1 /* 2 * linux/mm/oom_kill.c 3 * 4 * Copyright (C) 1998,2000 Rik van Riel 5 * Thanks go out to Claus Fischer for some serious inspiration and 6 * for goading me into coding this file... 7 * Copyright (C) 2010 Google, Inc. 8 * Rewritten by David Rientjes 9 * 10 * The routines in this file are used to kill a process when 11 * we're seriously out of memory. This gets called from __alloc_pages() 12 * in mm/page_alloc.c when we really run out of memory. 13 * 14 * Since we won't call these routines often (on a well-configured 15 * machine) this file will double as a 'coding guide' and a signpost 16 * for newbie kernel hackers. It features several pointers to major 17 * kernel subsystems and hints as to where to find out what things do. 18 */ 19 20 #include <linux/oom.h> 21 #include <linux/mm.h> 22 #include <linux/err.h> 23 #include <linux/gfp.h> 24 #include <linux/sched.h> 25 #include <linux/swap.h> 26 #include <linux/timex.h> 27 #include <linux/jiffies.h> 28 #include <linux/cpuset.h> 29 #include <linux/export.h> 30 #include <linux/notifier.h> 31 #include <linux/memcontrol.h> 32 #include <linux/mempolicy.h> 33 #include <linux/security.h> 34 #include <linux/ptrace.h> 35 #include <linux/freezer.h> 36 #include <linux/ftrace.h> 37 #include <linux/ratelimit.h> 38 #include <linux/kthread.h> 39 #include <linux/init.h> 40 41 #include <asm/tlb.h> 42 #include "internal.h" 43 44 #define CREATE_TRACE_POINTS 45 #include <trace/events/oom.h> 46 47 int sysctl_panic_on_oom; 48 int sysctl_oom_kill_allocating_task; 49 int sysctl_oom_dump_tasks = 1; 50 51 DEFINE_MUTEX(oom_lock); 52 53 #ifdef CONFIG_NUMA 54 /** 55 * has_intersects_mems_allowed() - check task eligiblity for kill 56 * @start: task struct of which task to consider 57 * @mask: nodemask passed to page allocator for mempolicy ooms 58 * 59 * Task eligibility is determined by whether or not a candidate task, @tsk, 60 * shares the same mempolicy nodes as current if it is bound by such a policy 61 * and whether or not it has the same set of allowed cpuset nodes. 62 */ 63 static bool has_intersects_mems_allowed(struct task_struct *start, 64 const nodemask_t *mask) 65 { 66 struct task_struct *tsk; 67 bool ret = false; 68 69 rcu_read_lock(); 70 for_each_thread(start, tsk) { 71 if (mask) { 72 /* 73 * If this is a mempolicy constrained oom, tsk's 74 * cpuset is irrelevant. Only return true if its 75 * mempolicy intersects current, otherwise it may be 76 * needlessly killed. 77 */ 78 ret = mempolicy_nodemask_intersects(tsk, mask); 79 } else { 80 /* 81 * This is not a mempolicy constrained oom, so only 82 * check the mems of tsk's cpuset. 83 */ 84 ret = cpuset_mems_allowed_intersects(current, tsk); 85 } 86 if (ret) 87 break; 88 } 89 rcu_read_unlock(); 90 91 return ret; 92 } 93 #else 94 static bool has_intersects_mems_allowed(struct task_struct *tsk, 95 const nodemask_t *mask) 96 { 97 return true; 98 } 99 #endif /* CONFIG_NUMA */ 100 101 /* 102 * The process p may have detached its own ->mm while exiting or through 103 * use_mm(), but one or more of its subthreads may still have a valid 104 * pointer. Return p, or any of its subthreads with a valid ->mm, with 105 * task_lock() held. 106 */ 107 struct task_struct *find_lock_task_mm(struct task_struct *p) 108 { 109 struct task_struct *t; 110 111 rcu_read_lock(); 112 113 for_each_thread(p, t) { 114 task_lock(t); 115 if (likely(t->mm)) 116 goto found; 117 task_unlock(t); 118 } 119 t = NULL; 120 found: 121 rcu_read_unlock(); 122 123 return t; 124 } 125 126 /* 127 * order == -1 means the oom kill is required by sysrq, otherwise only 128 * for display purposes. 