Received: by 10.213.65.68 with SMTP id h4csp3834814imn; Tue, 10 Apr 2018 05:31:53 -0700 (PDT) X-Google-Smtp-Source: AIpwx498gbSYtUV6t+m4UPUMI5R/iVPiTUppIVeV6jl1q5vvDqUcvgp0//lKkU9UnVAhPGdDC9aq X-Received: by 2002:a17:902:244:: with SMTP id 62-v6mr223993plc.125.1523363513576; Tue, 10 Apr 2018 05:31:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523363513; cv=none; d=google.com; s=arc-20160816; b=X4vMzChdBSTAZaO12oJp8xNGdL1G6lNapRfDEzTFvow8gAG38dFJk86P/VKCQMeiC4 OmI9HhrMTaH7CuAcmXpK4xFHSp32SsLBosqhEJssT9WhLIj2KCLd8GrB2tDF0r39m0T3 u6RY50K7Qy67mC45WjcUdCze/DqOXW+v7u6tkPoxdXImxUe5hbqzWRf9ASPoFr4mMYjS KjSpSEq6S9OnI/bOqUtazFqvlRTnMJIODeFZwv+qXwroe4tJL4G+Sf+/ouRe/9BKzq3j qmN59/aPgqaPJFMZQu21GJuo1J7WRlahClWtYE33cU6gcmJw7MCxknVd4BJUP33gvUS1 EnoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=4fRkWJTCBRTq9ABsdscYJjTQbb+rMsDZpMFZF9iI5kw=; b=MC4BWaW7uOxzLil1XMBc+QgTJuH6MQKk27KERIigpA1OcAA2MFMmqxZx9IgstDhd03 Mzb/i/tT53+DtwoL7t5LMZB1rPNCDR0FIJB4ln9BjLwY3G+o+WswZkIpmTTrcyNOBCLI gO0dJu55L6/kjWg+IS1uZQzi0gjN0kG4rNytjfbPN+l5OEc1uye3gPZkJzDscNd/h8Ji gjmH4Y/4RwaTL1hrc8NYIhMFVtLAWhLmrSlz4xd7mMCj0d3uTWgosT74u0G5EDKYWu8j mX9A8dK4K3CLspjPIHljLMIwsekGJN7x4XoP/SMcELzPwTmb/QheefjCes9pBa6y0uGz QSPg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g8-v6si2746683plm.120.2018.04.10.05.31.16; Tue, 10 Apr 2018 05:31:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752907AbeDJM1M (ORCPT + 99 others); Tue, 10 Apr 2018 08:27:12 -0400 Received: from mx2.suse.de ([195.135.220.15]:41649 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752584AbeDJM1L (ORCPT ); Tue, 10 Apr 2018 08:27:11 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id D6FC1AC4E; Tue, 10 Apr 2018 12:27:09 +0000 (UTC) Date: Tue, 10 Apr 2018 14:27:06 +0200 From: Michal Hocko To: Steven Rostedt Cc: Zhaoyang Huang , Ingo Molnar , LKML Subject: Re: [PATCH v1] ringbuffer: Don't choose the process with adj equal OOM_SCORE_ADJ_MIN Message-ID: <20180410122706.GH21835@dhcp22.suse.cz> References: <20180410061447.GQ21835@dhcp22.suse.cz> <20180410074921.GU21835@dhcp22.suse.cz> <20180410081231.GV21835@dhcp22.suse.cz> <20180410090128.GY21835@dhcp22.suse.cz> <20180410104902.GC21835@dhcp22.suse.cz> <20180410082316.263d34ec@gandalf.local.home> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180410082316.263d34ec@gandalf.local.home> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue 10-04-18 08:23:16, Steven Rostedt wrote: > On Tue, 10 Apr 2018 12:49:02 +0200 > Michal Hocko wrote: > > > But you do realize that what you are proposing is by no means any safer, > > don't you? The memory allocated for the ring buffer is _not_ accounted > > to any process and as such it is not considered by the oom killer when > > picking up an oom victim so you are quite likely to pick up an innocent > > process to be killed. So basically you are risking an allocation runaway > > completely hidden from the OOM killer. Now, the downside of the patch is > > that the OOM_SCORE_ADJ_MIN task might get killed which is something that > > shouldn't happen because it is a contract. I would call this an > > unsolvable problem and a inherent broken design of the oom disabled > > task. So far I haven't heard a single _argument_ why supporting such a > > weird cornercase is desirable when your application can trivial do > > > > fork(); set_oom_score_adj(); exec("echo $VAR > $RINGBUFFER_FILE") > > We could do this as a compromise: > > diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c > index c9cb9767d49b..40c2e0a56c51 100644 > --- a/kernel/trace/ring_buffer.c > +++ b/kernel/trace/ring_buffer.c > @@ -1185,6 +1185,12 @@ static int __rb_allocate_pages(long nr_pages, struct list_head *pages, int cpu) > */ > mflags = GFP_KERNEL | __GFP_RETRY_MAYFAIL; > > + /* If we can't OOM this task, then only allocate without reclaim */ > + if (unlikely(current->signal->oom_score_adj == OOM_SCORE_ADJ_MIN)) { > + mflags = GFP_KERNEL | __GFP_NORETRY; > + user_thread = false; /* do not set oom_origin */ > + } > + > /* > * If a user thread allocates too much, and si_mem_available() > * reports there's enough memory, even though there is not. > > This way, if one sets OOM_SCORE_ADJ_MIN, then we wont set oom_origin > for the task, but we also wont try hard to allocate memory if there is > nothing immediately available. I would rather that the code outside of MM not touch implementation details like OOM_SCORE_ADJ_MIN. It is really hard to get rid of abusers whenever you try to change something in MM then. Especially when the usecase is quite dubious. -- Michal Hocko SUSE Labs