On Sat, Jun 15, 2024 at 05:28:55PM GMT, Yosry Ahmed wrote: > On Sat, Jun 15, 2024 at 1:13 AM Shakeel Butt <shakeel.butt@xxxxxxxxx> wrote: > > > > The Meta prod is seeing large amount of stalls in memcg stats flush > > from the memcg reclaim code path. At the moment, this specific callsite > > is doing a synchronous memcg stats flush. The rstat flush is an > > expensive and time consuming operation, so concurrent relaimers will > > busywait on the lock potentially for a long time. Actually this issue is > > not unique to Meta and has been observed by Cloudflare [1] as well. For > > the Cloudflare case, the stalls were due to contention between kswapd > > threads running on their 8 numa node machines which does not make sense > > as rstat flush is global and flush from one kswapd thread should be > > sufficient for all. Simply replace the synchronous flush with the > > ratelimited one. > > > > One may raise a concern on potentially using 2 sec stale (at worst) > > stats for heuristics like desirable inactive:active ratio and preferring > > inactive file pages over anon pages but these specific heuristics do not > > require very precise stats and also are ignored under severe memory > > pressure. This patch has been running on Meta fleet for more than a > > month and we have not observed any issues. Please note that MGLRU is not > > impacted by this issue at all as it avoids rstat flushing completely. > > > > Link: https://lore.kernel.org/all/6ee2518b-81dd-4082-bdf5-322883895ffc@xxxxxxxxxx [1] > > Signed-off-by: Shakeel Butt <shakeel.butt@xxxxxxxxx> > > --- > > mm/vmscan.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/mm/vmscan.c b/mm/vmscan.c > > index c0429fd6c573..bda4f92eba71 100644 > > --- a/mm/vmscan.c > > +++ b/mm/vmscan.c > > @@ -2263,7 +2263,7 @@ static void prepare_scan_control(pg_data_t *pgdat, struct scan_control *sc) > > * Flush the memory cgroup stats, so that we read accurate per-memcg > > * lruvec stats for heuristics. > > */ > > - mem_cgroup_flush_stats(sc->target_mem_cgroup); > > + mem_cgroup_flush_stats_ratelimited(sc->target_mem_cgroup); > > I think you already know my opinion about this one :) I don't like it > at all, Yup I know. > and I will explain why below. I know it may be a necessary > evil, but I would like us to make sure there is no other option before > going forward with this. Instead of necessary evil, I would call it a pragmatic approach i.e. resolve the ongoing pain with good enough solution and work on long term solution later. > > Unfortunately, I am travelling this week, so I probably won't be able > to follow up on this for a week or so, but I will try to lay down my > thoughts as much as I can. > > Why don't I like this? > > - From a high level, I don't like the approach of replacing > problematic flushing calls with the ratelimited version. It strikes me > as a whac-a-mole approach that is mitigating symptoms of a larger > problem. > > - With the added thresholding code, a flush is only done if there is a > significant number of pending updates in the relevant subtree. > Choosing the ratelimited approach is intentionally ignoring a > significant change in stats (although arguably it could be irrelevant > stats). Intentionally ignoring the significant change is fine for, as you said, for irrelevant stats but also for the cases where we don't need the exact and precise stats. See my next point. > > - Reclaim code is an iterative process, so not updating the stats on > every retry is very counterintuitive. We are retrying reclaim using > the same stats and heuristics used by a previous iteration, > essentially dismissing the effects of those previous iterations. > I think I explained in the commit message why we don't need the precise metrics for this specific case but let me reiterate. The stats are needed for two specific heuristics in this case: 1. Deactivate LRUs 2. Cache trim mode The deactivate LRUs heuristic is to maintain a desirable inactive:active ratio of the LRUs. The specific stats needed are WORKINGSET_ACTIVATE* and the hierarchical LRU size. The WORKINGSET_ACTIVATE* is needed to check if there is a refault since last snapshot and the LRU size are needed for the desirable ratio between inactive and active LRUs. See the table below on how the desirable ratio is calculated. /* total target max * memory ratio inactive * ------------------------------------- * 10MB 1 5MB * 100MB 1 50MB * 1GB 3 250MB * 10GB 10 0.9GB * 100GB 31 3GB * 1TB 101 10GB * 10TB 320 32GB */ The desirable ratio only changes at the boundary of 1 GiB, 10 GiB, 100 GiB, 1 TiB and 10 TiB. There is no need for the precise and accurate LRU size information to calculate this ratio. In addition, if deactivation is skipped for some LRU, the kernel will force deactive on the severe memory pressure situation. For the cache trim mode, inactive file LRU size is read and the kernel scales it down based on the reclaim iteration (file >> sc->priority) and only checks if it is zero or not. Again precise information is not needed. > - Indeterministic behavior like this one is very difficult to debug if > it causes problems. The missing updates in the last 2s (or whatever > period) could be of any magnitude. We may be ignoring GBs of > free/allocated memory. What's worse is, if it causes any problems, > tracing it back to this flush will be extremely difficult. This is indeed an issue but that is common with the heuristics in general. They work most of the time and fail for small set of cases. Anyways, I am not arguing to remove sync flush for all cases. Rather I am arguing for this specific case, we don't need to be precise as I have explained above. > > What can we do? > > - Try to make more fundamental improvements to the flushing code (for > memcgs or cgroups in general). The per-memcg flushing thresholding is > an example of this. For example, if flushing is taking too long > because we are flushing all subsystems, it may make sense to have > separate rstat trees for separate subsystems. Yes separate flushing for each subsystems make sense and can be done orthogonally. > > One other thing we can try is add a mutex in the memcg flushing path. > I had initially had this in my subtree flushing series [1], but I > dropped it as we thought it's not very useful. Currently in > mem_cgroup_flush_stats(), we check if there are enough pending updates > to flush, then we call cgroup_flush_stats() and spin on the lock. It > is possible that while we spin, those pending updates we observed have > been flushed. If we add back the mutex like in [1], then once we > acquire the mutex we check again to make sure there are still enough > stats to flush. > > [1]https://lore.kernel.org/all/20231010032117.1577496-6-yosryahmed@xxxxxxxxxx/ My main beef with the global mutex is the possible priority inversion. Unless you agree to add try_lock() and skip flushing i.e. no one sleeps on the mutex, this is a no go. > > - Try to avoid the need for flushing in this path. I am not sure what > approach MGLRU uses to avoid the flush, but if we can do something > similar for classic LRUs that would be preferable. I am guessing MGLRU > may be maintaining its own stats outside of the rstat framework. MGLRU simply don't use these heuristics (Yu Zhao please correct me if I am wrong). > > - Try to figure out if one (or a few) update paths are regressing all > flushers. If one specific stat or stats update path is causing most of > the updates, we can try to fix that instead. Especially if it's a > counter that is continuously being increased and decreases (so the net > change is not as high as we think). This is actually a good point. I remember Jasper telling that MEMCG_KMEM might be the one with most updates. I can try to collect from Meta fleet what is the cause of most updates. > > At the end of the day, all of the above may not work, and we may have > to live with just using the ratelimited approach. But I *really* hope > we could actually go the other way. Fix things on a more fundamental > level and eventually drop the ratelimited variants completely. > > Just my 2c. Sorry for the long email :) Please note that this is not some user API which can not be changed later. We can change and disect however we want. My only point is not to wait for the perfect solution and have some intermediate and good enough solution. Thanks for the review.
