Re: Some questions about linux kernel.

From: James Sutherland (
Date: Thu Mar 16 2000 - 06:29:46 EST

On Thu, 16 Mar 2000, Paul Jakma wrote:

> On Thu, 16 Mar 2000, James Sutherland wrote:
> > No. *ANY* memory allocation system can run out of memory. Avoiding
> > "overcommitting" would make the OOM situation arise SOONER (and more
> > frequently), as well as killing performance.
> >
> well, it's a more a question of whether you make promises that you might
> not be able to keep. If you do (ie overcommit) then it's your
> (kernel) problem. If you don't, it's not.

Not really; either way, we are being asked for memory we can't currently

> Without overcommit the /system/ can run out memory, of course - it's
> finite - but it's no longer a kernel problem.

It was never really a "kernel problem" as such anyway. It's a problem the
kernel is trying to fix.

> > Right... Now we'll try this on the university's central Unix system, shall
> > we? Let's see... 6000 users, 2Gb RAM+swap. They get about 300K each.
> > That's ALMOST enough to log in with!
> well then get more ram/swap. But at least it has become a hw issue.

It was all along - you don't have enough RAM+swap for the workload the
system is under, so processes are dying.

> > The alternative just isn't practical in any real-world situation, except
> > more-or-less single user boxes.
> the alternative is very practical. boxes where oracle runs as one user /
> apache as another for example. You might want to lock down something
> that you know can cause problems.. etc..

That would help, yes, in this particular system. It's not a general
solution, however.

> > Even then, that single user will still run
> > out of memory - it's just his quota, rather than a physical limit.
> obviously.
> > So his processes STILL end up dying randomly, but they do it sooner rather
> > than later. Hrm. Wow.
> but then it's the users problem - not the OS..

But this does nothing at all to prevent runaway root processes blowing the
system away, for example.

> > On any realistically specced box, it is almost zero already.
> >
> no it's not. a plain linux box today has a terrible tendency to die if
> an app misbehaves wrt to memory. It's that bad. (unless you think 1GB of
> RAM + 4GB's+ of swap is a reasonable spec for a desktop)

Yes - I OOMed this machine last night, and almost everything died as a
result (thanks to me *NOT* having Rik's patch in yet.) These are not
normal circumstances, though...

> per process limits go a long long way to solving this (easy with
> pam_limits) but not far enough. But per user limits would be a huge
> improvement...

Yes, I agree. However, we can still run out of RAM+swap on multiuser
systems quite easily.

> > No, it's a risk with *EVERY* OS.
> no it's not. A non overcommiting OS doesn't run out of VM for
> processes. it cleanly grants or denies memory requests. What the app
> does after that is not a kernel problem.

The problem is, denying memory requests leads to processes dying. This is
what we want to avoid.

In fact, last night I more or less killed this machine. I had overcommit
turned off, and nothing major loaded (X, WWW server, xmms) and fired up
"make -j" on a biggish source tree. After quite some time, just about
everything died from lack of memory.

This was WITHOUT the OOM killer patch. With it, I think the newly spawned
make and cc processes would have been killed off much sooner, helping save
the other processes.

How would you define "running out" of memory? I would define it as not
being able to fulfil new requests - which is the situation we are trying
to handle here. If you start denying malloc() requests, processes start
dying (largely at random). If, instead, you kill selected processes, then
obviously processes still die as a result. However, they are more likely
to be the "right" ones to kill.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Thu Mar 23 2000 - 21:00:17 EST