[Bugme-janitors] [Bug 9182] Critical memory leak (dirty pages)

bugme-daemon at bugzilla.kernel.org bugme-daemon at bugzilla.kernel.org
Wed Dec 19 14:51:20 PST 2007 

http://bugzilla.kernel.org/show_bug.cgi?id=9182





------- Comment #57 from olel at ans.pl  2007-12-19 14:51 -------


On Wed, 19 Dec 2007, Krzysztof Oledzki wrote:

>
>
> On Wed, 19 Dec 2007, Linus Torvalds wrote:
>
>> 
>> 
>> On Wed, 19 Dec 2007, Linus Torvalds wrote:
>>> 
>>>> but I'd really like to understand how that page got marked dirty again,
>>>> and why it seems to be related to "data=journal".
>>> 
>>> That still holds. I'd really like to understand why/how this triggers.
>> 
>> Hmm. "truncate_complete_page()" does:
>>
>>        cancel_dirty_page(page, PAGE_CACHE_SIZE);
>>
>>        if (PagePrivate(page))
>>                do_invalidatepage(page, 0);
>>
>>        remove_from_page_cache(page);
>> 
>> and yes, that "do_invalidatepage()" calls down to the filesystem layer
>> (mapping->a_ops->invalidatepage), and yes, this all goes into the
>> journalling code.
>> 
>> So at a guess, the bug would go away if we just moved the
>> "cancel_dirty_page()" to *after* the do_invalidatepage() case, although I
>> wonder if we had some reason to do it in that order (ie maybe
>> do_invalidatepage() likes to see the page being clean).
>> 
>> Anyway, I think the fixups I added to __remove_from_page_cache() seem to
>> continually become a better idea, considering that we let the filesystem
>> mess around with the page in between, and if the filesystem messes with
>> the dirty bits, it really means that the VM shouldn't just rely on it
>> remaining clean.
>> 
>> But I still want/hope-for a confirmation from Krzysztof that the patch
>> actually fixes it for him too. At which point I'll just commit it without
>> the stack dumping.
>
> Just booted the system with 2.6.24-rc5+the debug/fixup patch. It took 2 
> minutes to get this:
>
> WARNING: at mm/filemap.c:132 __remove_from_page_cache()
> Pid: 3734, comm: lmtp Not tainted 2.6.24-rc5 #1
> [<c014d772>] __remove_from_page_cache+0x87/0xe6
> [<c014d7f3>] remove_from_page_cache+0x22/0x2b
> [<c015327f>] truncate_complete_page+0x2b/0x3f
> [<c0153367>] truncate_inode_pages_range+0xd4/0x2d8
> [<c018b96e>] inotify_inode_is_dead+0x1a/0x70
> [<c018b96e>] inotify_inode_is_dead+0x1a/0x70
> [<c0245f52>] _atomic_dec_and_lock+0x2a/0x48
> [<c0153582>] truncate_inode_pages+0x17/0x1d
> [<c01a5b39>] ext3_delete_inode+0x13/0xbb
> [<c01a5b26>] ext3_delete_inode+0x0/0xbb
> [<c0178eda>] generic_delete_inode+0x5e/0xc6
> [<c0178604>] iput+0x60/0x62
> [<c0176779>] d_kill+0x2d/0x46
> [<c0176a94>] dput+0xdc/0xe4
> [<c01697c4>] __fput+0x113/0x13d
> [<c016727d>] filp_close+0x51/0x58
> [<c0168315>] sys_close+0x70/0xab
> [<c0103e92>] sysenter_past_esp+0x5f/0xa5
> =======================
>
> WARNING: at mm/filemap.c:132 __remove_from_page_cache()
> Pid: 3738, comm: smtp Not tainted 2.6.24-rc5 #1
> [<c014d772>] __remove_from_page_cache+0x87/0xe6
> [<c014d7f3>] remove_from_page_cache+0x22/0x2b
> [<c015327f>] truncate_complete_page+0x2b/0x3f
> [<c0153367>] truncate_inode_pages_range+0xd4/0x2d8
> [<c018b96e>] inotify_inode_is_dead+0x1a/0x70
> [<c018b96e>] inotify_inode_is_dead+0x1a/0x70
> [<c0245f52>] _atomic_dec_and_lock+0x2a/0x48
> [<c0153582>] truncate_inode_pages+0x17/0x1d
> [<c01a5b39>] ext3_delete_inode+0x13/0xbb
> [<c01a5b26>] ext3_delete_inode+0x0/0xbb
> [<c0178eda>] generic_delete_inode+0x5e/0xc6
> [<c0178604>] iput+0x60/0x62
> [<c0176779>] d_kill+0x2d/0x46
> [<c0176a94>] dput+0xdc/0xe4
> [<c01697c4>] __fput+0x113/0x13d
> [<c016727d>] filp_close+0x51/0x58
> [<c0168315>] sys_close+0x70/0xab
> [<c0103e92>] sysenter_past_esp+0x5f/0xa5
> =======================
>
> ole at cougar:~$ dmesg |grep -c __remove_from_page_cache
> 10
>
> ole at cougar:~$ uptime
> 22:53:09 up 2 min,  1 user,  load average: 0.57, 0.37, 0.14

Little different call trace:

WARNING: at mm/filemap.c:132 __remove_from_page_cache()
Pid: 3468, comm: qmgr Not tainted 2.6.24-rc5 #1
  [<c014d772>] __remove_from_page_cache+0x87/0xe6
  [<c014d7f3>] remove_from_page_cache+0x22/0x2b
  [<c015327f>] truncate_complete_page+0x2b/0x3f
  [<c0153367>] truncate_inode_pages_range+0xd4/0x2d8
  [<c0245f52>] _atomic_dec_and_lock+0x2a/0x48
  [<c0153582>] truncate_inode_pages+0x17/0x1d
  [<c01a5b39>] ext3_delete_inode+0x13/0xbb
  [<c01a5b26>] ext3_delete_inode+0x0/0xbb
  [<c0178eda>] generic_delete_inode+0x5e/0xc6
  [<c0178604>] iput+0x60/0x62
  [<c0170ebd>] do_unlinkat+0xbf/0x133
  [<c017a9c9>] mntput_no_expire+0x11/0x5c
  [<c016727d>] filp_close+0x51/0x58
  [<c0103e92>] sysenter_past_esp+0x5f/0xa5

Best regards,

                                Krzysztof Olêdzki


-- 
Configure bugmail: http://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the Bugme-janitors mailing list