129 */ 130 static inline bool is_sysrq_oom(struct oom_control *oc) 131 { 132 return oc->order == -1; 133 } 134 135 /* return true if the task is not adequate as candidate victim task. */ 136 static bool oom_unkillable_task(struct task_struct *p, 137 struct mem_cgroup *memcg, const nodemask_t *nodemask) 138 { 139 if (is_global_init(p)) 140 return true; 141 if (p->flags & PF_KTHREAD) 142 return true; 143 144 /* When mem_cgroup_out_of_memory() and p is not member of the group */ 145 if (memcg && !task_in_mem_cgroup(p, memcg)) 146 return true; 147 148 /* p may not have freeable memory in nodemask */ 149 if (!has_intersects_mems_allowed(p, nodemask)) 150 return true; 151 152 return false; 153 } 154 155 /** 156 * oom_badness - heuristic function to determine which candidate task to kill 157 * @p: task struct of which task we should calculate 158 * @totalpages: total present RAM allowed for page allocation 159 * 160 * The heuristic for determining which task to kill is made to be as simple and 161 * predictable as possible. The goal is to return the highest value for the 162 * task consuming the most memory to avoid subsequent oom failures. 163 */ 164 unsigned long oom_badness(struct task_struct *p, struct mem_cgroup *memcg, 165 const nodemask_t *nodemask, unsigned long totalpages) 166 { 167 long points; 168 long adj; 169 170 if (oom_unkillable_task(p, memcg, nodemask)) 171 return 0; 172 173 p = find_lock_task_mm(p); 174 if (!p) 175 return 0; 176 177 adj = (long)p->signal->oom_score_adj; 178 if (adj == OOM_SCORE_ADJ_MIN) { 179 task_unlock(p); 180 return 0; 181 } 182 183 /* 184 * The baseline for the badness score is the proportion of RAM that each 185 * task's rss, pagetable and swap space use. 186 */ 187 points = get_mm_rss(p->mm) + get_mm_counter(p->mm, MM_SWAPENTS) + 188 atomic_long_read(&p->mm->nr_ptes) + mm_nr_pmds(p->mm); 189 task_unlock(p); 190 191 /* 192 * Root processes get 3% bonus, just like the __vm_enough_memory() 193 * implementation used by LSMs. 194 */ 195 if (has_capability_noaudit(p, CAP_SYS_ADMIN)) 196 points -= (points * 3) / 100; 197 198 /* Normalize to oom_score_adj units */ 199 adj *= totalpages / 1000; 200 points += adj; 201 202 /* 203 * Never return 0 for an eligible task regardless of the root bonus and 204 * oom_score_adj (oom_score_adj can't be OOM_SCORE_ADJ_MIN here). 205 */ 206 return points > 0 ? points : 1; 207 } 208 209 /* 210 * Determine the type of allocation constraint. 211 */ 212 #ifdef CONFIG_NUMA 213 static enum oom_constraint constrained_alloc(struct oom_control *oc, 214 unsigned long *totalpages) 215 { 216 struct zone *zone; 217 struct zoneref *z; 218 enum zone_type high_zoneidx = gfp_zone(oc->gfp_mask); 219 bool cpuset_limited = false; 220 int nid; 221 222 /* Default to all available memory */ 223 *totalpages = totalram_pages + total_swap_pages; 224 225 if (!oc->zonelist) 226 return CONSTRAINT_NONE; 227 /* 228 * Reach here only when __GFP_NOFAIL is used. So, we should avoid 229 * to kill current.We have to random task kill in this case. 230 * Hopefully, CONSTRAINT_THISNODE...but no way to handle it, now. 231 */ 232 if (oc->gfp_mask & __GFP_THISNODE) 233 return CONSTRAINT_NONE; 234 235 /* 236 * This is not a __GFP_THISNODE allocation, so a truncated nodemask in 237 * the page allocator means a mempolicy is in effect. Cpuset policy 238 * is enforced in get_page_from_freelist(). 