Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp1664448iog; Tue, 14 Jun 2022 10:25:54 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwJO5ROL/4btBnfwBGqrW43yGBnNSSt5LnoJ+lsvuFTVI/BO5hmnXeNrUH5TL65CpmG3NDg X-Received: by 2002:a63:9c4:0:b0:401:a7b6:ad18 with SMTP id 187-20020a6309c4000000b00401a7b6ad18mr5444549pgj.523.1655227554007; Tue, 14 Jun 2022 10:25:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1655227554; cv=none; d=google.com; s=arc-20160816; b=Ho0eeaMq+FHoJOmkZvwZdGppUt/qFJTHgFAVFwXfvoEffj4KBBN4teKDucJRjoBFyI I0sWJ2DsnY9jub9kGGtgfjiSirQxAgk9n77K+yno8MqIBZ3qKifxZ5ASiKDjETP4/zIu SaklCPyv83eJLLEl8Nes5s98nZ2BRkt3kDufSRQPV8J/lAIRPRaHKsonzzXFlHm0JBOy rfxHT8obl/GKR3GPJHKq5se46I0pHKYrLhiQ1D31v4pxewk4UXRJBNLk6vUaBXYjxS6X 9fbO53goKCj0LijztpcMDJSwKANvViOEW4un9qYSflOzsWPEnatdVPz1/ls9rCoGayLT aqWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=dq2aQMO3XlutR+4ZsOsbxhwKFaHDqvuWz8b+L8nHZ/I=; b=AleWVZB2nbHlhOv26QcGXfrxYUVzVT/SNTpkhLnoiZWcbyMRZzVQTkhWopSVPO7RcQ NiTqQnYwVCWjiSLEHv3NuV+mhIbga75w/Tl2/s49N+hQgiob4UP7sSvcuXg4w/CbFT76 +5YdnwYIiQO6kb7WkcrbnPAKOByU5ckDqZcWeSqn3hJMvEwq+1r/q4NXdVbSsWJwfz08 OTxAv1+76MPcDy/N/xORrI2Om1hqeOcq9bSaMqNfHmWhTwBL9mIkDzfs/gQWGenpbhJ+ T2rJRnuyYgIgk5LkbfxUsZgqMivZfB9iXzzzm9lvBvx8fJ1RBMcXapSiFgzWYbCX+ov2 y1hA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g192-20020a636bc9000000b0040516520682si12724364pgc.529.2022.06.14.10.25.40; Tue, 14 Jun 2022 10:25:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1351642AbiFNQyx (ORCPT + 99 others); Tue, 14 Jun 2022 12:54:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44950 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1350089AbiFNQym (ORCPT ); Tue, 14 Jun 2022 12:54:42 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF6C693 for ; Tue, 14 Jun 2022 09:54:39 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 62F58B817BF for ; Tue, 14 Jun 2022 16:54:38 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 33368C3411B; Tue, 14 Jun 2022 16:54:36 +0000 (UTC) Date: Tue, 14 Jun 2022 17:54:32 +0100 From: Catalin Marinas To: Waiman Long Cc: Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 2/3] mm/kmemleak: Skip unlikely objects in kmemleak_scan() without taking lock Message-ID: References: <20220612183301.981616-1-longman@redhat.com> <20220612183301.981616-3-longman@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220612183301.981616-3-longman@redhat.com> X-Spam-Status: No, score=-6.7 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Jun 12, 2022 at 02:33:00PM -0400, Waiman Long wrote: > With a debug kernel running on a 2-socket 96-thread x86-64 system > (HZ=1000), the 2nd and 3rd iteration loops speedup with this patch on > the first kmemleak_scan() call after bootup is shown in the table below. > > Before patch After patch > Loop # # of objects Elapsed time # of objects Elapsed time > ------ ------------ ------------ ------------ ------------ > 2 2,599,850 2.392s 2,596,364 0.266s > 3 2,600,176 2.171s 2,597,061 0.260s > > This patch reduces loop iteration times by about 88%. This will greatly > reduce the chance of a soft lockup happening in the 2nd or 3rd iteration > loops. Nice numbers, thanks for digging into this. But I'm slightly surprised that the first loop doesn't cause any problems. > diff --git a/mm/kmemleak.c b/mm/kmemleak.c > index dad9219c972c..7dd64139a7c7 100644 > --- a/mm/kmemleak.c > +++ b/mm/kmemleak.c > @@ -1508,6 +1508,13 @@ static void kmemleak_scan(void) > */ > rcu_read_lock(); > list_for_each_entry_rcu(object, &object_list, object_list) { > + /* > + * This is racy but we can save the overhead of lock/unlock > + * calls. The missed objects, if any, should be caught in > + * the next scan. > + */ > + if (!color_white(object)) > + continue; > raw_spin_lock_irq(&object->lock); > if (color_white(object) && (object->flags & OBJECT_ALLOCATED) > && update_checksum(object) && get_object(object)) { It's not actually scanning (like tree look-ups) but only updating the checksum of the potentially orphan objects. If the problem is caused by object->lock, we should have seen it with the first loop as well. It is possible that some large list is occasionally missed if there are concurrent updates and a significant number of objects turn up "white", forcing the checksum update. Otherwise this shouldn't be much different from the first loop if there are no massive (false) leaks. I think the race on color_white() can only be with a kmemleak_ignore() or kmemleak_not_leak() call, otherwise the object colour shouldn't be changed. So such objects can only turn from white to gray or black, so the race I think is safe. > @@ -1535,6 +1542,13 @@ static void kmemleak_scan(void) > */ > rcu_read_lock(); > list_for_each_entry_rcu(object, &object_list, object_list) { > + /* > + * This is racy but we can save the overhead of lock/unlock > + * calls. The missed objects, if any, should be caught in > + * the next scan. > + */ > + if (!color_white(object)) > + continue; > raw_spin_lock_irq(&object->lock); > if (unreferenced_object(object) && > !(object->flags & OBJECT_REPORTED)) { Same here. I did wonder whether it's worth keeping object->lock around, I even have a stashed patch lying around from 2019. Instead we'd have the big kmemleak_lock held for longer, though released periodically during scanning. We can then move the lock outside the loop and traversal would be faster but with an increased latency on slab allocation/freeing on other CPUs. Right now we take the kmemleak_lock when scanning a single block (e.g. object) to protect the rb-tree and rely on object->lock to ensure the object isn't freed. Other concurrent allocs/frees would only be blocked during single object scanning. Anyway, I'm not entirely sure it's the lock causing the issue as we don't see it with the first loop. I'm more inclined to think it's the checksum and the skipping if !color_white() would do the trick. Unless there's a better idea: Reviewed-by: Catalin Marinas