From: Daniel Borkmann <daniel@iogearbox.net>
To: Michal Hocko <mhocko@kernel.org>
Cc: Alexei Starovoitov <alexei.starovoitov@gmail.com>,
Andrew Morton <akpm@linux-foundation.org>,
Vlastimil Babka <vbabka@suse.cz>, Mel Gorman <mgorman@suse.de>,
Johannes Weiner <hannes@cmpxchg.org>,
linux-mm <linux-mm@kvack.org>,
LKML <linux-kernel@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
marcelo.leitner@gmail.com
Subject: Re: [PATCH 0/6 v3] kvmalloc
Date: Fri, 27 Jan 2017 21:12:26 +0100 [thread overview]
Message-ID: <588BA9AA.8010805@iogearbox.net> (raw)
In-Reply-To: <20170127100544.GF4143@dhcp22.suse.cz>
On 01/27/2017 11:05 AM, Michal Hocko wrote:
> On Thu 26-01-17 21:34:04, Daniel Borkmann wrote:
>> On 01/26/2017 02:40 PM, Michal Hocko wrote:
> [...]
>>> But realistically, how big is this problem really? Is it really worth
>>> it? You said this is an admin only interface and admin can kill the
>>> machine by OOM and other means already.
>>>
>>> Moreover and I should probably mention it explicitly, your d407bd25a204b
>>> reduced the likelyhood of oom for other reason. kmalloc used GPF_USER
>>> previously and with order > 0 && order <= PAGE_ALLOC_COSTLY_ORDER this
>>> could indeed hit the OOM e.g. due to memory fragmentation. It would be
>>> much harder to hit the OOM killer from vmalloc which doesn't issue
>>> higher order allocation requests. Or have you ever seen the OOM killer
>>> pointing to the vmalloc fallback path?
>>
>> The case I was concerned about was from vmalloc() path, not kmalloc().
>> That was where the stack trace indicating OOM pointed to. As an example,
>> there could be really large allocation requests for maps where the map
>> has pre-allocated memory for its elements. Thus, if we get to the point
>> where we need to kill others due to shortage of mem for satisfying this,
>> I'd much much rather prefer to just not let vmalloc() work really hard
>> and fail early on instead.
>
> I see, but as already mentioned, chances are that by the time you get
> close to the OOM somebody else will hit the OOM before the vmalloc path
> manages to free the allocated memory.
>
>> In my (crafted) test case, I was connected
>> via ssh and it each time reliably killed my connection, which is really
>> suboptimal.
>>
>> F.e., I could also imagine a buggy or miscalculated map definition for
>> a prog that is provisioned to multiple places, which then accidentally
>> triggers this. Or if large on purpose, but we crossed the line, it
>> could be handled more gracefully, f.e. I could imagine an option to
>> falling back to a non-pre-allocated map flavor from the application
>> loading the program. Trade-off for sure, but still allowing it to
>> operate up to a certain extend. Granted, if vmalloc() succeeded without
>> trying hard and we then OOM elsewhere, too bad, but we don't have much
>> control over that one anyway, only about our own request. Reason I
>> asked above was whether having __GFP_NORETRY in would be fatal
>> somewhere down the path, but seems not as you say.
>>
>> So to answer your second email with the bpf and netfilter hunks, why
>> not replacing them with kvmalloc() and __GFP_NORETRY flag and add that
>> big fat FIXME comment above there, saying explicitly that __GFP_NORETRY
>> is not harmful though has only /partial/ effect right now and that full
>> support needs to be implemented in future. That would still be better
>> that not having it, imo, and the FIXME would make expectations clear
>> to anyone reading that code.
>
> Well, we can do that, I just would like to prevent from this (ab)use
> if there is no _real_ and _sensible_ usecase for it. Having a real bug
Understandable.
> report or a fallback mechanism you are mentioning above would justify
> the (ab)use IMHO. But that abuse would be documented properly and have a
> real reason to exist. That sounds like a better approach to me.
>
> But if you absolutely _insist_ I can change that.
Yeah, please do (with a big FIXME comment as mentioned), this originally
came from a real bug report. Anyway, feel free to add my Acked-by then.
Thanks again,
Daniel
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2017-01-27 20:12 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-25 18:14 [PATCH 0/6 v3] kvmalloc Alexei Starovoitov
2017-01-25 20:16 ` Daniel Borkmann
2017-01-26 7:43 ` Michal Hocko
2017-01-26 9:36 ` Daniel Borkmann
2017-01-26 9:48 ` David Laight
2017-01-26 10:08 ` Michal Hocko
2017-01-26 10:32 ` Michal Hocko
2017-01-26 11:04 ` Daniel Borkmann
2017-01-26 11:49 ` Michal Hocko
2017-01-26 12:14 ` Joe Perches
2017-01-26 12:27 ` Michal Hocko
2017-01-26 11:33 ` Daniel Borkmann
2017-01-26 11:58 ` Michal Hocko
2017-01-26 13:10 ` Daniel Borkmann
2017-01-26 13:40 ` Michal Hocko
2017-01-26 14:13 ` Michal Hocko
2017-01-26 14:37 ` [PATCH] net, bpf: use kvzalloc helper kbuild test robot
2017-01-26 14:58 ` kbuild test robot
2017-01-26 20:34 ` [PATCH 0/6 v3] kvmalloc Daniel Borkmann
2017-01-27 10:05 ` Michal Hocko
2017-01-27 20:12 ` Daniel Borkmann [this message]
2017-01-30 7:56 ` Michal Hocko
2017-01-30 16:15 ` Daniel Borkmann
2017-01-30 16:28 ` Michal Hocko
2017-01-30 16:45 ` Daniel Borkmann
-- strict thread matches above, loose matches on Subject: below --
2017-01-30 9:49 Michal Hocko
2017-02-05 10:23 ` Michal Hocko
2017-01-12 15:37 Michal Hocko
2017-01-24 15:17 ` Michal Hocko
2017-01-24 16:00 ` Eric Dumazet
2017-01-25 13:10 ` Michal Hocko
2017-01-24 19:17 ` Alexei Starovoitov
2017-01-25 13:10 ` Michal Hocko
2017-01-25 13:21 ` Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=588BA9AA.8010805@iogearbox.net \
--to=daniel@iogearbox.net \
--cc=akpm@linux-foundation.org \
--cc=alexei.starovoitov@gmail.com \
--cc=hannes@cmpxchg.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=marcelo.leitner@gmail.com \
--cc=mgorman@suse.de \
--cc=mhocko@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).