Re: [PATCH mm v2] vmalloc: back off when the current task is OOM-killed

From: Michal Hocko
Date: Thu Oct 07 2021 - 06:48:02 EST

Next message: Kalle Valo: "Re: [PATCH v7 05/24] wfx: add main.c/main.h"
Previous message: Greg Kroah-Hartman: "Re: [PATCH v2] usb: misc: ehset: Workaround for "special" hubs"
In reply to: Vasily Averin: "Re: [PATCH mm v2] vmalloc: back off when the current task is OOM-killed"
Next in thread: Andrew Morton: "Re: [PATCH mm v2] vmalloc: back off when the current task is OOM-killed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue 05-10-21 16:52:40, Vasily Averin wrote:
> Huge vmalloc allocation on heavy loaded node can lead to a global
> memory shortage. Task called vmalloc can have worst badness and
> be selected by OOM-killer, however taken fatal signal does not
> interrupt allocation cycle. Vmalloc repeat page allocaions
> again and again, exacerbating the crisis and consuming the memory
> freed up by another killed tasks.
>
> After a successful completion of the allocation procedure, a fatal
> signal will be processed and task will be destroyed finally.
> However it may not release the consumed memory, since the allocated
> object may have a lifetime unrelated to the completed task.
> In the worst case, this can lead to the host will panic
> due to "Out of memory and no killable processes..."
>
> This patch allows OOM-killer to break vmalloc cycle, makes OOM more
> effective and avoid host panic. It does not check oom condition directly,
> however, and breaks page allocation cycle when fatal signal was received.

This will allow also interrupting a user space requist which happens to
trigger a large vmalloc, hence the reason for going for
fatal_signal_pending rather than oom specific condition.

> This may trigger some hidden problems, when caller does not handle
> vmalloc failures, or when rollaback after failed vmalloc calls own
> vmallocs inside. However all of these scenarios are incorrect:
> vmalloc does not guarantee successful allocation, it has never been called
> with __GFP_NOFAIL and threfore either should not be used for any rollbacks
> or should handle such errors correctly and not lead to critical
> failures.

__GFP_NOFAIL semantic is explicitly not supported for vmalloc.

> Signed-off-by: Vasily Averin <vvs@xxxxxxxxxxxxx>

Acked-by: Michal Hocko <mhocko@xxxxxxxx>

I would keep it sitting in the linux-next for some time to sort out
potential fallouts and have them fixed before this one gets merged.

Thanks!
> ---
> v2: tsk_is_oom_victim() check replaced by fatal_signal_pending(current),
> removed check inside __alloc_pages_bulk(),
> according to feedback from mhocko@.
> Updated patch description.
> ---
> mm/vmalloc.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/mm/vmalloc.c b/mm/vmalloc.c
> index d77830ff604c..71706f5447f0 100644
> --- a/mm/vmalloc.c
> +++ b/mm/vmalloc.c
> @@ -2860,6 +2860,9 @@ vm_area_alloc_pages(gfp_t gfp, int nid,
> struct page *page;
> int i;
>
> + if (fatal_signal_pending(current))
> + break;
> +
> page = alloc_pages_node(nid, gfp, order);
> if (unlikely(!page))
> break;
> --
> 2.31.1

--
Michal Hocko
SUSE Labs

Next message: Kalle Valo: "Re: [PATCH v7 05/24] wfx: add main.c/main.h"
Previous message: Greg Kroah-Hartman: "Re: [PATCH v2] usb: misc: ehset: Workaround for "special" hubs"
In reply to: Vasily Averin: "Re: [PATCH mm v2] vmalloc: back off when the current task is OOM-killed"
Next in thread: Andrew Morton: "Re: [PATCH mm v2] vmalloc: back off when the current task is OOM-killed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]