239 */ 240 if (oc->nodemask && 241 !nodes_subset(node_states[N_MEMORY], *oc->nodemask)) { 242 *totalpages = total_swap_pages; 243 for_each_node_mask(nid, *oc->nodemask) 244 *totalpages += node_spanned_pages(nid); 245 return CONSTRAINT_MEMORY_POLICY; 246 } 247 248 /* Check this allocation failure is caused by cpuset's wall function */ 249 for_each_zone_zonelist_nodemask(zone, z, oc->zonelist, 250 high_zoneidx, oc->nodemask) 251 if (!cpuset_zone_allowed(zone, oc->gfp_mask)) 252 cpuset_limited = true; 253 254 if (cpuset_limited) { 255 *totalpages = total_swap_pages; 256 for_each_node_mask(nid, cpuset_current_mems_allowed) 257 *totalpages += node_spanned_pages(nid); 258 return CONSTRAINT_CPUSET; 259 } 260 return CONSTRAINT_NONE; 261 } 262 #else 263 static enum oom_constraint constrained_alloc(struct oom_control *oc, 264 unsigned long *totalpages) 265 { 266 *totalpages = totalram_pages + total_swap_pages; 267 return CONSTRAINT_NONE; 268 } 269 #endif 270 271 enum oom_scan_t oom_scan_process_thread(struct oom_control *oc, 272 struct task_struct *task, unsigned long totalpages) 273 { 274 if (oom_unkillable_task(task, NULL, oc->nodemask)) 275 return OOM_SCAN_CONTINUE; 276 277 /* 278 * This task already has access to memory reserves and is being killed. 279 * Don't allow any other task to have access to the reserves. 280 */ 281 if (test_tsk_thread_flag(task, TIF_MEMDIE)) { 282 if (!is_sysrq_oom(oc)) 283 return OOM_SCAN_ABORT; 284 } 285 if (!task->mm) 286 return OOM_SCAN_CONTINUE; 287 288 /* 289 * If task is allocating a lot of memory and has been marked to be 290 * killed first if it triggers an oom, then select it. 291 */ 292 if (oom_task_origin(task)) 293 return OOM_SCAN_SELECT; 294 295 return OOM_SCAN_OK; 296 } 297 298 /* 299 * Simple selection loop. We chose the process with the highest 300 * number of 'points'. Returns -1 on scan abort. 301 */ 302 static struct task_struct *select_bad_process(struct oom_control *oc, 303 unsigned int *ppoints, unsigned long totalpages) 304 { 305 struct task_struct *g, *p; 306 struct task_struct *chosen = NULL; 307 unsigned long chosen_points = 0; 308 309 rcu_read_lock(); 310 for_each_process_thread(g, p) { 311 unsigned int points; 312 313 switch (oom_scan_process_thread(oc, p, totalpages)) { 314 case OOM_SCAN_SELECT: 315 chosen = p; 316 chosen_points = ULONG_MAX; 317 /* fall through */ 318 case OOM_SCAN_CONTINUE: 319 continue; 320 case OOM_SCAN_ABORT: 321 rcu_read_unlock(); 322 return (struct task_struct *)(-1UL); 323 case OOM_SCAN_OK: 324 break; 325 }; 326 points = oom_badness(p, NULL, oc->nodemask, totalpages); 327 if (!points || points < chosen_points) 328 continue; 329 /* Prefer thread group leaders for display purposes */ 330 if (points == chosen_points && thread_group_leader(chosen)) 331 continue; 332 333 chosen = p; 334 chosen_points = points; 335 } 336 if (chosen) 337 get_task_struct(chosen); 338 rcu_read_unlock(); 339 340 *ppoints = chosen_points * 1000 / totalpages; 341 return chosen; 342 } 343 344 /** 345 * dump_tasks - dump current memory state of all system tasks 346 * @memcg: current's memory controller, if constrained 347 * @nodemask: nodemask passed to page allocator for mempolicy ooms 348 * 349 * Dumps the current memory state of all eligible tasks. Tasks not in the same 350 * memcg, not in the same cpuset, or bound to a disjoint set of mempolicy nodes 351 * are not shown. 