Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp244742pxb; Fri, 16 Apr 2021 04:45:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwIEV9odKaFgiJERXXb3fVbWfx5xvc0UjaxjPyc2kWA+i/Fkk+0pVyTsFUDEdKSoDBfF6rG X-Received: by 2002:a17:90b:314:: with SMTP id ay20mr9243632pjb.186.1618573508662; Fri, 16 Apr 2021 04:45:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618573508; cv=none; d=google.com; s=arc-20160816; b=vgumcrqZHWkHR9fNtRlk//S5RTXTUPv7aqlTTK/+wYyhI2+2ZJ4pegzFPxIxzTOK1g iq1xnGC6RHP7+DYlpJQQjX3Ths3avrHk7Xl8gBw5a1d8UTOGOjqwwk7mshmtJ2qMt33H TdNa/uB0PVQLpytNLfLIZ8xwlxJjwq0DSAxF4PjbqK1+KMGbKlpmuavLj8aFHo4dOiJS uXE02D6uThl3Zztc/CorKGyYR+9F7dq6+ZWzv55CH7idbYPl1mcC0CsGX6ennykqnNBW OOL/6WV8tJITslljsCwD8Ia4Nox9sauJhuIySMHBOi5c4MNpjL0JnAiTXbv6S3AbYS+0 F3Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=Ja6FRwU3Zr+cieVwc/VWXVoIUp0IIeQVtR0n1QJ1ccs=; b=kCzSf512G3u6LFpCcGF1f4CjJbKf5Gk9BBPJGS8gAo7EzuUeX4kOtqyWUWzpdaD82z XhZAsrbQo8hHJ1RtABeVL9E6kZdxMtB4c133JUulyYvlac7TeGewBaLiGF1PQF14cZsJ UIirJZNR3uHt1qsLWKAcDHtjOkAHYA8DMfo4TA3/W0N7Yjpi9+3wGUDfH9LrhKMjTWTI nVU2ZsAaskPPf6h9tHIPggvO68rhUp4Kih26O+S+I/vSW6O8VPTZ0CY3f/ux43UhkYLm gFTqO6BlaLeTvFNXyv6IGRHr99k/J72pn1okMlH/vqId1AJqm0ElUOF5I6hhrrOaaj2W IDcg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y8si6574019pgh.512.2021.04.16.04.44.56; Fri, 16 Apr 2021 04:45:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242773AbhDPLdn (ORCPT + 99 others); Fri, 16 Apr 2021 07:33:43 -0400 Received: from vmicros1.altlinux.org ([194.107.17.57]:42558 "EHLO vmicros1.altlinux.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239096AbhDPLdm (ORCPT ); Fri, 16 Apr 2021 07:33:42 -0400 Received: from imap.altlinux.org (imap.altlinux.org [194.107.17.38]) by vmicros1.altlinux.org (Postfix) with ESMTP id 4CD1C72C8B5; Fri, 16 Apr 2021 14:33:14 +0300 (MSK) Received: from example.org (ip-94-113-225-162.net.upcbroadband.cz [94.113.225.162]) by imap.altlinux.org (Postfix) with ESMTPSA id F1DC84A47A1; Fri, 16 Apr 2021 14:33:12 +0300 (MSK) Date: Fri, 16 Apr 2021 13:33:10 +0200 From: Alexey Gladkov To: "Eric W. Biederman" Cc: Linus Torvalds , kernel test robot , 0day robot , LKML , lkp@lists.01.org, "Huang, Ying" , Feng Tang , zhengjun.xing@intel.com, Kernel Hardening , Linux Containers , Linux-MM , Andrew Morton , Christian Brauner , Jann Horn , Jens Axboe , Kees Cook , Oleg Nesterov Subject: Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression Message-ID: <20210416113310.vbxrzorycqdxwiyc@example.org> References: <7abe5ab608c61fc2363ba458bea21cf9a4a64588.1617814298.git.gladkov.alexey@gmail.com> <20210408083026.GE1696@xsang-OptiPlex-9020> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Apr 08, 2021 at 01:44:43PM -0500, Eric W. Biederman wrote: > Linus Torvalds writes: > > > On Thu, Apr 8, 2021 at 1:32 AM kernel test robot wrote: > >> > >> FYI, we noticed a -41.9% regression of stress-ng.sigsegv.ops_per_sec due to commit > >> 08ed4efad684 ("[PATCH v10 6/9] Reimplement RLIMIT_SIGPENDING on top of ucounts") > > > > Ouch. > > We were cautiously optimistic when no test problems showed up from > the last posting that there was nothing to look at here. > > Unfortunately it looks like the bots just missed the last posting. > > So it seems we are finally pretty much at correct code in need > of performance tuning. > > > I *think* this test may be testing "send so many signals that it > > triggers the signal queue overflow case". > > > > And I *think* that the performance degradation may be due to lots of > > unnecessary allocations, because ity looks like that commit changes > > __sigqueue_alloc() to do > > > > struct sigqueue *q = kmem_cache_alloc(sigqueue_cachep, flags); > > > > *before* checking the signal limit, and then if the signal limit was > > exceeded, it will just be free'd instead. > > > > The old code would check the signal count against RLIMIT_SIGPENDING > > *first*, and if there were m ore pending signals then it wouldn't do > > anything at all (including not incrementing that expensive