RFR: 8292083: Detected container memory limit may exceed physical machine memory [v18]

Severin Gehwolf sgehwolf at openjdk.org
Wed Aug 24 09:39:43 UTC 2022 

On Tue, 23 Aug 2022 20:41:48 GMT, Jonathan Dowland <jdowland at openjdk.org> wrote:

>> We discovered some systems configured with cgroups v1 which report a bogus container memory limit value which is above the physical memory of the host. OpenJDK then calculates flags such as InitialHeapSize based on this invalid value; this can be larger than the available memory which can result in the OS terminating the process due to OOM.
>> 
>> hotspot's container awareness attempts to sanity check the limit value by ensuring it's below `_unlimited_memory = (LONG_MAX / os::vm_page_size()) * os::vm_page_size()`, but that still leaves a large range of potential invalid values between physical RAM and that ceiling value.
>> 
>> Cgroups V1 in particular returns an uninitialised value for the memory limit when one has not been explicitly set. Cgroups v2 does not suffer the same problem: however, it's possible for any value to be set for the max memory, including values exceeding the available physical memory, in either v1 or v2.
>> 
>> This fixes the problem in two places. Further work may be required in the area of Java metrics / MXBeans. I'd also look again at whether the existing ceiling value `_unlimited_memory` serves any useful purpose. I personally don't feel those improvements should hold up this fix.
>
> Jonathan Dowland has updated the pull request incrementally with one additional commit since the last revision:
> 
>   adjust shouldMatch regex to account for cgroups 1 vs 2 differences
>   
>   For cgroups v1, the inner-most memory limit handling code replaces
>   limit values larger than physical RAM with "-1", resulting in different
>   log output to v2.

Looks good to me. Please get a second review for this, though, if you can.

test/hotspot/jtreg/containers/docker/TestMemoryAwareness.java line 122:

> 120:             .addDockerOpts("--memory", badMem);
> 121:         Common.run(opts)
> 122:             .shouldMatch("container memory limit (ignored: "+badMem+"|unlimited: -1), using host value " + goodMem);

Style nit: Space before and after `+`: `... (ignored: " + badMem + "|unlimited: ...`

-------------

Marked as reviewed by sgehwolf (Reviewer).

PR: https://git.openjdk.org/jdk/pull/9880

More information about the hotspot-runtime-dev mailing list