Re: [patch for-3.5-rc1] mm, oom: fix badness score underflow

From: KOSAKI Motohiro
Date: Sat Jun 09 2012 - 18:25:40 EST

Next message: Gustavo Padovan: "pull request: bluetooth-next 2012-06-10"
Previous message: Loan Solution Team: "Loan plication"
In reply to: David Rientjes: "[patch for-3.5-rc1] mm, oom: fix badness score underflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

(6/8/12 4:21 PM), David Rientjes wrote:

If the privileges given to root threads (3% of allowable memory) or a
negative value of /proc/pid/oom_score_adj happen to exceed the amount of
rss of a thread, its badness score overflows as a result of a7f638f999ff
("mm, oom: normalize oom scores to oom_score_adj scale only for
userspace").

Fix this by making the type signed and return 1, meaning the thread is
still eligible for kill, if the value is negative.

Reported-by: Dave Jones<davej@xxxxxxxxxx>
Acked-by: Oleg Nesterov<oleg@xxxxxxxxxx>
Signed-off-by: David Rientjes<rientjes@xxxxxxxxxx>
---
mm/oom_kill.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mm/oom_kill.c b/mm/oom_kill.c
--- a/mm/oom_kill.c
+++ b/mm/oom_kill.c
@@ -183,7 +183,7 @@ static bool oom_unkillable_task(struct task_struct *p,
unsigned long oom_badness(struct task_struct *p, struct mem_cgroup *memcg,
const nodemask_t *nodemask, unsigned long totalpages)
{
- unsigned long points;
+ long points;

if (oom_unkillable_task(p, memcg, nodemask))
return 0;
@@ -223,7 +223,7 @@ unsigned long oom_badness(struct task_struct *p, struct mem_cgroup *memcg,
* Never return 0 for an eligible task regardless of the root bonus and
* oom_score_adj (oom_score_adj can't be OOM_SCORE_ADJ_MIN here).
*/
- return points ? points : 1;
+ return points> 0 ? points : 1;
}

Use long long. following line is dangerous.

points += p->signal->oom_score_adj * totalpages / 1000;

maximum oom_score_adj is 1000. then if system has >8G memory on 32bit
(i.e. LONG_MAX [pages] * 4096 [pagesize] / 1000), it might get an overflow.

Or, don't use normalized oom_score_adj. i.e, oom_score_adj_write() convert
oom_score_adj into rss based modifier.

This is oom-killer code. A micro optimization don't bring us a performance benefit.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Gustavo Padovan: "pull request: bluetooth-next 2012-06-10"
Previous message: Loan Solution Team: "Loan plication"
In reply to: David Rientjes: "[patch for-3.5-rc1] mm, oom: fix badness score underflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]