From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 99CD0C433DB for ; Sat, 20 Feb 2021 09:12:46 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 122F864ED6 for ; Sat, 20 Feb 2021 09:12:46 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 122F864ED6 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 778AA6B0005; Sat, 20 Feb 2021 04:12:45 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 6FFE76B006C; Sat, 20 Feb 2021 04:12:45 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5C8406B006E; Sat, 20 Feb 2021 04:12:45 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0153.hostedemail.com [216.40.44.153]) by kanga.kvack.org (Postfix) with ESMTP id 39EBF6B0005 for ; Sat, 20 Feb 2021 04:12:45 -0500 (EST) Received: from smtpin12.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 0048C183C47AE for ; Sat, 20 Feb 2021 09:12:44 +0000 (UTC) X-FDA: 77838081090.12.96C7DF0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by imf22.hostedemail.com (Postfix) with ESMTP id 38CC4C000C44 for ; Sat, 20 Feb 2021 09:12:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1613812363; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=q+4sbPhwjmEGA0Ylf/8EG+5ZbWARkZJc1n0ED7XVLRQ=; b=ENzDBrQoYwgTGD7n+ApQ93cytz1VbZtIYsELrFNgXXM8K5pqracVmBKCZOv165vxmmgwg0 BQibKmc1w63vPtkLkgcovJd251bJMvd+C5kZbPHK3e9PmgpHAgJb7FQeg4bhUxTmfvXpkp YZ6xgCzMJWM+k/Nmj6gC750DGW9dmw8= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-220-HQenhpFIOhyHNBOxr81O4g-1; Sat, 20 Feb 2021 04:12:39 -0500 X-MC-Unique: HQenhpFIOhyHNBOxr81O4g-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 42E988030B7; Sat, 20 Feb 2021 09:12:36 +0000 (UTC) Received: from [10.36.112.45] (ovpn-112-45.ams2.redhat.com [10.36.112.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id E79E15C238; Sat, 20 Feb 2021 09:12:26 +0000 (UTC) To: linux-kernel@vger.kernel.org Cc: linux-mm@kvack.org, Andrew Morton , Arnd Bergmann , Michal Hocko , Oscar Salvador , Matthew Wilcox , Andrea Arcangeli , Minchan Kim , Jann Horn , Jason Gunthorpe , Dave Hansen , Hugh Dickins , Rik van Riel , "Michael S . Tsirkin" , "Kirill A . Shutemov" , Vlastimil Babka , Richard Henderson , Ivan Kokshaysky , Matt Turner , Thomas Bogendoerfer , "James E.J. Bottomley" , Helge Deller , Chris Zankel , Max Filippov , linux-alpha@vger.kernel.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, linux-xtensa@linux-xtensa.org, linux-arch@vger.kernel.org References: <20210217154844.12392-1-david@redhat.com> From: David Hildenbrand Organization: Red Hat GmbH Subject: Re: [PATCH RFC] mm/madvise: introduce MADV_POPULATE to prefault/prealloc memory Message-ID: <640738b5-a47e-448b-586d-a1fb80131891@redhat.com> Date: Sat, 20 Feb 2021 10:12:26 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0 MIME-Version: 1.0 In-Reply-To: <20210217154844.12392-1-david@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Stat-Signature: 5fwpmook6sig64oi7hkwxd4ohdow1rdx X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 38CC4C000C44 Received-SPF: none (redhat.com>: No applicable sender policy available) receiver=imf22; identity=mailfrom; envelope-from=""; helo=us-smtp-delivery-124.mimecast.com; client-ip=63.128.21.124 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1613812362-310290 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 17.02.21 16:48, David Hildenbrand wrote: > When we manage sparse memory mappings dynamically in user space - also > sometimes involving MADV_NORESERVE - we want to dynamically populate/ > discard memory inside such a sparse memory region. Example users are > hypervisors (especially implementing memory ballooning or similar > technologies like virtio-mem) and memory allocators. In addition, we wa= nt > to fail in a nice way if populating does not succeed because we are out= of > backend memory (which can happen easily with file-based mappings, > especially tmpfs and hugetlbfs). >=20 > While MADV_DONTNEED and FALLOC_FL_PUNCH_HOLE provide us ways to reliabl= y > discard memory, there is no generic approach to populate ("preallocate"= ) > memory. >=20 > Although mmap() supports MAP_POPULATE, it is not applicable to the conc= ept > of sparse memory mappings, where we want to do populate/discard > dynamically and avoid expensive/problematic remappings. In addition, > we never actually report error during the final populate phase - it is > best-effort only. >=20 > fallocate() can be used to preallocate file-based memory and fail in a = safe > way. However, it is less useful for private mappings on anonymous files > due to COW semantics. For example, using fallocate() to preallocate mem= ory > on an anonymous memfd files that are mapped MAP_PRIVATE results in a do= uble > memory consumption when actually writing via the mapping. In addition, > fallocate() does not actually populate page tables, so we still