| Message ID | 20230518021825.712742-2-joel@joelfernandes.org (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | Optimize mremap during mutual alignment within PMD | expand |
On Wed, May 17, 2023 at 7:18 PM Joel Fernandes (Google) <joel@joelfernandes.org> wrote: > > This warning will only trigger when there is mutual alignment in the > move operation. A solution, as suggested by Linus Torvalds [2], is to > initiate the copy process at the PMD level whenever such alignment is > present. So this patch is actually simpler than I thought it would be. But I'm a bit nervous about it. In particular, it ends doing old_end = old_addr + len; ... expand old_addr/new_addr down to the pmd boundary .. return len + old_addr - old_end; /* how much done */ doesn't that return value end up being nonsensical now? In particular, I think it can return a *negative* value, because of how old_addr was moved down, and the "now much done" might indeed be "negative" in the sense that it failed the move even "before" the original starting point. And that negative value then ends up being a large positive one as an "unsigned long", of course. So I get the feeling that it wants something like if (old_addr + len < old_end) return 0; there at the end. But maybe there is something in there that guarantees that that case never happens. I didn't think too deeply about it, I just felt this looked odd. Linus
On Wed, May 17, 2023 at 09:12:07PM -0700, Linus Torvalds wrote: > On Wed, May 17, 2023 at 7:18 PM Joel Fernandes (Google) > <joel@joelfernandes.org> wrote: > > > > This warning will only trigger when there is mutual alignment in the > > move operation. A solution, as suggested by Linus Torvalds [2], is to > > initiate the copy process at the PMD level whenever such alignment is > > present. > > So this patch is actually simpler than I thought it would be. > > But I'm a bit nervous about it. In particular, it ends doing > > old_end = old_addr + len; > ... expand old_addr/new_addr down to the pmd boundary .. > return len + old_addr - old_end; /* how much done */ > > doesn't that return value end up being nonsensical now? Aargh, Sorry to miss that. Yes, it ends up being bogus in the case where the loop broke out early due to failure (but only on the first PMD move failure AFAICS). In the success case (or failures after the first PMD move), it does not matter because old_addr is updated to what it was without the optimization. > In particular, I think it can return a *negative* value, because of > how old_addr was moved down, and the "now much done" might indeed be > "negative" in the sense that it failed the move even "before" the > original starting point. > > And that negative value then ends up being a large positive one as an > "unsigned long", of course. > > So I get the feeling that it wants something like > > if (old_addr + len < old_end) > return 0; I think that will fix it (thanks!). The main thing I think is to not mess up the second call to move_page_tables() in mremap where it tries to move the half-moved stuff back: move_page_tables(new_vma, new_addr, vma, old_addr, moved_len, true); There moved_len comes from the return value of the first call to move_page_tables(). If we realigned, and then the first PMD alloc failed, moved_len might be negative as you pointed. If the first PMD move passed, then there is no issue as I mentioned above. I will fix this in the next revision and also add a test case for this, I am wondering how to test it without some kind of error-injection to make the first PMD copy fail. In any case, I will try to hack my local kernel to test that. thanks, - Joel > there at the end. > > But maybe there is something in there that guarantees that that case > never happens. I didn't think too deeply about it, I just felt this > looked odd. > > Linus
diff --git a/mm/mremap.c b/mm/mremap.c index 411a85682b58..d7ee3b20e170 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -478,6 +478,51 @@ static bool move_pgt_entry(enum pgt_entry entry, struct vm_area_struct *vma, return moved; } +/* + * A helper to check if a previous mapping exists. Required for + * move_page_tables() and realign_addr() to determine if a previous mapping + * exists before we can do realignment optimizations. + */ +static bool check_addr_in_prev(struct vm_area_struct *vma, unsigned long addr, + unsigned long mask) +{ + int addr_masked = addr & mask; + struct vm_area_struct *prev = NULL, *cur = NULL; + + /* If the masked address is within vma, there is no prev mapping of concern. */ + if (vma->vm_start <= addr_masked) + return false; + + /* + * Attempt to find vma before prev that contains the address. + * On any issue, assume the address is within a previous mapping. + * @mmap write lock is held here, so the lookup is safe. + */ + cur = find_vma_prev(vma->vm_mm, vma->vm_start, &prev); + if (!cur || cur != vma || !prev) + return true; + + /* The masked address fell within a previous mapping. */ + if (prev->vm_end > addr_masked) + return true; + + return false; +} + +/* Opportunistically realign to specified boundary for faster copy. */ +static void realign_addr(unsigned long *old_addr, struct vm_area_struct *old_vma, + unsigned long *new_addr, struct vm_area_struct *new_vma, + unsigned long mask) +{ + if ((*old_addr & ~mask) && + (*old_addr & ~mask) == (*new_addr & ~mask) && + !check_addr_in_prev(old_vma, *old_addr, mask) && + !check_addr_in_prev(new_vma, *new_addr, mask)) { + *old_addr = *old_addr & mask; + *new_addr = *new_addr & mask; + } +} + unsigned long move_page_tables(struct vm_area_struct *vma, unsigned long old_addr, struct vm_area_struct *new_vma, unsigned long new_addr, unsigned long len, @@ -493,6 +538,10 @@ unsigned long move_page_tables(struct vm_area_struct *vma, old_end = old_addr + len; + /* If possible, realign addresses to PMD boundary for faster copy. */ + if (len >= PMD_SIZE) + realign_addr(&old_addr, vma, &new_addr, new_vma, PMD_MASK); + if (is_vm_hugetlb_page(vma)) return move_hugetlb_page_tables(vma, new_vma, old_addr, new_addr, len);
Recently, we see reports [1] of a warning that triggers due to move_page_tables() doing a downward and overlapping move on a mutually-aligned offset within a PMD. By mutual alignment, I mean the source and destination addresses of the mremap are at the same offset within a PMD. This mutual alignment along with the fact that the move is downward is sufficient to cause a warning related to having an allocated PMD that does not have PTEs in it. This warning will only trigger when there is mutual alignment in the move operation. A solution, as suggested by Linus Torvalds [2], is to initiate the copy process at the PMD level whenever such alignment is present. Implementing this approach will not only prevent the warning from being triggered, but it will also optimize the operation as this method should enhance the speed of the copy process whenever there's a possibility to start copying at the PMD level. Some more points: a. The optimization can be done only when both the source and destination of the mremap do not have anything mapped below it up to a PMD boundary. I add support to detect that. b. #1 is not a problem for the call to move_page_tables() from exec.c as nothing is expected to be mapped below the source/destination. However, for non-overlapping mutually aligned moves as triggered by mremap(2), I added support for checking such cases. c. I currently only optimize for PMD moves, in the future I/we can build on this work and do PUD moves as well if there is a need for this. But I want to take it one step at a time. [1] https://lore.kernel.org/all/ZB2GTBD%2FLWTrkOiO@dhcp22.suse.cz/ [2] https://lore.kernel.org/all/CAHk-=whd7msp8reJPfeGNyt0LiySMT0egExx3TVZSX3Ok6X=9g@mail.gmail.com/ Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> --- mm/mremap.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+)