| Message ID | cover.1694625260.git.andreyknvl@google.com |
|---|---|
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:ce21:0:b0:3f4:cb6f:45e2 with SMTP id m1csp1248795vqx;
Wed, 13 Sep 2023 11:21:10 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IEb9T5XvCwg/fg4LdKfPg5dIim3muB0nzTcDulwaxBcZFzDYJTAVE3MYVhrWJWLb9sV1fXJ
X-Received: by 2002:a05:6359:2105:b0:135:b4c:a490 with SMTP id
lp5-20020a056359210500b001350b4ca490mr3341368rwb.10.1694629270628;
Wed, 13 Sep 2023 11:21:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694629270; cv=none;
d=google.com; s=arc-20160816;
b=wyhaYoTH4RGYRHJKuhMHIC1SWGMfh0SbmI+L+iuH7x7NToLRG8h86ZGIjOPdMTj6Nb
U1GObdAv+PmtlCp+NOzRBWpgZ6A6LQhKudUKbjRQ6vS/PTPOIpucFX8VSGyu73OwXIno
Klg1NTShPBbhwGACsB0VPYfjUrDXtr/oEbcpx57ANcL6hs1Q3v4H4ELYj+Z+Vk+ak9bP
8NZs1Qx5fjupflLoSPk7DQK6CU44cLY8PzFMRapEKzt/VUwQBjEA+DSyxD0etgydsRGv
u8vcA1KPZFZgub85YkOlxkIAYXlQSVHCdpz3oMC+8dKPg8nIgZr/3VwbjcT/1tRuyTIh
PrQg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature;
bh=Gc6HzykR+A0L83xKMiWxb5E3eMlheJobgexoepcnfG0=;
fh=nfQSbTp1dWHt2Ier1Up8UhVNdXOqoJJLNvTrpT3jJEk=;
b=RN5zewLDXAkj+UvUfpYV6iz8PBFyn10AU49KuI76QXUuFf54ynY27rVu+IuCCja3ZN
SyQI2I9PjurDF/Qh8GrUr6MOcj6JTXgAyvGdtbWaoNE3X0Ve4hMZnjxHJjmIwFlwDzAb
I0URnPhjpSR3+x6C69LL8SQ3DvL9viqiklJeCtokEPK4cJ05lxUVdv8KMUzi0saXc+4W
W7kPlaTeeEEA/TpNuoLYoqynj9WiJZHVUil2cxbe10IFS3ZQtiwkLbOKWH9/xOGqGZoM
uS+ciSw3RBfnNFA8hbFS3AjDez7GBphBLHwvFsA9KRIcuqH4mlp/ZdK7/oRIldjqJDMn
Me7Q==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@linux.dev header.s=key1 header.b=ODwSiHci;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.35 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev
Received: from groat.vger.email (groat.vger.email. [23.128.96.35])
by mx.google.com with ESMTPS id
w62-20020a638241000000b0057787e28694si4813860pgd.448.2023.09.13.11.21.10
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 Sep 2023 11:21:10 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35;
Authentication-Results: mx.google.com;
dkim=pass header.i=@linux.dev header.s=key1 header.b=ODwSiHci;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 23.128.96.35 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by groat.vger.email (Postfix) with ESMTP id 19E5582516D9;
Wed, 13 Sep 2023 10:15:00 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S229926AbjIMROz (ORCPT <rfc822;pwkd43@gmail.com> + 34 others);
Wed, 13 Sep 2023 13:14:55 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39086 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229468AbjIMROy (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Wed, 13 Sep 2023 13:14:54 -0400
Received: from out-212.mta0.migadu.com (out-212.mta0.migadu.com
[91.218.175.212])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E61F3A3
for <linux-kernel@vger.kernel.org>;
Wed, 13 Sep 2023 10:14:49 -0700 (PDT)
X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and
include these headers.