352 * State information includes task's pid, uid, tgid, vm size, rss, nr_ptes, 353 * swapents, oom_score_adj value, and name. 354 */ 355 static void dump_tasks(struct mem_cgroup *memcg, const nodemask_t *nodemask) 356 { 357 struct task_struct *p; 358 struct task_struct *task; 359 360 pr_info("[ pid ] uid tgid total_vm rss nr_ptes nr_pmds swapents oom_score_adj name\n"); 361 rcu_read_lock(); 362 for_each_process(p) { 363 if (oom_unkillable_task(p, memcg, nodemask)) 364 continue; 365 366 task = find_lock_task_mm(p); 367 if (!task) { 368 /* 369 * This is a kthread or all of p's threads have already 370 * detached their mm's. There's no need to report 371 * them; they can't be oom killed anyway. 372 */ 373 continue; 374 } 375 376 pr_info("[%5d] %5d %5d %8lu %8lu %7ld %7ld %8lu %5hd %s\n", 377 task->pid, from_kuid(&init_user_ns, task_uid(task)), 378 task->tgid, task->mm->total_vm, get_mm_rss(task->mm), 379 atomic_long_read(&task->mm->nr_ptes), 380 mm_nr_pmds(task->mm), 381 get_mm_counter(task->mm, MM_SWAPENTS), 382 task->signal->oom_score_adj, task->comm); 383 task_unlock(task); 384 } 385 rcu_read_unlock(); 386 } 387 388 static void dump_header(struct oom_control *oc, struct task_struct *p, 389 struct mem_cgroup *memcg) 390 { 391 pr_warn("%s invoked oom-killer: gfp_mask=%#x(%pGg), order=%d, oom_score_adj=%hd\n", 392 current->comm, oc->gfp_mask, &oc->gfp_mask, oc->order, 393 current->signal->oom_score_adj); 394 395 cpuset_print_current_mems_allowed(); 396 dump_stack(); 397 if (memcg) 398 mem_cgroup_print_oom_info(memcg, p); 399 else 400 show_mem(SHOW_MEM_FILTER_NODES); 401 if (sysctl_oom_dump_tasks) 402 dump_tasks(memcg, oc->nodemask); 403 } 404 405 /* 406 * Number of OOM victims in flight 407 */ 408 static atomic_t oom_victims = ATOMIC_INIT(0); 409 static DECLARE_WAIT_QUEUE_HEAD(oom_victims_wait); 410 411 bool oom_killer_disabled __read_mostly; 412 413 #define K(x) ((x) << (PAGE_SHIFT-10)) 414 415 #ifdef CONFIG_MMU 416 /* 417 * OOM Reaper kernel thread which tries to reap the memory used by the OOM 418 * victim (if that is possible) to help the OOM killer to move on. 419 */ 420 static struct task_struct *oom_reaper_th; 421 static DECLARE_WAIT_QUEUE_HEAD(oom_reaper_wait); 422 static struct task_struct *oom_reaper_list; 423 static DEFINE_SPINLOCK(oom_reaper_lock); 424 425 426 static bool __oom_reap_task(struct task_struct *tsk) 427 { 428 struct mmu_gather tlb; 429 struct vm_area_struct *vma; 430 struct mm_struct *mm; 431 struct task_struct *p; 432 struct zap_details details = {.check_swap_entries = true, 433 .ignore_dirty = true}; 434 bool ret = true; 435 436 /* 437 * Make sure we find the associated mm_struct even when the particular 438 * thread has already terminated and cleared its mm. 439 * We might have race with exit path so consider our work done if there 440 * is no mm. 441 */ 442 p = find_lock_task_mm(tsk); 443 if (!p) 444 return true; 445 446 mm = p->mm; 447 if (!atomic_inc_not_zero(&mm->mm_users)) { 448 task_unlock(p); 449 return true; 450 } 451 452 task_unlock(p); 453 454 if (!down_read_trylock(&mm->mmap_sem)) { 455 ret = false; 456 goto out; 457 } 458 459 tlb_gather_mmu(&tlb, mm, 0, -1); 460 for (vma = mm->mmap ; vma; vma = vma->vm_next) { 461 if (is_vm_hugetlb_page(vma)) 462 continue; 463 464 /* 465 * mlocked VMAs require explicit munlocking before unmap. 466 * Let's keep it simple here and skip such VMAs. 467 */ 468 if (vma->vm_flags & VM_LOCKED) 469 continue; 470 471 /* 472 * Only anonymous pages have a good chance to be dropped 473 * without additional steps which we cannot afford as we 474 * are OOM already. 