From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D8963C433ED for ; Wed, 5 May 2021 02:45:34 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 650A7613C4 for ; Wed, 5 May 2021 02:45:34 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 650A7613C4 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id BCB7A6B0146; Tue, 4 May 2021 22:45:33 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B7B5B8D0002; Tue, 4 May 2021 22:45:33 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9F7226B0148; Tue, 4 May 2021 22:45:33 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0095.hostedemail.com [216.40.44.95]) by kanga.kvack.org (Postfix) with ESMTP id 837616B0146 for ; Tue, 4 May 2021 22:45:33 -0400 (EDT) Received: from smtpin05.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 318AF3626 for ; Wed, 5 May 2021 02:45:33 +0000 (UTC) X-FDA: 78105636546.05.41C059C Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com [209.85.167.41]) by imf20.hostedemail.com (Postfix) with ESMTP id 4C6293C8 for ; Wed, 5 May 2021 02:45:25 +0000 (UTC) Received: by mail-lf1-f41.google.com with SMTP id h4so503060lfv.0 for ; Tue, 04 May 2021 19:45:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dpyffmzF28xsaxMRD2G97jPnI0ZZ1SR5Rjf3NGEtBIA=; b=WeyYZGSlF4U/HwB/qVfj/2M1q/SsBc/SKWwZXb07+k3IHswE46B/RH47b+4Tq/22n6 cJqgiZYKFSa5CPgEvKu1v6InVgLl9uy97j0IGcSYidqkwZt6CFst4uMGSHPwu20HAKYq Srmc6a9Mbxc5pqZ3svXSYaZ5RtOwasDrY7ezpwc4tBuj53FCQ7EXSZovm0/gpUO9iwwZ su3SMw/cUk3m4xk7brfxW7WSf+TvhBnlJfhA51FDVlT9bJtegtxVRO1lbNIEX7//gEUN FRgRk4VDGYIxofh5nMP1MByGTUdj7rDMqT1gLLmVQXIUNvw57IUDi13+DvQbRNS+CFpc hdyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dpyffmzF28xsaxMRD2G97jPnI0ZZ1SR5Rjf3NGEtBIA=; b=S/KVvO0LVIXnY+GCHTMPejWChJrtHQ6263+prpc49+bfF7vnSRjw0tKMRSmBT7QEBp ADJFZFptLr5L5tvg6IzbTm4Z89Ysl42sKeWS+M377aejimKDmE/71gVII/bQR4n8neNp 2/mb3Na7gt5cFOzJhORLcGbk6+tFaNDuyFIiLfufLPll0v99yQh4Yrr7bg6/N6/6krCE HD2opO7IkOOPGygO4GHOwy9k+BQLQVLnaqd8FJkOP+09OQYFql6fZ2z3Tustf5MsyJbK 06LJxC8Fb0jkyhMfJ6AJsoMYF3mwR6xBPjRa1Ul3X325taLp7XWOVEX/7G9sN8q9Uxdy XCdQ== X-Gm-Message-State: AOAM532+PLIUs6owl3QKspf6diFVv+F7H/x6Bvf+8SRIaGMAHD+GuvRM FW3VklkGGI16wu10E4+IFeFycYVqGnQTuqPQSDgYdg== X-Google-Smtp-Source: ABdhPJyVoGWzxCkMKyEpP/u0Cqu4Xro+PmU//9HCyblfstGr0OdgBJrwCSpyB1KtNTpPEh/6ZwoHqupRo1QHX5TuuuU= X-Received: by 2002:a05:6512:208b:: with SMTP id t11mr16856183lfr.358.1620182731040; Tue, 04 May 2021 19:45:31 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Shakeel Butt Date: Tue, 4 May 2021 19:45:19 -0700 Message-ID: Subject: Re: [RFC] memory reserve for userspace oom-killer To: Suren Baghdasaryan Cc: Michal Hocko , Johannes Weiner , Roman Gushchin , Linux MM , Andrew Morton , Cgroups , David Rientjes , LKML , Greg Thelen , Dragos Sbirlea , Priya Duraisamy Content-Type: text/plain; charset="UTF-8" Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=google.com header.s=20161025 header.b=WeyYZGSl; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf20.hostedemail.com: domain of shakeelb@google.com designates 209.85.167.41 as permitted sender) smtp.mailfrom=shakeelb@google.com X-Stat-Signature: jmfxjsms37jqrhygu716kjk9ahjtnb6u X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 4C6293C8 Received-SPF: none (google.com>: No applicable sender policy available) receiver=imf20; identity=mailfrom; envelope-from=""; helo=mail-lf1-f41.google.com; client-ip=209.85.167.41 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1620182725-426895 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, May 4, 2021 at 6:26 PM Suren Baghdasaryan wrote: > > On Tue, May 4, 2021 at 5:37 PM Shakeel Butt wrote: > > > > On Wed, Apr 21, 2021 at 7:29 AM Michal Hocko wrote: > > > > > [...] > > > > > What if the pool is depleted? > > > > > > > > This would mean that either the estimate of mempool size is bad or > > > > oom-killer is buggy and leaking memory. > > > > > > > > I am open to any design directions for mempool or some