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1;
t=1694625288;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding;
bh=Gc6HzykR+A0L83xKMiWxb5E3eMlheJobgexoepcnfG0=;
b=ODwSiHcis3mdddO8WgNkr0OX4CFlXGCtxXFw1qh2OkYCRDvsJp2kKgsnNbJ8Ge1HWYw6Gg
qFyB7nW3syZF3lt4fEZE89uDLMmQd0mlYzmeI+kPXZAt1II6Wy6iHHDK6XeYOtxVHOkOq+
EPv9hZtm5/AmnbNkbRVPkdVPGebLbzw=
From: andrey.konovalov@linux.dev
To: Marco Elver <elver@google.com>,
Alexander Potapenko <glider@google.com>
Cc: Andrey Konovalov <andreyknvl@gmail.com>,
Dmitry Vyukov <dvyukov@google.com>,
Vlastimil Babka <vbabka@suse.cz>, kasan-dev@googlegroups.com,
Evgenii Stepanov <eugenis@google.com>,
Oscar Salvador <osalvador@suse.de>,
Andrew Morton <akpm@linux-foundation.org>, linux-mm@kvack.org,
linux-kernel@vger.kernel.org,
Andrey Konovalov <andreyknvl@google.com>
Subject: [PATCH v2 00/19] stackdepot: allow evicting stack traces
Date: Wed, 13 Sep 2023 19:14:25 +0200
Message-Id: <cover.1694625260.git.andreyknvl@google.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Migadu-Flow: FLOW_OUT
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]);
Wed, 13 Sep 2023 10:15:00 -0700 (PDT)
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1776947582361574905
X-GMAIL-MSGID: 1776947582361574905
|
| Series |
stackdepot: allow evicting stack traces
|
|
Message
andrey.konovalov@linux.dev
Sept. 13, 2023, 5:14 p.m. UTC
From: Andrey Konovalov <andreyknvl@google.com>
Currently, the stack depot grows indefinitely until it reaches its
capacity. Once that happens, the stack depot stops saving new stack
traces.
This creates a problem for using the stack depot for in-field testing
and in production.
For such uses, an ideal stack trace storage should:
1. Allow saving fresh stack traces on systems with a large uptime while
limiting the amount of memory used to store the traces;
2. Have a low performance impact.
Implementing #1 in the stack depot is impossible with the current
keep-forever approach. This series targets to address that. Issue #2 is
left to be addressed in a future series.
This series changes the stack depot implementation to allow evicting
unneeded stack traces from the stack depot. The users of the stack depot
can do that via new stack_depot_save_flags(STACK_DEPOT_FLAG_GET) and
stack_depot_put APIs.
Internal changes to the stack depot code include:
1. Storing stack traces in fixed-frame-sized slots; the slot size is
controlled via CONFIG_STACKDEPOT_MAX_FRAMES (vs precisely-sized
slots in the current implementation);
2. Keeping available slots in a freelist (vs keeping an offset to the next
free slot);
3. Using a read/write lock for synchronization (vs a lock-free approach
combined with a spinlock).
This series also integrates the eviction functionality in the tag-based
KASAN modes.
Despite wasting some space on rounding up the size of each stack record,
with CONFIG_STACKDEPOT_MAX_FRAMES=32, the tag-based KASAN modes end up
consuming ~5% less memory in stack depot during boot (with the default
stack ring size of 32k entries). The reason for this is the eviction of
irrelevant stack traces from the stack depot, which frees up space for
other stack traces.
For other tools that heavily rely on the stack depot, like Generic KASAN
and KMSAN, this change leads to the stack depot capacity being reached
sooner than before. However, as these tools are mainly used in fuzzing
scenarios where the kernel is frequently rebooted, this outcome should
be acceptable.
There is no measurable boot time performance impact of these changes for
KASAN on x86-64. I haven't done any tests for arm64 modes (the stack
depot without performance optimizations is not suitable for intended use
of those anyway), but I expect a similar result. Obtaining and copying
stack trace frames when saving them into stack depot is what takes the
most time.
This series does not yet provide a way to configure the maximum size of
the stack depot externally (e.g. via a command-line parameter). This will
be added in a separate series, possibly together with the performance
improvement changes.
---
Changes v1->v2:
- Rework API to stack_depot_save_flags(STACK_DEPOT_FLAG_GET) +
stack_depot_put.
- Add CONFIG_STACKDEPOT_MAX_FRAMES Kconfig option.