atomic > > count). > > This is an interesting test in a lot of ways as it is testing the > synchronous signal delivery path caused by an exception. The test > is either executing *ptr = 0 (where ptr points to a read-only page) > or it executes an x86 instruction that is excessively long. > > I have found the code but I haven't figured out how it is being > called yet. The core loop is just: > for(;;) { > sigaction(SIGSEGV, &action, NULL); > sigaction(SIGILL, &action, NULL); > sigaction(SIGBUS, &action, NULL); > > ret = sigsetjmp(jmp_env, 1); > if (done()) > break; > if (ret) { > /* verify signal */ > } else { > *ptr = 0; > } > } > > Code like that fundamentally can not be multi-threaded. So the only way > the sigpending limit is being hit is if there are more processes running > that code simultaneously than the size of the limit. > > Further it looks like stress-ng pushes RLIMIT_SIGPENDING as high as it > will go before the test starts. > > > > Also, the old code was very careful to only do the "get_user()" for > > the *first* signal it added to the queue, and do the "put_user()" for > > when removing the last signal. Exactly because those atomics are very > > expensive. > > > > The new code just does a lot of these atomics unconditionally. > > Yes. That seems a likely culprit. > > > I dunno. The profile data in there is a bit hard to read, but there's > > a lot more cachee misses, and a *lot* of node crossers: > > > >> 5961544 +190.4% 17314361 perf-stat.i.cache-misses > >> 22107466 +119.2% 48457656 perf-stat.i.cache-references > >> 163292 ą 3% +4582.0% 7645410 perf-stat.i.node-load-misses > >> 227388 ą 2% +3708.8% 8660824 perf-stat.i.node-loads > > > > and (probably as a result) average instruction costs have gone up enormously: > > > >> 3.47 +66.8% 5.79 perf-stat.overall.cpi > >> 22849 -65.6% 7866 perf-stat.overall.cycles-between-cache-misses > > > > and it does seem to be at least partly about "put_ucounts()": > > > >> 0.00 +4.5 4.46 perf-profile.calltrace.cycles-pp.put_ucounts.__sigqueue_free.get_signal.arch_do_signal_or_restart.exit_to_user_mode_prepare > > > > and a lot of "get_ucounts()". > > > > But it may also be that the new "get sigpending" is just *so* much > > more expensive than it used to be. > > That too is possible. > > That node-load-misses number does look like something is bouncing back > and forth between the nodes a lot more. So I suspect stress-ng is > running multiple copies of the sigsegv test in different processes at > once. > > > > That really suggests cache line ping pong from get_ucounts and > incrementing sigpending. > > It surprises me that obtaining the cache lines exclusively is > the dominant cost on this code path but obtaining two cache lines > exclusively instead of one cache cache line exclusively is consistent > with a causing the exception delivery to take nearly twice as long. > > For the optimization we only care about the leaf count so with a little > care we can restore the optimization. So that is probably the thing > to do here. The fewer changes to worry about the less likely to find > surprises. > > > > That said for this specific case there is a lot of potential room for > improvement. As this is a per thread signal the code update sigpending > in commit_cred and never worry about needing to pin the struct > user_struct or struct ucounts. As this is a synchronous signal we could > skip the sigpending increment, skip the signal queue entirely, and > deliver the signal to user-space immediately. The removal of all cache > ping pongs might make it worth it. > > There is also Thomas Gleixner's recent optimization to cache one > sigqueue entry per task to give more predictable behavior. That > would remove the cost of the allocation. https://git.kernel.org/pub/scm/linux/kernel/git/legion/linux.git/commit/?h=patchset/per-userspace-rlimit/v11.1&id=08db0c814926c6f16e08de99b2de34c8b5ff68ce You mean something like this ? I did it on top of Thomas Gleixner's patches. -- Rgrds, legion