Received: by 2002:a05:7412:b130:b0:e2:908c:2ebd with SMTP id az48csp2403133rdb; Mon, 20 Nov 2023 09:48:19 -0800 (PST) X-Google-Smtp-Source: AGHT+IHpo0t3qpQMzcfrgjYGTa7gdZRCrKcgd5K5v8pW/uj5i0iAe7hd8uIk5j6cI+4bu+ikqCgl X-Received: by 2002:a17:90b:1811:b0:280:64e3:7665 with SMTP id lw17-20020a17090b181100b0028064e37665mr8682523pjb.41.1700502498952; Mon, 20 Nov 2023 09:48:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700502498; cv=none; d=google.com; s=arc-20160816; b=aZi5NCIJZI15IUI1JUQ+FZWZxNIaGj8y0cvQ7ifkIlN9IZArBJBYq3wL3aK96DlP56 H//yYtrOX/5u/T1gdf9KVechDePBV3xDJofcX+HjTMjo05rmtowMW7YhvklBLYbZ0klC bedoHdhxfLSn4Aw3KPfw/jj3UcQTPQTvqcK01xPCa946nAJpYVqJeqVzroXlSr45xO+W 8LPWIAzlM/d+B82zPlp84XGOYSiZp5YG2Jrob/KrQ4ktMfFtgcBjMD3HwHJHWupcUpqu D0/rKPWhw+PzU8XudFx2eHWLQLQQyMEr/59sLF/drJ4ZdB7ZutrvL+6E18tdyS5WMgih xCwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=dirg16X8IjWPdQeQGOiKGtH7xHuc5gOowsqXecWSLlM=; fh=qWoxmPN1zRqnLSoCWGpfFsDtzJsx/SGdqx98lbP+Uho=; b=bDC5CKdAkedRXR01xhjcr3qf9O/qalCHxPJqnhYQaMuttLiKHLUwEmchihIz7GJKIN 3zMDDxvPgv6okum8ZVBFzYARw3nXCkA7/jVxejiqtF2pYgkQ9qnxmi4wDzTwHuwi0cQ4 bvS+vAqmh4F38DIHDlvw5BFhNilLwa9aaS9EvlZLKNgRNftwqOGR1zvXWUuajUDweqcT veWV+x2/S9WkpRbAiBSRoWOUvjNTrxlbcrPExEbUiXWvIYjbHgdvRXYimTVLEWVvsjKf d4Q8mz6vR+Vc7oSS1bSF0fIf5qLIb6xtkK9cey+akCB48CGOnEsBfQ7T7T56GqJqscWP VYCQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=LrmT6z7B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id t6-20020a17090ad14600b0026305080a6fsi8565127pjw.63.2023.11.20.09.48.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Nov 2023 09:48:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=LrmT6z7B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 124528029C43; Mon, 20 Nov 2023 09:47:48 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233626AbjKTRrg (ORCPT + 99 others); Mon, 20 Nov 2023 12:47:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51244 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232636AbjKTRrd (ORCPT ); Mon, 20 Nov 2023 12:47:33 -0500 Received: from out-171.mta1.migadu.com (out-171.mta1.migadu.com [IPv6:2001:41d0:203:375::ab]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 97BAEF5 for ; Mon, 20 Nov 2023 09:47:28 -0800 (PST) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1700502446; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=dirg16X8IjWPdQeQGOiKGtH7xHuc5gOowsqXecWSLlM=; b=LrmT6z7BevrEOVmLW0g9//fbwyY1UogPCDw8xj/Xlc92kuYfZXlzWvlU+nKASw0KSd7GY+ kD5OERtPjKafidVOi7TNebi8D7eNrTExLNbbWD6Ila0/S8nb06sDJQX7+FJZVc9EmXLfNE KI7cobYyoicYG6JJ416fOHwwFvor0uw= From: andrey.konovalov@linux.dev To: Andrew Morton Cc: Andrey Konovalov , Marco Elver , Alexander Potapenko , Dmitry Vyukov , Vlastimil Babka , kasan-dev@googlegroups.com, Evgenii Stepanov , Oscar Salvador , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH v4 00/22] stackdepot: allow evicting stack traces Date: Mon, 20 Nov 2023 18:46:58 +0100 Message-Id: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Mon, 20 Nov 2023 09:47:49 -0800 (PST) From: Andrey Konovalov Currently, the stack depot grows indefinitely until it reaches its capacity. Once that happens, the stack depot stops saving new stack traces. This creates a problem for using the stack depot for in-field testing and in production. For such uses, an ideal stack trace storage should: 1. Allow saving fresh stack traces on systems with a large uptime while limiting the amount of memory used to store the traces; 2. Have a low performance impact. Implementing #1 in the stack depot is impossible with the current keep-forever approach. This series targets to address that. Issue #2 is left to be addressed in a future series. This series changes the stack depot implementation to allow evicting unneeded stack traces from the stack depot. The users of the stack depot can do that via new stack_depot_save_flags(STACK_DEPOT_FLAG_GET) and stack_depot_put APIs. Internal changes to the stack depot code include: 1. Storing stack traces in fixed-frame-sized slots (vs precisely-sized slots in the current implementation); the slot size is controlled via CONFIG_STACKDEPOT_MAX_FRAMES (default: 64 frames); 2. Keeping available slots in a freelist (vs keeping an offset to the next free slot); 3. Using a read/write lock for synchronization (vs a lock-free approach combined with a spinlock). This series also integrates the eviction functionality into KASAN: the tag-based modes evict stack traces when the corresponding entry leaves the stack ring, and