- Switch stack depot to using list_head's.
- Assorted minor changes, see the commit message for each path.
Andrey Konovalov (19):
lib/stackdepot: check disabled flag when fetching
lib/stackdepot: simplify __stack_depot_save
lib/stackdepot: drop valid bit from handles
lib/stackdepot: add depot_fetch_stack helper
lib/stackdepot: use fixed-sized slots for stack records
lib/stackdepot: fix and clean-up atomic annotations
lib/stackdepot: rework helpers for depot_alloc_stack
lib/stackdepot: rename next_pool_required to new_pool_required
lib/stackdepot: store next pool pointer in new_pool
lib/stackdepot: store free stack records in a freelist
lib/stackdepot: use read/write lock
lib/stackdepot: use list_head for stack record links
kmsan: use stack_depot_save instead of __stack_depot_save
lib/stackdepot, kasan: add flags to __stack_depot_save and rename
lib/stackdepot: add refcount for records
lib/stackdepot: allow users to evict stack traces
kasan: remove atomic accesses to stack ring entries
kasan: check object_size in kasan_complete_mode_report_info
kasan: use stack_depot_put for tag-based modes
include/linux/stackdepot.h | 59 ++++--
lib/Kconfig | 10 +-
lib/stackdepot.c | 410 ++++++++++++++++++++++++-------------
mm/kasan/common.c | 7 +-
mm/kasan/generic.c | 9 +-
mm/kasan/kasan.h | 2 +-
mm/kasan/report_tags.c | 27 +--
mm/kasan/tags.c | 24 ++-
mm/kmsan/core.c | 7 +-
9 files changed, 356 insertions(+), 199 deletions(-)
Comments
On Wed, Sep 13, 2023 at 7:14 PM <andrey.konovalov@linux.dev> wrote: > > From: Andrey Konovalov <andreyknvl@google.com> > > Currently, the stack depot grows indefinitely until it reaches its > capacity. Once that happens, the stack depot stops saving new stack > traces. > > This creates a problem for using the stack depot for in-field testing > and in production. > > For such uses, an ideal stack trace storage should: > > 1. Allow saving fresh stack traces on systems with a large uptime while > limiting the amount of memory used to store the traces; > 2. Have a low performance impact. > > Implementing #1 in the stack depot is impossible with the current > keep-forever approach. This series targets to address that. Issue #2 is > left to be addressed in a future series. > > This series changes the stack depot implementation to allow evicting > unneeded stack traces from the stack depot. The users of the stack depot > can do that via new stack_depot_save_flags(STACK_DEPOT_FLAG_GET) and > stack_depot_put APIs. > > Internal changes to the stack depot code include: > > 1. Storing stack traces in fixed-frame-sized slots; the slot size is > controlled via CONFIG_STACKDEPOT_MAX_FRAMES (vs precisely-sized > slots in the current implementation); > 2. Keeping available slots in a freelist (vs keeping an offset to the next > free slot); > 3. Using a read/write lock for synchronization (vs a lock-free approach > combined with a spinlock). > > This series also integrates the eviction functionality in the tag-based > KASAN modes. > > Despite wasting some space on rounding up the size of each stack record, > with CONFIG_STACKDEPOT_MAX_FRAMES=32, the tag-based KASAN modes end up > consuming ~5% less memory in stack depot during boot (with the default > stack ring size of 32k entries). The reason for this is the eviction of > irrelevant stack traces from the stack depot, which frees up space for > other stack traces. > > For other tools that heavily rely on the stack depot, like Generic KASAN > and KMSAN, this change leads to the stack depot capacity being reached > sooner than before. However, as these tools are mainly used in fuzzing > scenarios where the kernel is frequently rebooted, this outcome should > be acceptable. > > There is no measurable boot time performance impact of these changes for > KASAN on x86-64. I haven't done any tests for arm64 modes (the stack > depot without performance optimizations is not suitable for intended use > of those anyway), but I expect a similar result. Obtaining and copying > stack trace frames when saving them into stack depot is what takes the > most time. > > This series does not yet provide a way to configure the maximum size of > the stack depot externally (e.g. via a command-line parameter). This will > be added in a separate series, possibly together with the performance > improvement changes. Hi Marco and Alex, Could you PTAL at the not-yet-reviewed patches in this series when you get a chance? Thanks!