475 * 476 * We do not even care about fs backed pages because all 477 * which are reclaimable have already been reclaimed and 478 * we do not want to block exit_mmap by keeping mm ref 479 * count elevated without a good reason. 480 */ 481 if (vma_is_anonymous(vma) || !(vma->vm_flags & VM_SHARED)) 482 unmap_page_range(&tlb, vma, vma->vm_start, vma->vm_end, 483 &details); 484 } 485 tlb_finish_mmu(&tlb, 0, -1); 486 pr_info("oom_reaper: reaped process %d (%s), now anon-rss:%lukB, file-rss:%lukB, shmem-rss:%lukB\n", 487 task_pid_nr(tsk), tsk->comm, 488 K(get_mm_counter(mm, MM_ANONPAGES)), 489 K(get_mm_counter(mm, MM_FILEPAGES)), 490 K(get_mm_counter(mm, MM_SHMEMPAGES))); 491 up_read(&mm->mmap_sem); 492 493 /* 494 * Clear TIF_MEMDIE because the task shouldn't be sitting on a 495 * reasonably reclaimable memory anymore. OOM killer can continue 496 * by selecting other victim if unmapping hasn't led to any 497 * improvements. This also means that selecting this task doesn't 498 * make any sense. 499 */ 500 tsk->signal->oom_score_adj = OOM_SCORE_ADJ_MIN; 501 exit_oom_victim(tsk); 502 out: 503 mmput(mm); 504 return ret; 505 } 506 507 #define MAX_OOM_REAP_RETRIES 10 508 static void oom_reap_task(struct task_struct *tsk) 509 { 510 int attempts = 0; 511 512 /* Retry the down_read_trylock(mmap_sem) a few times */ 513 while (attempts++ < MAX_OOM_REAP_RETRIES && !__oom_reap_task(tsk)) 514 schedule_timeout_idle(HZ/10); 515 516 if (attempts > MAX_OOM_REAP_RETRIES) { 517 pr_info("oom_reaper: unable to reap pid:%d (%s)\n", 518 task_pid_nr(tsk), tsk->comm); 519 debug_show_all_locks(); 520 } 521 522 /* Drop a reference taken by wake_oom_reaper */ 523 put_task_struct(tsk); 524 } 525 526 static int oom_reaper(void *unused) 527 { 528 set_freezable(); 529 530 while (true) { 531 struct task_struct *tsk = NULL; 532 533 wait_event_freezable(oom_reaper_wait, oom_reaper_list != NULL); 534 spin_lock(&oom_reaper_lock); 535 if (oom_reaper_list != NULL) { 536 tsk = oom_reaper_list; 537 oom_reaper_list = tsk->oom_reaper_list; 538 } 539 spin_unlock(&oom_reaper_lock); 540 541 if (tsk) 542 oom_reap_task(tsk); 543 } 544 545 return 0; 546 } 547 548 static void wake_oom_reaper(struct task_struct *tsk) 549 { 550 if (!oom_reaper_th || tsk->oom_reaper_list) 551 return; 552 553 get_task_struct(tsk); 554 555 spin_lock(&oom_reaper_lock); 556 tsk->oom_reaper_list = oom_reaper_list; 557 oom_reaper_list = tsk; 558 spin_unlock(&oom_reaper_lock); 559 wake_up(&oom_reaper_wait); 560 } 561 562 static int __init oom_init(void) 563 { 564 oom_reaper_th = kthread_run(oom_reaper, NULL, "oom_reaper"); 565 if (IS_ERR(oom_reaper_th)) { 566 pr_err("Unable to start OOM reaper %ld. Continuing regardless\n", 567 PTR_ERR(oom_reaper_th)); 568 oom_reaper_th = NULL; 569 } 570 return 0; 571 } 572 subsys_initcall(oom_init) 573 #else 574 static void wake_oom_reaper(struct task_struct *tsk) 575 { 576 } 577 #endif 578 579 /** 580 * mark_oom_victim - mark the given task as OOM victim 581 * @tsk: task to mark 582 * 583 * Has to be called with oom_lock held and never after 584 * oom has been disabled already. 585 */ 586 void mark_oom_victim(struct task_struct *tsk) 587 { 588 WARN_ON(oom_killer_disabled); 589 /* OOM killer might race with memcg OOM */ 590 if (test_and_set_tsk_thread_flag(tsk, TIF_MEMDIE)) 591 return; 592 /* 593 * Make sure that the task is woken up from uninterruptible sleep 594 * if it is frozen because OOM killer wouldn't be able to free 595 * any memory and livelock. freezing_slow_path will tell the freezer 596 * that TIF_MEMDIE tasks should be ignored. 