On Thu, Jul 20, 2023 at 07:08:17AM +0000, Yosry Ahmed wrote: > This patch series implements the proposal in LSF/MM/BPF 2023 conference > for reducing offline/zombie memcgs by memory recharging [1]. The main > difference is that this series focuses on recharging and does not > include eviction of any memory charged to offline memcgs. > > Two methods of recharging are proposed: > > (a) Recharging of mapped folios. > > When a memcg is offlined, queue an asynchronous worker that will walk > the lruvec of the offline memcg and try to recharge any mapped folios to > the memcg of one of the processes mapping the folio. The main assumption > is that a process mapping the folio is the "rightful" owner of the > memory. > > Currently, this is only supported for evictable folios, as the > unevictable lru is imaginary and we cannot iterate the folios on it. A > separate proposal [2] was made to revive the unevictable lru, which > would allow recharging of unevictable folios. > > (b) Deferred recharging of folios. > > For folios that are unmapped, or mapped but we fail to recharge them > with (a), we rely on deferred recharging. Simply put, any time a folio > is accessed or dirtied by a userspace process, and that folio is charged > to an offline memcg, we will try to recharge it to the memcg of the > process accessing the folio. Again, we assume this process should be the > "rightful" owner of the memory. This is also done asynchronously to avoid > slowing down the data access path. I'm super skeptical of this proposal. Recharging *might* be the most desirable semantics from a user pov, but only if it applies consistently to the whole memory footprint. There is no mention of slab allocations such as inodes, dentries, network buffers etc. which can be a significant part of a cgroup's footprint. These are currently reparented. I don't think doing one thing with half of the memory, and a totally different thing with the other half upon cgroup deletion is going to be acceptable semantics. It appears this also brings back the reliability issue that caused us to deprecate charge moving. The recharge path has trylocks, LRU isolation attempts, GFP_ATOMIC allocations. These introduce a variable error rate into the relocation process, which causes pages that should belong to the same domain to be scattered around all over the place. It also means that zombie pinning still exists, but it's now even more influenced by timing and race conditions, and so less predictable. There are two issues being conflated here: a) the problem of zombie cgroups, and b) who controls resources that outlive the control domain. For a), reparenting is still the most reasonable proposal. It's reliable for one, but it also fixes the problem fully within the established, user-facing semantics: resources that belong to a cgroup also hierarchically belong to all ancestral groups; if those resources outlive the last-level control domain, they continue to belong to the parents. This is how it works today, and this is how it continues to work with reparenting. The only difference is that those resources no longer pin a dead cgroup anymore, but instead are physically linked to the next online ancestor. Since dead cgroups have no effective control parameters anymore, this is semantically equivalent - it's just a more memory efficient implementation of the same exact thing. b) is a discussion totally separate from this. We can argue what we want this behavior to be, but I'd argue strongly that whatever we do here should apply to all resources managed by the controller equally. It could also be argued that if you don't want to lose control over a set of resources, then maybe don't delete their control domain while they are still alive and in use. For example, when restarting a workload, and the new instance is expected to have largely the same workingset, consider reusing the cgroup instead of making a new one. For the zombie problem, I think we should merge Muchun's patches ASAP. They've been proposed several times, they have Roman's reviews and acks, and they do not change user-facing semantics. There is no good reason not to merge them.