On Thu 08-08-19 22:59:32, ndrw wrote: > On 08/08/2019 19:59, Michal Hocko wrote: > > Well, I am afraid that implementing anything like that in the kernel > > will lead to many regressions and bug reports. People tend to have very > > different opinions on when it is suitable to kill a potentially > > important part of a workload just because memory gets low. > > Are you proposing having a zero memory reserve or not having such option at > all? I'm fine with the current default (zero reserve/margin). We already do have a reserve (min_free_kbytes). That gives kswapd some room to perform reclaim in the background without obvious latencies to allocating tasks (well CPU still be used so there is still some effect). Kswapd tries to keep a balance and free memory low but still with some room to satisfy an immediate memory demand. Once kswapd doesn't catch up with the memory demand we dive into the direct reclaim and that is where people usually see latencies coming from. The main problem here is that it is hard to tell from a single allocation latency that we have a bigger problem. As already said, the usual trashing scenario doesn't show problem during the reclaim because pages can be freed up very efficiently. The problem is that they are refaulted very quickly so we are effectively rotating working set like crazy. Compare that to a normal used-once streaming IO workload which is generating a lot of page cache that can be recycled in a similar pace but a working set doesn't get freed. Free memory figures will look very similar in both cases. > I strongly prefer forcing OOM killer when the system is still running > normally. Not just for preventing stalls: in my limited testing I found the > OOM killer on a stalled system rather inaccurate, occasionally killing > system services etc. I had much better experience with earlyoom. Good that earlyoom works for you. All I am saying is that this is not generally applicable heuristic because we do care about a larger variety of workloads. I should probably emphasise that the OOM killer is there as a _last resort_ hand break when something goes terribly wrong. It operates at times when any user intervention would be really hard because there is a lack of resources to be actionable. [...] > > > > PSI is giving you a matric that tells you how much time you > > > > spend on the memory reclaim. So you can start watching the system from > > > > lower utilization already. > > I've tested it on a system with 45GB of RAM, SSD, swap disabled (my > intention was to approximate a worst-case scenario) and it didn't really > detect stall before it happened. I can see some activity after reaching > ~42GB, the system remains fully responsive until it suddenly freezes and > requires sysrq-f. This is a useful feedback! What was your workload? Which kernel version? -- Michal Hocko SUSE Labs