597 */ 598 __thaw_task(tsk); 599 atomic_inc(&oom_victims); 600 } 601 602 /** 603 * exit_oom_victim - note the exit of an OOM victim 604 */ 605 void exit_oom_victim(struct task_struct *tsk) 606 { 607 if (!test_and_clear_tsk_thread_flag(tsk, TIF_MEMDIE)) 608 return; 609 610 if (!atomic_dec_return(&oom_victims)) 611 wake_up_all(&oom_victims_wait); 612 } 613 614 /** 615 * oom_killer_disable - disable OOM killer 616 * 617 * Forces all page allocations to fail rather than trigger OOM killer. 618 * Will block and wait until all OOM victims are killed. 619 * 620 * The function cannot be called when there are runnable user tasks because 621 * the userspace would see unexpected allocation failures as a result. Any 622 * new usage of this function should be consulted with MM people. 623 * 624 * Returns true if successful and false if the OOM killer cannot be 625 * disabled. 626 */ 627 bool oom_killer_disable(void) 628 { 629 /* 630 * Make sure to not race with an ongoing OOM killer. Check that the 631 * current is not killed (possibly due to sharing the victim's memory). 632 */ 633 if (mutex_lock_killable(&oom_lock)) 634 return false; 635 oom_killer_disabled = true; 636 mutex_unlock(&oom_lock); 637 638 wait_event(oom_victims_wait, !atomic_read(&oom_victims)); 639 640 return true; 641 } 642 643 /** 644 * oom_killer_enable - enable OOM killer 645 */ 646 void oom_killer_enable(void) 647 { 648 oom_killer_disabled = false; 649 } 650 651 /* 652 * task->mm can be NULL if the task is the exited group leader. So to 653 * determine whether the task is using a particular mm, we examine all the 654 * task's threads: if one of those is using this mm then this task was also 655 * using it. 656 */ 657 static bool process_shares_mm(struct task_struct *p, struct mm_struct *mm) 658 { 659 struct task_struct *t; 660 661 for_each_thread(p, t) { 662 struct mm_struct *t_mm = READ_ONCE(t->mm); 663 if (t_mm) 664 return t_mm == mm; 665 } 666 return false; 667 } 668 669 /* 670 * Must be called while holding a reference to p, which will be released upon 671 * returning. 672 */ 673 void oom_kill_process(struct oom_control *oc, struct task_struct *p, 674 unsigned int points, unsigned long totalpages, 675 struct mem_cgroup *memcg, const char *message) 676 { 677 struct task_struct *victim = p; 678 struct task_struct *child; 679 struct task_struct *t; 680 struct mm_struct *mm; 681 unsigned int victim_points = 0; 682 static DEFINE_RATELIMIT_STATE(oom_rs, DEFAULT_RATELIMIT_INTERVAL, 683 DEFAULT_RATELIMIT_BURST); 684 bool can_oom_reap = true; 685 686 /* 687 * If the task is already exiting, don't alarm the sysadmin or kill 688 * its children or threads, just set TIF_MEMDIE so it can die quickly 689 */ 690 task_lock(p); 691 if (p->mm && task_will_free_mem(p)) { 692 mark_oom_victim(p); 693 task_unlock(p); 694 put_task_struct(p); 695 return; 696 } 697 task_unlock(p); 698 699 if (__ratelimit(&oom_rs)) 700 dump_header(oc, p, memcg); 701 702 pr_err("%s: Kill process %d (%s) score %u or sacrifice child\n", 703 message, task_pid_nr(p), p->comm, points); 704 705 /* 706 * If any of p's children has a different mm and is eligible for kill, 707 * the one with the highest oom_badness() score is sacrificed for its 708 * parent. This attempts to lose the minimal amount of work done while 709 * still freeing memory. 