Re: [PATCH v1] kernel/trace:check the val against the available mem

From: Steven Rostedt
Date: Wed Apr 04 2018 - 11:04:49 EST


On Wed, 4 Apr 2018 16:42:55 +0200
Michal Hocko <mhocko@xxxxxxxxxx> wrote:

> On Wed 04-04-18 10:25:27, Steven Rostedt wrote:
> > On Wed, 4 Apr 2018 16:10:52 +0200
> > Michal Hocko <mhocko@xxxxxxxxxx> wrote:
> >
> > > On Wed 04-04-18 08:59:01, Steven Rostedt wrote:
> > > [...]
> > > > + /*
> > > > + * Check if the available memory is there first.
> > > > + * Note, si_mem_available() only gives us a rough estimate of available
> > > > + * memory. It may not be accurate. But we don't care, we just want
> > > > + * to prevent doing any allocation when it is obvious that it is
> > > > + * not going to succeed.
> > > > + */
> > > > + i = si_mem_available();
> > > > + if (i < nr_pages)
> > > > + return -ENOMEM;
> > > > +
> > > >
> > > > Better?
> > >
> > > I must be really missing something here. How can that work at all for
> > > e.g. the zone_{highmem/movable}. You will get false on the above tests
> > > even when you will have hard time to allocate anything from your
> > > destination zones.
> >
> > You mean we will get true on the above tests? Again, the current
> > method is to just say screw it and try to allocate.
>
> No, you will get false on that test. Say that you have a system with

Ah, I'm thinking backwards, I looked at false meaning "not enough
memory", where if it's true (i < nr_pages), false means there is enough
memory. OK, we are in agreement.

> large ZONE_MOVABLE. Now your kernel allocations can fit only into
> !movable zones (say we have 1G for !movable and 3G for movable). Now say
> that !movable zones are getting close to the edge while movable zones
> are full of reclaimable pages. si_mem_available will tell you there is a
> _lot_ of memory available while your GFP_KERNEL request will happily
> consume the rest of !movable zones and trigger OOM. See?

Which is still better than what we have today. I'm fine with it.
Really, I am.

>
> [...]
> > I'm looking for something where "yes" means "there may be enough, but
> > there may not be, buyer beware", and "no" means "forget it, don't even
> > start, because you just asked for more than possible".
>
> We do not have _that_ something other than try to opportunistically
> allocate and see what happens. Sucks? Maybe yes but I really cannot
> think of an interface with sane semantic that would catch all the
> different scenarios.

And I'm fine with that too. I don't want to catch all different
scenarios. I want to just catch the crazy ones. Like trying to allocate
gigs of memory when there's only a few megs left. Those can easily
happen with the current interface that can't change.

I'm not looking for perfect. In fact, I love what si_mem_available()
gives me now! Sure, it can say "there's enough memory" even if I can't
use it. Because most of the OOM allocations that happen with increasing
the size of the ring buffer isn't due to "just enough memory
allocated", but it's due to "trying to allocate crazy amounts of
memory". That's because it does the allocation one page at a time, and
if you try to allocate crazy amounts of memory, it will allocate all
memory before it fails. I don't want that. I want crazy allocations to
fail from the start. A "maybe this will allocate" is fine even if it
will end up causing an OOM.

-- Steve