other way where > > > > we can provide a notion of memory guarantee to oom-killer. > > > > > > OK, thanks for clarification. There will certainly be hard problems to > > > sort out[1] but the overall idea makes sense to me and it sounds like a > > > much better approach than a OOM specific solution. > > > > > > > > > [1] - how the pool is going to be replenished without hitting all > > > potential reclaim problems (thus dependencies on other all tasks > > > directly/indirectly) yet to not rely on any background workers to do > > > that on the task behalf without a proper accounting etc... > > > -- > > > > I am currently contemplating between two paths here: > > > > First, the mempool, exposed through either prctl or a new syscall. > > Users would need to trace their userspace oom-killer (or whatever > > their use case is) to find an appropriate mempool size they would need > > and periodically refill the mempools if allowed by the state of the > > machine. The challenge here is to find a good value for the mempool > > size and coordinating the refilling of mempools. > > > > Second is a mix of Roman and Peter's suggestions but much more > > simplified. A very simple watchdog with a kill-list of processes and > > if userspace didn't pet the watchdog within a specified time, it will > > kill all the processes in the kill-list. The challenge here is to > > maintain/update the kill-list. > > IIUC this solution is designed to identify cases when oomd/lmkd got > stuck while allocating memory due to memory shortages and therefore > can't feed the watchdog. In such a case the kernel goes ahead and > kills some processes to free up memory and unblock the blocked > process. Effectively this would limit the time such a process gets > stuck by the duration of the watchdog timeout. If my understanding of > this proposal is correct, Your understanding is indeed correct. > then I see the following downsides: > 1. oomd/lmkd are still not prevented from being stuck, it just limits > the duration of this blocked state. Delaying kills when memory > pressure is high even for short duration is very undesirable. Yes I agree. > I think > having mempool reserves could address this issue better if it can > always guarantee memory availability (not sure if it's possible in > practice). I think "mempool ... always guarantee memory availability" is something I should quantify with some experiments. > 2. What would be performance overhead of this watchdog? To limit the > duration of a process being blocked to a small enough value we would > have to have quite a small timeout, which means oomd/lmkd would have > to wake up quite often to feed the watchdog. Frequent wakeups on a > battery-powered system is not a good idea. This is indeed the downside i.e. the tradeoff between acceptable stall vs frequent wakeups. > 3. What if oomd/lmkd gets stuck for some memory-unrelated reason and > can't feed the watchdog? In such a scenario the kernel would assume > that it is stuck due to memory shortages and would go on a killing > spree. This is correct but IMHO killing spree is not worse than oomd/lmkd getting stuck for some other reason. > If there is a sure way to identify when a process gets stuck > due to memory shortages then this could work better. Hmm are you saying looking at the stack traces of the userspace oom-killer or some metrics related to oom-killer? It will complicate the code. > 4. Additional complexity of keeping the list of potential victims in > the kernel. Maybe we can simply reuse oom_score to choose the best > victims? Your point of additional complexity is correct. Regarding oom_score I think you meant oom_score_adj, I would avoid putting more policies/complexity in the kernel but I got your point that the simplest watchdog might not be helpful at all. > Thanks, > Suren. > > > > > I would prefer the direction which oomd and lmkd are open to adopt. > > > > Any suggestions?