Received: by 2002:ab2:6991:0:b0:1f7:f6c3:9cb1 with SMTP id v17csp360687lqo; Wed, 8 May 2024 01:53:30 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW0l61zkZAG2clvXkeJGNk8eNZba20DhnT+POsZnbTLwYNkC6bOYmpbdNA8AQNNODDhCIVV/MIXXDPfOafX1hAKDTNYKHZPSuqm4Djw8g== X-Google-Smtp-Source: AGHT+IEtT6dFc/HXz5RpjvGvFXOJtzqfiKdbCc7BMA6Zc6ajG0mdt61Sr+BeqsvyrAPqGSAhomI1 X-Received: by 2002:a50:8d1e:0:b0:572:a049:c4b3 with SMTP id 4fb4d7f45d1cf-5731da5b856mr1216941a12.32.1715158410691; Wed, 08 May 2024 01:53:30 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715158410; cv=pass; d=google.com; s=arc-20160816; b=fcX05A0T8kl+XbltfhMZHJZF0UfwtvZc1vP2IAx4KGEmboliXTonZFAqrukSq2nGk9 7/57xPWUQJskcSENCIs4Wyo8cnoPo10Zp/gy4okfJWcHl0V7aPTDsVQf2LX80hYds3uu TljhvR6pPiSdXR4lfHD9+IAACpUj+z1iqMcxsu8d2kYEd60Efi6HzyYOMwvF599GpMY2 sUKXNX29g0lPoq2As8RjskqV5q311h9rnuaM8qLF2ycvai5zDReEvTRToATTwIkymK2y nHMv3kEI2GpauUF7ktqJfb6c+fmMqLdA3GW2KazhRvYwPnToKrWo+8XXOVL82K0lxIbT ghZw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id; bh=nolyo2Kf73/vWw0hOgyBiylQatmja6tipgchBD0f0Ps=; fh=HNK8sdzpIJPmAtVDUobkBqk0l8CCDzPJbXt8Ie4VX3A=; b=EQp+5se6ld4znxbIrDUQHsqpU+JK1euFxgK8FElDE40y4TOHEf+KsA++rWnEC2yJ6H WJg4z58ZqeP7+NhEB8TLxz4kL9ySzFbomApZlva+YwXCsJN8fwAYu8H3rwTuutwtnNYl OeK1GT4wUp1jP+8rgS7VWuV0eFLihoxFAF068FhRtVq62U/c4vCGvJKc4LBA8dHrvAvJ iYvDzHMYaiySrtOiJotLR7JDqZPxS5ieYzvnKMgGLbf8jZGIcvuydUDObHPd2thxBiEk t82L/YhoKggMtPZGQ5fLYZY3owmFSLfNkbvNiMM/ddfAG9HJ9K/J3hhHS/hy7KRloZPO Q76w==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com); spf=pass (google.com: domain of linux-kernel+bounces-172942-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-172942-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id d2-20020aa7d682000000b00572726f6ff8si6790194edr.533.2024.05.08.01.53.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 May 2024 01:53:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-172942-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com); spf=pass (google.com: domain of linux-kernel+bounces-172942-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-172942-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 4475E1F21B5C for ; Wed, 8 May 2024 08:53:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9F5C15467B; Wed, 8 May 2024 08:53:17 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 8ADD053E01 for ; Wed, 8 May 2024 08:53:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=217.140.110.172 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715158397; cv=none; b=XSQb9JGm9HBLNVoKbAY3bJW3R8FlX+bkq3CNu5dbK9clU3n/QrYeKP96vbuMLe5BWcqCoPvemIYJV2/XGZfJw8qLUi9y8QB++tddyNZp1GLkC2lY6tkXPZyM1o7jgmpASZZInFNqHcMbN7NLNmW3E7twwPOmXwtRlOuDn7e5QTM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715158397; c=relaxed/simple; bh=ZyP24KrMlTJgeXhOBUddPMgFlmQ1GKjmqbXccEfps4Y=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=Cr20r2kiusqvmxso9Rqg+NCNA0eJXgGwI96XM4PZSKvvR+DiCs3xhyjP84ZgnlZ856ClZXMKTAyWhZQd3+uR7ql8r8r4CojxyQGV/iHgmMX+q/S1UhO6V/obGbhWr3+Fk5oPoonYg8kLytdwNkim2nStqqyAlaXa1jQGDB6HazE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com; spf=pass smtp.mailfrom=arm.com; arc=none smtp.client-ip=217.140.110.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=arm.com Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 4BB641063; Wed, 8 May 2024 01:53:38 -0700 (PDT) Received: from [10.57.67.194] (unknown [10.57.67.194]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id E45203F6A8; Wed, 8 May 2024 01:53:10 -0700 (PDT) Message-ID: Date: Wed, 8 May 2024 09:53:09 +0100 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 2/8] mm: memory: extend finish_fault() to support large folio Content-Language: en-GB To: Baolin Wang , akpm@linux-foundation.org, hughd@google.com Cc: willy@infradead.org, david@redhat.com, ioworker0@gmail.com, wangkefeng.wang@huawei.com, ying.huang@intel.com, 21cnbao@gmail.com, shy828301@gmail.com, ziy@nvidia.