12 ` KAMEZAWA Hiroyuki
2010-03-31 2:48 ` Minchan Kim
2010-03-31 2:48 ` Minchan Kim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100330173721.cbd442cb.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=aarcange@redhat.com \
--cc=cl@linux-foundation.org \
--cc=davem@davemloft.net \
--cc=hugh.dickins@tiscali.co.uk \
--cc=kamezawa.hiroyu@jp.fujitsu.com \
--cc=lee.schermerhorn@hp.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=minchan.kim@gmail.com \
--cc=mst@redhat.com \
--cc=riel@redhat.com \
--cc=rientjes@google.com \
--cc=tlb@rapanden.dk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.