always > have to resolve minor faults on first access. >=20 > Because we don't have a proper interface, what applications > (like QEMU and databases) end up doing is touching (i.e., writing) all > individual pages. However, it requires expensive signal handling (SIGBU= S); > for example, this is problematic in hypervisors like QEMU where SIGBUS > handlers might already be used by other subsystems concurrently to e.g, > handle hardware errors. "Simply" doing preallocation from another threa= d > is not that easy. >=20 > Let's introduce MADV_POPULATE with the following semantics > 1. MADV_POPULATED does not work on PROT_NONE and special VMAs. It works > on everything else. > 2. Errors during MADV_POPULATED (especially OOM) are reported. If we hi= t > hardware errors on pages, ignore them - nothing we really can or > should do. > 3. On errors during MADV_POPULATED, some memory might have been > populated. Callers have to clean up if they care. > 4. Concurrent changes to the virtual memory layour are tolerated - we > process each and every PFN only once, though. > 5. If MADV_POPULATE succeeds, all memory in the range can be accessed > without SIGBUS. (of course, not if user space changed mappings in t= he > meantime or KSM kicked in on anonymous memory). >=20 > Although sparse memory mappings are the primary use case, this will > also be useful for ordinary preallocations where MAP_POPULATE is not > desired (e.g., in QEMU, where users can trigger preallocation of > guest RAM after the mapping was created). >=20 > Looking at the history, MADV_POPULATE was already proposed in 2013 [1], > however, the main motivation back than was performance improvements > (which should also still be the case, but it's a seconary concern). >=20 > Basic functionality was tested with: > - anonymous memory > - MAP_PRIVATE on anonymous file via memfd > - MAP_SHARED on anonymous file via memf > - MAP_PRIVATE on anonymous hugetlbfs file via memfd > - MAP_SHARED on anonymous hugetlbfs file via memfd > - MAP_PRIVATE on tmpfs/shmem file (we end up with double memory consump= tion > though, as the actual file gets populated with zeroes) > - MAP_SHARED on tmpfs/shmem file >=20 > Note: For populating/preallocating zeroed-out memory while userfaultfd = is > active, it's even faster to use first fallocate() or placing zeroed pag= es > via userfaultfd APIs. Otherwise, we'll have to route every fault while > populating via the userfaultfd handler. >=20 > [1] https://lkml.org/lkml/2013/6/27/698 >=20 > Cc: Andrew Morton > Cc: Arnd Bergmann > Cc: Michal Hocko > Cc: Oscar Salvador > Cc: Matthew Wilcox (Oracle) > Cc: Andrea Arcangeli > Cc: Minchan Kim > Cc: Jann Horn > Cc: Jason Gunthorpe > Cc: Dave Hansen > Cc: Hugh Dickins > Cc: Rik van Riel > Cc: Michael S. Tsirkin > Cc: Kirill A. Shutemov > Cc: Vlastimil Babka > Cc: Richard Henderson > Cc: Ivan Kokshaysky > Cc: Matt Turner > Cc: Thomas Bogendoerfer > Cc: "James E.J. Bottomley" > Cc: Helge Deller > Cc: Chris Zankel > Cc: Max Filippov > Cc: linux-alpha@vger.kernel.org > Cc: linux-mips@vger.kernel.org > Cc: linux-parisc@vger.kernel.org > Cc: linux-xtensa@linux-xtensa.org > Cc: linux-arch@vger.kernel.org > Signed-off-by: David Hildenbrand > --- >=20 > If we agree that this makes sense I'll do more testing to see if we > are missing any return value handling and prepare a man page update to > document the semantics. >=20 > Thoughts? Thinking about MADV_POPULATE vs. MADV_POPULATE_WRITE I wonder if it=20 would be more versatile to break with existing MAP_POPULATE semantics=20 and directly go with MADV_POPULATE_READ: simulate user space read access without actually=20 reading. Trigger a read fault if required. MADV_POPULATE_WRITE: simulate user space write access without actually=20 writing. Trigger a write fault if required. For my use case, I could use MADV_POPULATE_WRITE on anonymous memory and=20 RAM-backed files (shmem/hugetlb) - I would not have a minor fault when=20 the guest inside the VM first initializes memory. This mimics how QEMU=20 currently preallocates memory. However, I would use MADV_POPULATE_READ on any !RAM-backed files where=20 we actually have to write-back to a (slow?) device. Dirtying everything=20 although the guest might not actually consume it in the near future=20 might be undesired. MADV_POPULATE_READ could also come in handy in combination with=20 userfaulfd-wp() [1], when handling unpopulated memory via ordinary=20 userfaultfd MISSING events in undesired. I could imagine it can speed up=20 live migration of VMs in general, where we might end up reading a lot of=20 unpopulated memory to figure out it's all zeroes after faulting in the=20 shared zeropage. Especially relevant with a shared zeropage. Thoughts? [1] https://lkml.kernel.org/r/20210219211054.GL6669@xz-x1 --=20 Thanks, David / dhildenb