From owner-freebsd-stable@FreeBSD.ORG Mon Mar 5 21:14:01 2007 Return-Path: X-Original-To: stable@freebsd.org Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 82D2E16A404 for ; Mon, 5 Mar 2007 21:14:01 +0000 (UTC) (envelope-from scottl@samsco.org) Received: from pooker.samsco.org (pooker.samsco.org [168.103.85.57]) by mx1.freebsd.org (Postfix) with ESMTP id 7610513C481 for ; Mon, 5 Mar 2007 21:14:00 +0000 (UTC) (envelope-from scottl@samsco.org) Received: from phobos.samsco.home (phobos.samsco.home [192.168.254.11]) (authenticated bits=0) by pooker.samsco.org (8.13.8/8.13.8) with ESMTP id l25Kbua6024070; Mon, 5 Mar 2007 13:38:03 -0700 (MST) (envelope-from scottl@samsco.org) Message-ID: <45EC7F91.5070106@samsco.org> Date: Mon, 05 Mar 2007 13:37:37 -0700 From: Scott Long User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.2pre) Gecko/20070111 SeaMonkey/1.1 MIME-Version: 1.0 To: Kostik Belousov References: <20070227205351.GA72597@ravenloft.kiev.ua> <20070305035945.GA71660@xor.obsecurity.org> <20070305132350.GB57253@comp.chem.msu.su> <200703051314.29902@aldan> <20070305191714.GF57253@comp.chem.msu.su> <20070305193022.GM10453@deviant.kiev.zoral.com.ua> In-Reply-To: <20070305193022.GM10453@deviant.kiev.zoral.com.ua> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-2.0.2 (pooker.samsco.org [168.103.85.57]); Mon, 05 Mar 2007 13:38:03 -0700 (MST) X-Spam-Status: No, score=-1.4 required=3.8 tests=ALL_TRUSTED autolearn=failed version=3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on pooker.samsco.org Cc: Yar Tikhiy , stable@freebsd.org Subject: Re: panic: kmem_malloc(16384): kmem_map too small: md-mounted /tmp filled up X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Mar 2007 21:14:01 -0000 Kostik Belousov wrote: > On Mon, Mar 05, 2007 at 10:17:14PM +0300, Yar Tikhiy wrote: >> On Mon, Mar 05, 2007 at 01:14:29PM -0500, Mikhail Teterin wrote: >>> On Monday 05 March 2007 08:23, Yar Tikhiy wrote: >>> = > How will it break them? swap backing only touches swap if there is >>> = > memory pressure, i.e. precisely the situation in which malloc backing >>> = > will panic. >>> = >>> = I forgot that in BSD swap wouldn't be allocated in advance to its >>> = consumers. Then removing the -M flag and making swap backing the >>> = default is a very sound choice. Thank you for correcting me. >>> >>> Yar, would you change the man-page's advice and the default, then? >> Yes, I'll be glad to if no objections arise until I finish updating >> my CURRENT machine, i.e., tomorrow. :-) >> >>> Someone still needs to look into the panic... Who would that be? >> Obviously, Mr(s). Someone. :-) >> >> The md case exposes a quite tangled nature of the problem. Funnily >> enough, kernel malloc() cannot just fail in the case because it >> must not fail if called with M_WAITOK. This means that the system >> has quite a rough choice: >> >> - put the requesting thread to sleep forever; >> - grow kmem_map, eventually sacrifice all RAM to the greedy thread >> and die sooner or later; >> - panic immediately. >> >> If all malloc() callers in the kernel were ready to deal with >> allocation failure, the system could just tell the greedy thread >> to buzz off. But too many kernel parts depend on malloc(M_WAITOK) >> never failing. Perhaps it's the root of the problem. > > Mark callers that are ready for M_WAITOK failure with some additional > flag, like M_FAILOK (feel free to propose meaningful name there). > At least malloc()-based md could then use it. The panic is a chronic problem that really needs to be fixed in general. However, the md code should probably be modified to reject any malloc-backed size larger than some trivial (and arbitrary) value, like say 1MB. It's really inferior to being swap-backed, and it only encourages foot-shooting and these unclear panics. Scott