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org References: <13939ade-a99a-4075-8a26-9be7576b7e03@arm.com> From: Ryan Roberts In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On 08/05/2024 04:44, Baolin Wang wrote: > > > On 2024/5/7 18:37, Ryan Roberts wrote: >> On 06/05/2024 09:46, Baolin Wang wrote: >>> Add large folio mapping establishment support for finish_fault() as a >>> preparation, >>> to support multi-size THP allocation of anonymous shmem pages in the following >>> patches. >>> >>> Signed-off-by: Baolin Wang >>> --- >>>   mm/memory.c | 43 +++++++++++++++++++++++++++++++++---------- >>>   1 file changed, 33 insertions(+), 10 deletions(-) >>> >>> diff --git a/mm/memory.c b/mm/memory.c >>> index eea6e4984eae..936377220b77 100644 >>> --- a/mm/memory.c >>> +++ b/mm/memory.c >>> @@ -4747,9 +4747,12 @@ vm_fault_t finish_fault(struct vm_fault *vmf) >>>   { >>>       struct vm_area_struct *vma = vmf->vma; >>>       struct page *page; >>> +    struct folio *folio; >>>       vm_fault_t ret; >>>       bool is_cow = (vmf->flags & FAULT_FLAG_WRITE) && >>>                 !(vma->vm_flags & VM_SHARED); >>> +    int type, nr_pages, i; >>> +    unsigned long addr = vmf->address; >>>         /* Did we COW the page? */ >>>       if (is_cow) >>> @@ -4780,24 +4783,44 @@ vm_fault_t finish_fault(struct vm_fault *vmf) >>>               return VM_FAULT_OOM; >>>       } >>>   +    folio = page_folio(page); >>> +    nr_pages = folio_nr_pages(folio); >>> + >>> +    if (unlikely(userfaultfd_armed(vma))) { >>> +        nr_pages = 1; >>> +    } else if (nr_pages > 1) { >>> +        unsigned long start = ALIGN_DOWN(vmf->address, nr_pages * PAGE_SIZE); >>> +        unsigned long end = start + nr_pages * PAGE_SIZE; >>> + >>> +        /* In case the folio size in page cache beyond the VMA limits. */ >>> +        addr = max(start, vma->vm_start); >>> +        nr_pages = (min(end, vma->vm_end) - addr) >> PAGE_SHIFT; >>> + >>> +        page = folio_page(folio, (addr - start) >> PAGE_SHIFT); >> >> I still don't really follow the logic in this else if block. Isn't it possible >> that finish_fault() gets called with a page from a folio that isn't aligned with >> vmf->address? >> >> For example, let's say we have a file who's size is 64K and which is cached in a >> single large folio in the page cache. But the file is mapped into a process at >> VA 16K to 80K. Let's say we fault on the first page (VA=16K). You will calculate > > For shmem, this doesn't happen because the VA is aligned with the hugepage size > in the shmem_get_unmapped_area() function. See patch 7. Certainly agree that shmem can always make sure that it packs a vma in a way such that its folios are naturally aligned in VA when faulting in memory. If you mremap it, that alignment will be lost; I don't think that would be a problem for a single process; mremap will take care of moving the ptes correctly and this path is not involved. But what about the case when a process mmaps a shmem region, then forks, then the child mremaps the shmem region. Then the parent faults in a THP into the region (nicely aligned). Then the child faults in the same offset