Hi, Hugh, Hugh Dickins <[email protected]> writes:
> On Thu, 16 Feb 2017, Tim Chen wrote: >> >> > I do not understand your zest for putting wrappers around every little >> > thing, making it all harder to follow than it need be. Here's the patch >> > I've been running with (but you have a leak somewhere, and I don't have >> > time to search out and fix it: please try sustained swapping and swapoff). >> > >> >> Hugh, trying to duplicate your test case. So you were doing swapping, >> then swap off, swap on the swap device and restart swapping? > > Repeated pair of make -j20 kernel builds in 700M RAM, 1.5G swap on SSD, > 8 cpus; one of the builds in tmpfs, other in ext4 on loop on tmpfs file; > sizes tuned for plenty of swapping but no OOMing (it's an ancient 2.6.24 > kernel I build, modern one needing a lot more space with a lot less in use). > > How much of that is relevant I don't know: hopefully none of it, it's > hard to get the tunings right from scratch. To answer your specific > question: yes, I'm not doing concurrent swapoffs in this test showing > the leak, just waiting for each of the pair of builds to complete, > then tearing down the trees, doing swapoff followed by swapon, and > starting a new pair of builds. > > Sometimes it's the swapoff that fails with ENOMEM, more often it's a > fork during build that fails with ENOMEM: after 6 or 7 hours of load > (but timings show it getting slower leading up to that). /proc/meminfo > did not give me an immediate clue, Slab didn't look surprising but > I may not have studied close enough. > > I quilt-bisected it as far as the mm-swap series, good before, bad > after, but didn't manage to narrow it down further because of hitting > a presumably different issue inside the series, where swapoff ENOMEMed > much sooner (after 25 mins one time, during first iteration the next). I found a memory leak in __read_swap_cache_async() introduced by mm-swap series, and confirmed it via testing. Could you verify whether it fixed your cases? Thanks a lot for reporting. Best Regards, Huang, Ying -------------------------------------------------------------------------> >From 4b96423796ab7435104eb2cb4dcf5d525b9e0800 Mon Sep 17 00:00:00 2001 From: Huang Ying <[email protected]> Date: Fri, 17 Feb 2017 10:31:37 +0800 Subject: [PATCH] mm, swap: Fix memory leak in __read_swap_cache_async() The memory may be leaked in __read_swap_cache_async(). For the cases as below, CPU 0 CPU 1 ----- ----- find_get_page() == NULL __swp_swapcount() != 0 new_page = alloc_page_vma() radix_tree_maybe_preload() swap in swap slot swapcache_prepare() == -EEXIST cond_resched() reclaim the swap slot find_get_page() == NULL __swp_swapcount() == 0 return NULL <- new_page leaked here !!! The memory leak has been confirmed via checking the value of new_page when returning inside the loop in __read_swap_cache_async(). This is fixed via replacing return with break inside of loop in __read_swap_cache_async(), so that there is opportunity for the new_page to be checked and freed. Reported-by: Hugh Dickins <[email protected]> Cc: Tim Chen <[email protected]> Signed-off-by: "Huang, Ying" <[email protected]> --- mm/swap_state.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/swap_state.c b/mm/swap_state.c index 2126e9ba23b2..473b71e052a8 100644 --- a/mm/swap_state.c +++ b/mm/swap_state.c @@ -333,7 +333,7 @@ struct page *__read_swap_cache_async(swp_entry_t entry, gfp_t gfp_mask, * else swap_off will be aborted if we return NULL. */ if (!__swp_swapcount(entry) && swap_slot_cache_enabled) - return NULL; + break; /* * Get a new page to read into from swap. -- 2.11.0