On Thu, 5 Oct 2023 at 22:36, Andrey Konovalov <andreyknvl@gmail.com> wrote: > > On Wed, Sep 13, 2023 at 7:14 PM <andrey.konovalov@linux.dev> wrote: > > > > From: Andrey Konovalov <andreyknvl@google.com> > > > > Currently, the stack depot grows indefinitely until it reaches its > > capacity. Once that happens, the stack depot stops saving new stack > > traces. > > > > This creates a problem for using the stack depot for in-field testing > > and in production. > > > > For such uses, an ideal stack trace storage should: > > > > 1. Allow saving fresh stack traces on systems with a large uptime while > > limiting the amount of memory used to store the traces; > > 2. Have a low performance impact. > > > > Implementing #1 in the stack depot is impossible with the current > > keep-forever approach. This series targets to address that. Issue #2 is > > left to be addressed in a future series. > > > > This series changes the stack depot implementation to allow evicting > > unneeded stack traces from the stack depot. The users of the stack depot > > can do that via new stack_depot_save_flags(STACK_DEPOT_FLAG_GET) and > > stack_depot_put APIs. > > > > Internal changes to the stack depot code include: > > > > 1. Storing stack traces in fixed-frame-sized slots; the slot size is > > controlled via CONFIG_STACKDEPOT_MAX_FRAMES (vs precisely-sized > > slots in the current implementation); > > 2. Keeping available slots in a freelist (vs keeping an offset to the next > > free slot); > > 3. Using a read/write lock for synchronization (vs a lock-free approach > > combined with a spinlock). > > > > This series also integrates the eviction functionality in the tag-based > > KASAN modes. > > > > Despite wasting some space on rounding up the size of each stack record, > > with CONFIG_STACKDEPOT_MAX_FRAMES=32, the tag-based KASAN modes end up > > consuming ~5% less memory in stack depot during boot (with the default > > stack ring size of 32k entries). The reason for this is the eviction of > > irrelevant stack traces from the stack depot, which frees up space for > > other stack traces. > > > > For other tools that heavily rely on the stack depot, like Generic KASAN > > and KMSAN, this change leads to the stack depot capacity being reached > > sooner than before. However, as these tools are mainly used in fuzzing > > scenarios where the kernel is frequently rebooted, this outcome should > > be acceptable. > > > > There is no measurable boot time performance impact of these changes for > > KASAN on x86-64. I haven't done any tests for arm64 modes (the stack > > depot without performance optimizations is not suitable for intended use > > of those anyway), but I expect a similar result. Obtaining and copying > > stack trace frames when saving them into stack depot is what takes the > > most time. > > > > This series does not yet provide a way to configure the maximum size of > > the stack depot externally (e.g. via a command-line parameter). This will > > be added in a separate series, possibly together with the performance > > improvement changes. > > Hi Marco and Alex, > > Could you PTAL at the not-yet-reviewed patches in this series when you > get a chance? There'll be a v3 with a few smaller still-pending fixes, right? I think I looked at it a while back and the rest that I didn't comment on looked fine, just waiting for v3. Feel free to send a v3 by end of week. I'll try to have another look today/tomorrow just in case I missed something, but if there are no more comments please send v3 later in the week.
On Mon, Oct 9, 2023 at 2:35 PM Marco Elver <elver@google.com> wrote: > > > Hi Marco and Alex, > > > > Could you PTAL at the not-yet-reviewed patches in this series when you > > get a chance? > > There'll be a v3 with a few smaller still-pending fixes, right? I > think I looked at it a while back and the rest that I didn't comment > on looked fine, just waiting for v3. > > Feel free to send a v3 by end of week. I'll try to have another look > today/tomorrow just in case I missed something, but if there are no > more comments please send v3 later in the week. Yes, definitely, there will be v3. I just wanted to collect more feedback before spamming the list again. I will send v3 that addresses all the issues and new Alexander's comments (thanks!) next week (travelling for a conference right now). Thank you!