in the region and gets the THP that the parent allocated; that THP will be aligned in the parent's VM space but not in the child's. > >> start=0 and end=64K I think? > > Yes. Unfortunately, some file systems that support large mappings do not perform > alignment for multi-size THP (non-PMD sized, for example: 64K). I think this > requires modification to __get_unmapped_area--->thp_get_unmapped_area_vmflags() > or file->f_op->get_unmapped_area() to align VA for multi-size THP in future. By nature of the fact that a file mapping is shared between multiple processes and each process can map it where ever it wants down to 1 page granularity, its impossible for any THP containing a part of that file to be VA-aligned in every process it is mapped in. > > So before adding that VA alignment changes, only allow building the large folio > mapping for anonymous shmem: > > diff --git a/mm/memory.c b/mm/memory.c > index 936377220b77..9e4d51826d23 100644 > --- a/mm/memory.c > +++ b/mm/memory.c > @@ -4786,7 +4786,7 @@ vm_fault_t finish_fault(struct vm_fault *vmf) >         folio = page_folio(page); >         nr_pages = folio_nr_pages(folio); > > -       if (unlikely(userfaultfd_armed(vma))) { > +       if (unlikely(userfaultfd_armed(vma)) || !vma_is_anon_shmem(vma)) { If the above theoretical flow for fork & mremap is valid, then I don't think this is sufficient. >                 nr_pages = 1; >         } else if (nr_pages > 1) { >                 unsigned long start = ALIGN_DOWN(vmf->address, nr_pages * > PAGE_SIZE); > >> Additionally, I think this path will end up mapping the entire folio (as long as >> it fits in the VMA). But this bypasses the fault-around configuration. As I >> think I mentioned against the RFC, this will inflate the RSS of the process and >> can cause behavioural changes as a result. I believe the current advice is to >> disable fault-around to prevent this kind of bloat when needed. > > With above change, I do not think this is a problem? since users already want to > use mTHP for anonymous shmem. > >> It might be that you need a special variant of finish_fault() for shmem? >> >> >>> +    } >>>       vmf->pte = pte_offset_map_lock(vma->vm_mm, vmf->pmd, >>> -                      vmf->address, &vmf->ptl); >>> +                       addr, &vmf->ptl); >>>       if (!vmf->pte) >>>           return VM_FAULT_NOPAGE; >>>         /* Re-check under ptl */ >>> -    if (likely(!vmf_pte_changed(vmf))) { >>> -        struct folio *folio = page_folio(page); >>> -        int type = is_cow ? MM_ANONPAGES : mm_counter_file(folio); >>> - >>> -        set_pte_range(vmf, folio, page, 1, vmf->address); >>> -        add_mm_counter(vma->vm_mm, type, 1); >>> -        ret = 0; >>> -    } else { >>> -        update_mmu_tlb(vma, vmf->address, vmf->pte); >>> +    if (nr_pages == 1 && unlikely(vmf_pte_changed(vmf))) { >>> +        update_mmu_tlb(vma, addr, vmf->pte); >>> +        ret = VM_FAULT_NOPAGE; >>> +        goto unlock; >>> +    } else if (nr_pages > 1 && !pte_range_none(vmf->pte, nr_pages)) { >>> +        for (i = 0; i < nr_pages; i++) >>> +            update_mmu_tlb(vma, addr + PAGE_SIZE * i, vmf->pte + i); >>>           ret = VM_FAULT_NOPAGE; >>> +        goto unlock; >>>       } >>>   +    set_pte_range(vmf, folio, page, nr_pages, addr); >>> +    type = is_cow ? MM_ANONPAGES : mm_counter_file(folio); >>> +    add_mm_counter(vma->vm_mm, type, nr_pages); >>> +    ret = 0; >>> + >>> +unlock: >>>       pte_unmap_unlock(vmf->pte, vmf->ptl); >>>       return ret; >>>   }