Received: by 10.192.165.148 with SMTP id m20csp3146958imm; Mon, 23 Apr 2018 01:07:19 -0700 (PDT) X-Google-Smtp-Source: AIpwx49I3ZS/cXMYWbipKaID8VTjeOYROAz4bzJ8NuEHPMlOVBqhzrgRjgrhbQNUTcXF+3pCtWKZ X-Received: by 10.101.71.132 with SMTP id e4mr13204451pgs.196.1524470839483; Mon, 23 Apr 2018 01:07:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524470839; cv=none; d=google.com; s=arc-20160816; b=Kg+OD0tZy4M32IqJWnXgKr3k09DPeTXIsGEFNw6nPQVmi774uitX/qUlj/wJ/oobjd k1z770YuU6gGbflFh10i5ySw9NQjxZtRPpKT2+YFiLsly7NCfFK5ZO/9V+wfO+wtDVKF UhochS8E3+Uvx0oLrQQH3jKogtZQOYZTQGwqVY1Mbo0B8lPirwxA1kjKrAiC3e7v7CYT 8KSFdOrfqyjOZ1FMdN6Wd0fvwT7g6AmjhfMUsYpN7jDlkVezufEX7YoQXoisgdKdd8j0 a14viKMojpmRqJ03O2oJtMrF0k1dT0Z5W620vMDrrplHTItw04nbLmqCIaMl7N5u6Ohq r98Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id :arc-authentication-results; bh=D1ymWWu6PXerpEHuX/CDZkk22N/EbEWs7k1MS9ZU2cQ=; b=zSenc06mZbSH3B5OvXqHoW91ov3fp9g0xdgEl/q3PWNXujny3Cwvnu8mbkTgWY8CCf nHlROUpVqW1yAgKr4SKOkBvB+cJhRAZrELbtDe22NVZNkbde+puGpIRNsEs4c3iAWQ4o dCNLOyjxRcn8yAQWZ081Grm3wBsRz48WFXIQ45a28IQQcCGlCGt1DRHcAbYuUMUkNo3D RcAesI7GcoO2GasyL/yJ4XoeBfQLvRR7CFEfca+cv9rd9iV9joqpRPyxeHyD8JUTQFXC 6C8qy3kFQBEg17Vutm9hitA0jPA/fsMsCL/Ryd7vhfHktDMSWZ8fMZuXm+JOs5nWLOoF rYGg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v66si10948861pfd.341.2018.04.23.01.07.05; Mon, 23 Apr 2018 01:07:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754128AbeDWIEo convert rfc822-to-8bit (ORCPT + 99 others); Mon, 23 Apr 2018 04:04:44 -0400 Received: from mout.gmx.net ([212.227.17.22]:56581 "EHLO mout.gmx.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751356AbeDWIEj (ORCPT ); Mon, 23 Apr 2018 04:04:39 -0400 Received: from homer.simpson.net ([185.191.216.25]) by mail.gmx.com (mrgmx102 [212.227.17.168]) with ESMTPSA (Nemesis) id 0M1zFf-1eHjmo0Gpn-00u06U; Mon, 23 Apr 2018 10:04:37 +0200 Message-ID: <1524470676.5451.1.camel@gmx.de> Subject: Re: DOS by unprivileged user From: Mike Galbraith To: Ferry Toth Cc: linux-kernel@vger.kernel.org Date: Mon, 23 Apr 2018 10:04:36 +0200 In-Reply-To: <6057755.ozdVOybsI6@delfion> References: <9023506.UBh6vynRGa@delfion> <4285098.DEWjdbWF2X@delfion> <1524325275.8078.2.camel@gmx.de> <6057755.ozdVOybsI6@delfion> Content-Type: text/plain; charset="ISO-8859-15" X-Mailer: Evolution 3.22.6 Mime-Version: 1.0 Content-Transfer-Encoding: 8BIT X-Provags-ID: V03:K1:YhLL4xHBvcRF+h5vlTkxFc57S2tsTKHMZBdUopAP+ZYA1Netx/0 bXYG5dAmBXrl3HGu8nkbbkbAeBUN7rtBktlNQJ3W06wpWFuUfpQB6nmYalVxNvg1urTOHbk srR2zhH2boJ7Tl+JlRLbv6GTnVN9YMDJGuAg6lesAu51Xd7TtS/17isdSystJHbSjY8zANz