Generic KASAN evicts stack traces for objects once those leave the quarantine. With KASAN, despite wasting some space on rounding up the size of each stack record, the total memory consumed by stack depot gets saturated due to the eviction of irrelevant stack traces from the stack depot. With the tag-based KASAN modes, the average total amount of memory used for stack traces becomes ~0.5 MB (with the current default stack ring size of 32k entries and the default CONFIG_STACKDEPOT_MAX_FRAMES of 64). With Generic KASAN, the stack traces take up ~1 MB per 1 GB of RAM (as the quarantine's size depends on the amount of RAM). However, with KMSAN, the stack depot ends up using ~4x more memory per a stack trace than before. Thus, for KMSAN, the stack depot capacity is increased accordingly. KMSAN uses a lot of RAM for shadow memory anyway, so the increased stack depot memory usage will not make a significant difference. Other users of the stack depot do not save stack traces as often as KASAN and KMSAN. Thus, the increased memory usage is taken as an acceptable trade-off. In the future, these other users can take advantage of the eviction API to limit the memory waste. There is no measurable boot time performance impact of these changes for KASAN on x86-64. I haven't done any tests for arm64 modes (the stack depot without performance optimizations is not suitable for intended use of those anyway), but I expect a similar result. Obtaining and copying stack trace frames when saving them into stack depot is what takes the most time. This series does not yet provide a way to configure the maximum size of the stack depot externally (e.g. via a command-line parameter). This will be added in a separate series, possibly together with the performance improvement changes. --- Changes v3->v4: - Rebase onto 6.7-rc2. - Fix lockdep annotation in depot_fetch_stack. - New patch: "kasan: use stack_depot_put for Generic mode" (was sent for review separately but now merged into this series). - New patch: "lib/stackdepot: print disabled message only if truly disabled" (was sent for review separately but now merged into this series). - New patch: "lib/stackdepot: adjust DEPOT_POOLS_CAP for KMSAN". Changes v2->v3: - Fix null-ptr-deref by using the proper number of entries for initializing the stack table when alloc_large_system_hash() auto-calculates the number (see patch #12). - Keep STACKDEPOT/STACKDEPOT_ALWAYS_INIT Kconfig options not configurable by users. - Use lockdep_assert_held_read annotation in depot_fetch_stack. - WARN_ON invalid flags in stack_depot_save_flags. - Moved "../slab.h" include in mm/kasan/report_tags.c in the right patch. - Various comment fixes. Changes v1->v2: - Rework API to stack_depot_save_flags(STACK_DEPOT_FLAG_GET) + stack_depot_put. - Add CONFIG_STACKDEPOT_MAX_FRAMES Kconfig option. - Switch stack depot to using list_head's. - Assorted minor changes, see the commit message for each path. Andrey Konovalov (22): lib/stackdepot: print disabled message only if truly disabled lib/stackdepot: check disabled flag when fetching lib/stackdepot: simplify __stack_depot_save lib/stackdepot: drop valid bit from handles lib/stackdepot: add depot_fetch_stack helper lib/stackdepot: use fixed-sized slots for stack records lib/stackdepot: fix and clean-up atomic annotations lib/stackdepot: rework helpers for depot_alloc_stack lib/stackdepot: rename next_pool_required to new_pool_required lib/stackdepot: store next pool pointer in new_pool lib/stackdepot: store free stack records in a freelist lib/stackdepot: use read/write lock lib/stackdepot: use list_head for stack record links kmsan: use stack_depot_save instead of __stack_depot_save lib/stackdepot, kasan: add flags to __stack_depot_save and rename lib/stackdepot: add refcount for records lib/stackdepot: allow users to evict stack traces kasan: remove atomic accesses to stack ring entries kasan: check object_size in kasan_complete_mode_report_info kasan: use stack_depot_put for tag-based modes kasan: use stack_depot_put for Generic mode lib/stackdepot: adjust DEPOT_POOLS_CAP for KMSAN include/linux/stackdepot.h | 59 ++++- lib/Kconfig | 10 + lib/stackdepot.c | 452 ++++++++++++++++++++++++------------- mm/kasan/common.c | 8 +- mm/kasan/generic.c | 27 ++- mm/kasan/kasan.h | 2 +- mm/kasan/quarantine.c | 26 ++- mm/kasan/report_tags.c | 27 +-- mm/kasan/tags.c | 24 +- mm/kmsan/core.c | 7 +- 10 files changed, 427 insertions(+), 215 deletions(-) -- 2.25.1