710 */ 711 read_lock(&tasklist_lock); 712 for_each_thread(p, t) { 713 list_for_each_entry(child, &t->children, sibling) { 714 unsigned int child_points; 715 716 if (process_shares_mm(child, p->mm)) 717 continue; 718 /* 719 * oom_badness() returns 0 if the thread is unkillable 720 */ 721 child_points = oom_badness(child, memcg, oc->nodemask, 722 totalpages); 723 if (child_points > victim_points) { 724 put_task_struct(victim); 725 victim = child; 726 victim_points = child_points; 727 get_task_struct(victim); 728 } 729 } 730 } 731 read_unlock(&tasklist_lock); 732 733 p = find_lock_task_mm(victim); 734 if (!p) { 735 put_task_struct(victim); 736 return; 737 } else if (victim != p) { 738 get_task_struct(p); 739 put_task_struct(victim); 740 victim = p; 741 } 742 743 /* Get a reference to safely compare mm after task_unlock(victim) */ 744 mm = victim->mm; 745 atomic_inc(&mm->mm_count); 746 /* 747 * We should send SIGKILL before setting TIF_MEMDIE in order to prevent 748 * the OOM victim from depleting the memory reserves from the user 749 * space under its control. 750 */ 751 do_send_sig_info(SIGKILL, SEND_SIG_FORCED, victim, true); 752 mark_oom_victim(victim); 753 pr_err("Killed process %d (%s) total-vm:%lukB, anon-rss:%lukB, file-rss:%lukB, shmem-rss:%lukB\n", 754 task_pid_nr(victim), victim->comm, K(victim->mm->total_vm), 755 K(get_mm_counter(victim->mm, MM_ANONPAGES)), 756 K(get_mm_counter(victim->mm, MM_FILEPAGES)), 757 K(get_mm_counter(victim->mm, MM_SHMEMPAGES))); 758 task_unlock(victim); 759 760 /* 761 * Kill all user processes sharing victim->mm in other thread groups, if 762 * any. They don't get access to memory reserves, though, to avoid 763 * depletion of all memory. This prevents mm->mmap_sem livelock when an 764 * oom killed thread cannot exit because it requires the semaphore and 765 * its contended by another thread trying to allocate memory itself. 766 * That thread will now get access to memory reserves since it has a 767 * pending fatal signal. 768 */ 769 rcu_read_lock(); 770 for_each_process(p) { 771 if (!process_shares_mm(p, mm)) 772 continue; 773 if (same_thread_group(p, victim)) 774 continue; 775 if (unlikely(p->flags & PF_KTHREAD) || is_global_init(p) || 776 p->signal->oom_score_adj == OOM_SCORE_ADJ_MIN) { 777 /* 778 * We cannot use oom_reaper for the mm shared by this 779 * process because it wouldn't get killed and so the 780 * memory might be still used. 781 */ 782 can_oom_reap = false; 783 continue; 784 } 785 do_send_sig_info(SIGKILL, SEND_SIG_FORCED, p, true); 786 } 787 rcu_read_unlock(); 788 789 if (can_oom_reap) 790 wake_oom_reaper(victim); 791 792 mmdrop(mm); 793 put_task_struct(victim); 794 } 795 #undef K 796 797 /* 798 * Determines whether the kernel must panic because of the panic_on_oom sysctl. 799 */ 800 void check_panic_on_oom(struct oom_control *oc, enum oom_constraint constraint, 801 struct mem_cgroup *memcg) 802 { 803 if (likely(!sysctl_panic_on_oom)) 804 return; 805 if (sysctl_panic_on_oom != 2) { 806 /* 807 * panic_on_oom == 1 only affects CONSTRAINT_NONE, the kernel 808 * does not panic for cpuset, mempolicy, or memcg allocation 809 * failures. 810 */ 811 if (constraint != CONSTRAINT_NONE) 812 return; 813 } 814 /* Do not panic for oom kills triggered by sysrq */ 815 if (is_sysrq_oom(oc)) 816 return; 817 dump_header(oc, NULL, memcg); 818 panic("Out of memory: %s panic_on_oom is enabled\n", 819 sysctl_panic_on_oom == 2 ? "compulsory" : "system-wide"); 820 } 821 822 static BLOCKING_NOTIFIER_HEAD(oom_notify_list); 823 824 int register_oom_notifier(struct notifier_block *nb) 825 { 826 return blocking_notifier_chain_register(&oom_notify_list, nb); 827 } 828 EXPORT_SYMBOL_GPL(register_oom_notifier); 829 830 int unregister_oom_notifier(struct notifier_block *nb) 831 { 832 return blocking_notifier_chain_unregister(&oom_notify_list, nb); 833 } 834 EXPORT_SYMBOL_GPL(unregister_oom_notifier); 835 836 /** 837 * out_of_memory - kill the "best" process when we run out of memory 838 * @oc: pointer to struct oom_control 839 * 840 * If we run out of memory, we have the choice between either 841 * killing a random task (bad), letting the system crash (worse) 842 * OR try to be smart about which process to kill. Note that we 843 * don't have to be perfect here, we just have to be good. 844 */ 845 bool out_of_memory(struct oom_control *oc) 846 { 847 struct task_struct *p; 848 unsigned long totalpages; 849 unsigned long freed = 0; 850 unsigned int uninitialized_var(points); 851 enum oom_constraint constraint = CONSTRAINT_NONE; 852 853 if (oom_killer_disabled) 854 return false; 855 856 blocking_notifier_call_chain(&oom_notify_list, 0, &freed); 857 if (freed > 0) 858 /* Got some memory back in the last second. */ 859 return true; 860 861 /* 862 * If current has a pending SIGKILL or is exiting, then automatically 863 * select it. The goal is to allow it to allocate so that it may 864 * quickly exit and free its memory. 865 * 866 * But don't select if current has already released its mm and cleared 867 * TIF_MEMDIE flag at exit_mm(), otherwise an OOM livelock may occur. 868 */ 869 if (current->mm && 870 (fatal_signal_pending(current) || task_will_free_mem(current))) { 871 mark_oom_victim(current); 872 return true; 873 } 874 875 /* 876 * Check if there were limitations on the allocation (only relevant for 877 * NUMA) that may require different handling. 878 */ 879 constraint = constrained_alloc(oc, &totalpages); 880 if (constraint != CONSTRAINT_MEMORY_POLICY) 881 oc->nodemask = NULL; 882 check_panic_on_oom(oc, constraint, NULL); 883 884 if (sysctl_oom_kill_allocating_task && current->mm && 885 !oom_unkillable_task(current, NULL, oc->nodemask) && 886 current->signal->oom_score_adj != OOM_SCORE_ADJ_MIN) { 887 get_task_struct(current); 888 oom_kill_process(oc, current, 0, totalpages, NULL, 889 "Out of memory (oom_kill_allocating_task)"); 890 return true; 891 } 892 893 p = select_bad_process(oc, &points, totalpages); 894 /* Found nothing?!?! Either we hang forever, or we panic. */ 895 if (!p && !is_sysrq_oom(oc)) { 896 dump_header(oc, NULL, NULL); 897 panic("Out of memory and no killable processes...\n"); 898 } 899 if (p && p != (void *)-1UL) { 900 oom_kill_process(oc, p, points, totalpages, NULL, 901 "Out of memory"); 902 /* 903 * Give the killed process a good chance to exit before trying 904 * to allocate memory again. 905 */ 906 schedule_timeout_killable(1); 907 } 908 return true; 909 } 910 911 /* 912 * The pagefault handler calls here because it is out of memory, so kill a 913 * memory-hogging task. If any populated zone has ZONE_OOM_LOCKED set, a 914 * parallel oom killing is already in progress so do nothing. 915 */ 916 void pagefault_out_of_memory(void) 917 { 918 struct oom_control oc = { 919 .zonelist = NULL, 920 .nodemask = NULL, 921 .gfp_mask = 0, 922 .order = 0, 923 }; 924 925 if (mem_cgroup_oom_synchronize(true)) 926 return; 927 928 if (!mutex_trylock(&oom_lock)) 929 return; 930 931 if (!out_of_memory(&oc)) { 932 /* 933 * There shouldn't be any user tasks runnable while the 934 * OOM killer is disabled, so the current task has to 935 * be a racing OOM victim for which oom_killer_disable() 936 * is waiting for. 937 */ 938 WARN_ON(test_thread_flag(TIF_MEMDIE)); 939 } 940 941 mutex_unlock(&oom_lock); 942 } 943