QYpmEc9rj9tRtg3HHOoUQ== X-UI-Out-Filterresults: notjunk:1;V01:K0:T1udFbawPvg=:1GJlxgkUsxVsV9gGZOA8JE R+tN36fRMDnFP4itB94h4/dXxH+9cSOMHpXdbu63I/VHgqB594vPFssnBqH/15041RsCon0gN +NoVvpooZoA+XuRY/LJUQMmGPjxnEuwhZbLda/QFnh+RqX4sOalgXRLXZn8AVz3dmFu228gJe KaIpP+vClVqaOmhvcv2ZDVpgGSZ2bMhVEQwOrTlCHbMstGZzbpSMUfj6xLr2XXfhiYdk+Ser9 lh46DUEQ7Fx9jYOS4CZNZkO6CtPCm3B8TNQ/89RG0y1WetDlNZxGyODixnGmpipZuUdAKKUt6 gYsOmLir/4bpBy+UtXiJ0wDPzBOtk5oDJRsb3uPmfJuifCnFxJRJwBcKqBTeptXN8gOjnoCyW cHIXL+KeG/ZWDwP4WoBjLDcoE5HNy+tfEb6Wvs1MSC81CwhCYoGlYrfc+3aqo+/rUfABcOBOX FrIumghOv8+OGcrtKbFUQv/ljQTb1BfnxIhnxbxuzqFDVwOn9MiuaVAEgJjydnTlLK3A/W+14 V25mWAjes11QTcodc/xYVQ5CjnfTrKbf7rDx9FJSQfMv5FcvRmiuuy5P3nYq/HF7y7rlcfaMH E6VdzvsiwPdJjuHx0gkgSoqWRg0avPl6/yvcc6+VvjuJsvnFN40Y+/NuYzQLYe5t9e/Uj+p+Z M5/fktRgrw2Hl+EF50XPkTiHzT9FRU4+T5dktKBnqCTfOMY2foqj8QpQKdxr4QHKUSimiUYi2 LCI+oI9Mf7CgymWl6l7YyLIZMwOEy+LX3/k6Cc/KSbc8SNBjoMoBJ9CG6NQGUYrjGq/5/5jm2 TRvC2ZFfvVFRc6VBgyI3KxGb3TFXrhUZgJqoisYbPr2Pi7ijvs= Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, 2018-04-22 at 21:37 +0200, Ferry Toth wrote: > > Yes your memory hog scenario thoroughly wrecks the user experience, but > > the process scheduler in not the source of that wreckage, it's a memory > > management issue. With no constraints in place, anybody can just keep > > on allocating until the entire system starts grinding itself to dust. > > > > -Mike > ? > That is exactly the issue I think. It is not just a user experience, > they is no distinction between crashing the kernel and grinding it to > dust. The effect we have is: any user on a multi user system can > crash the system. > ? > Memory management / constraints can't solve the problem either: it > might be intentional to alloc such amounts of memory. Constraints definitely can solve this particular problem instance. Plain old ulimit can stop the memory hog (wish) dead in its tracks, or you can use memory cgroup controller to constrain it in a more friendly manner. I started gitk in a 4G constrained cgroup, which redirected its greedy fingers to the swap bin for the remainder of its needs. But yes, there is currently no wonderful one size fits all fully automatic solution to running low on memory that doesn't involve running to the store. > I think memory allocation and io waits can't be decoupled from > scheduling as they are now. The scheduler is not decoupled from either, it is intimately involved in both. However, none of the decision making smarts for either reside in the scheduler, nor should they. -Mike