tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

xfs: refine the allocation stack switch

The allocation stack switch at xfs_bmapi_allocate() has served it's
purpose, but is no longer a sufficient solution to the stack usage
problem we have in the XFS allocation path.

Whilst the kernel stack size is now 16k, that is not a valid reason
for undoing all our "keep stack usage down" modifications. What it
does allow us to do is have the freedom to refine and perfect the
modifications knowing that if we get it wrong it won't blow up in
our faces - we have a safety net now.

This is important because we still have the issue of older kernels
having smaller stacks and that they are still supported and are
demonstrating a wide range of different stack overflows. Red Hat
has several open bugs for allocation based stack overflows from
directory modifications and direct IO block allocation and these
problems still need to be solved. If we can solve them upstream,
then distro's won't need to bake their own unique solutions.

To that end, I've observed that every allocation based stack
overflow report has had a specific characteristic - it has happened
during or directly after a bmap btree block split. That event
requires a new block to be allocated to the tree, and so we
effectively stack one allocation stack on top of another, and that's
when we get into trouble.

A further observation is that bmap btree block splits are much rarer
than writeback allocation - over a range of different workloads I've
observed the ratio of bmap btree inserts to splits ranges from 100:1
(xfstests run) to 10000:1 (local VM image server with sparse files
that range in the hundreds of thousands to millions of extents).
Either way, bmap btree split events are much, much rarer than
allocation events.

Finally, we have to move the kswapd state to the allocation workqueue
work when allocation is done on behalf of kswapd. This is proving to
cause significant perturbation in performance under memory pressure
and appears to be generating allocation deadlock warnings under some
workloads, so avoiding the use of a workqueue for the majority of
kswapd writeback allocation will minimise the impact of such
behaviour.

Hence it makes sense to move the stack switch to xfs_btree_split()
and only do it for bmap btree splits. Stack switches during
allocation will be much rarer, so there won't be significant
performacne overhead caused by switching stacks. The worse case
stack from all allocation paths will be split, not just writeback.
And the majority of memory allocations will be done in the correct
context (e.g. kswapd) without causing additional latency, and so we
simplify the memory reclaim interactions between processes,
workqueues and kswapd.

The worst stack I've been able to generate with this patch in place
is 5600 bytes deep. It's very revealing because we exit XFS at:

37) 1768 64 kmem_cache_alloc+0x13b/0x170

about 1800 bytes of stack consumed, and the remaining 3800 bytes
(and 36 functions) is memory reclaim, swap and the IO stack. And
this occurs in the inode allocation from an open(O_CREAT) syscall,
not writeback.

The amount of stack being used is much less than I've previously be
able to generate - fs_mark testing has been able to generate stack
usage of around 7k without too much trouble; with this patch it's
only just getting to 5.5k. This is primarily because the metadata
allocation paths (e.g. directory blocks) are no longer causing
double splits on the same stack, and hence now stack tracing is
showing swapping being the worst stack consumer rather than XFS.

Performance of fs_mark inode create workloads is unchanged.
Performance of fs_mark async fsync workloads is consistently good
with context switches reduced by around 150,000/s (30%).
Performance of dbench, streaming IO and postmark is unchanged.
Allocation deadlock warnings have not been seen on the workloads
that generated them since adding this patch.

Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>

authored by

Dave Chinner and committed by
Dave Chinner cf11da9c aa182e64

+90 -62
+2 -5
fs/xfs/xfs_bmap.c
··· 4298 4298 } 4299 4299 4300 4300 4301 - int 4302 - __xfs_bmapi_allocate( 4301 + static int 4302 + xfs_bmapi_allocate( 4303 4303 struct xfs_bmalloca *bma) 4304 4304 { 4305 4305 struct xfs_mount *mp = bma->ip->i_mount; ··· 4577 4577 bma.userdata = 0; 4578 4578 bma.flist = flist; 4579 4579 bma.firstblock = firstblock; 4580 - 4581 - if (flags & XFS_BMAPI_STACK_SWITCH) 4582 - bma.stack_switch = 1; 4583 4580 4584 4581 while (bno < end && n < *nmap) { 4585 4582 inhole = eof || bma.got.br_startoff > bno;
+1 -3
fs/xfs/xfs_bmap.h
··· 77 77 * from written to unwritten, otherwise convert from unwritten to written. 78 78 */ 79 79 #define XFS_BMAPI_CONVERT 0x040 80 - #define XFS_BMAPI_STACK_SWITCH 0x080 81 80 82 81 #define XFS_BMAPI_FLAGS \ 83 82 { XFS_BMAPI_ENTIRE, "ENTIRE" }, \ ··· 85 86 { XFS_BMAPI_PREALLOC, "PREALLOC" }, \ 86 87 { XFS_BMAPI_IGSTATE, "IGSTATE" }, \ 87 88 { XFS_BMAPI_CONTIG, "CONTIG" }, \ 88 - { XFS_BMAPI_CONVERT, "CONVERT" }, \ 89 - { XFS_BMAPI_STACK_SWITCH, "STACK_SWITCH" } 89 + { XFS_BMAPI_CONVERT, "CONVERT" } 90 90 91 91 92 92 static inline int xfs_bmapi_aflag(int w)
-43
fs/xfs/xfs_bmap_util.c
··· 249 249 } 250 250 251 251 /* 252 - * Stack switching interfaces for allocation 253 - */ 254 - static void 255 - xfs_bmapi_allocate_worker( 256 - struct work_struct *work) 257 - { 258 - struct xfs_bmalloca *args = container_of(work, 259 - struct xfs_bmalloca, work); 260 - unsigned long pflags; 261 - 262 - /* we are in a transaction context here */ 263 - current_set_flags_nested(&pflags, PF_FSTRANS); 264 - 265 - args->result = __xfs_bmapi_allocate(args); 266 - complete(args->done); 267 - 268 - current_restore_flags_nested(&pflags, PF_FSTRANS); 269 - } 270 - 271 - /* 272 - * Some allocation requests often come in with little stack to work on. Push 273 - * them off to a worker thread so there is lots of stack to use. Otherwise just 274 - * call directly to avoid the context switch overhead here. 275 - */ 276 - int 277 - xfs_bmapi_allocate( 278 - struct xfs_bmalloca *args) 279 - { 280 - DECLARE_COMPLETION_ONSTACK(done); 281 - 282 - if (!args->stack_switch) 283 - return __xfs_bmapi_allocate(args); 284 - 285 - 286 - args->done = &done; 287 - INIT_WORK_ONSTACK(&args->work, xfs_bmapi_allocate_worker); 288 - queue_work(xfs_alloc_wq, &args->work); 289 - wait_for_completion(&done); 290 - destroy_work_on_stack(&args->work); 291 - return args->result; 292 - } 293 - 294 - /* 295 252 * Check if the endoff is outside the last extent. If so the caller will grow 296 253 * the allocation to a stripe unit boundary. All offsets are considered outside 297 254 * the end of file for an empty fork, so 1 is returned in *eof in that case.
+5 -8
fs/xfs/xfs_bmap_util.h
··· 50 50 xfs_extlen_t total; /* total blocks needed for xaction */ 51 51 xfs_extlen_t minlen; /* minimum allocation size (blocks) */ 52 52 xfs_extlen_t minleft; /* amount must be left after alloc */ 53 - char eof; /* set if allocating past last extent */ 54 - char wasdel; /* replacing a delayed allocation */ 55 - char userdata;/* set if is user data */ 56 - char aeof; /* allocated space at eof */ 57 - char conv; /* overwriting unwritten extents */ 58 - char stack_switch; 53 + bool eof; /* set if allocating past last extent */ 54 + bool wasdel; /* replacing a delayed allocation */ 55 + bool userdata;/* set if is user data */ 56 + bool aeof; /* allocated space at eof */ 57 + bool conv; /* overwriting unwritten extents */ 59 58 int flags; 60 59 struct completion *done; 61 60 struct work_struct work; ··· 64 65 int xfs_bmap_finish(struct xfs_trans **tp, struct xfs_bmap_free *flist, 65 66 int *committed); 66 67 int xfs_bmap_rtalloc(struct xfs_bmalloca *ap); 67 - int xfs_bmapi_allocate(struct xfs_bmalloca *args); 68 - int __xfs_bmapi_allocate(struct xfs_bmalloca *args); 69 68 int xfs_bmap_eof(struct xfs_inode *ip, xfs_fileoff_t endoff, 70 69 int whichfork, int *eof); 71 70 int xfs_bmap_count_blocks(struct xfs_trans *tp, struct xfs_inode *ip,
+81 -1
fs/xfs/xfs_btree.c
··· 33 33 #include "xfs_error.h" 34 34 #include "xfs_trace.h" 35 35 #include "xfs_cksum.h" 36 + #include "xfs_alloc.h" 36 37 37 38 /* 38 39 * Cursor allocation zone. ··· 2324 2323 * record (to be inserted into parent). 2325 2324 */ 2326 2325 STATIC int /* error */ 2327 - xfs_btree_split( 2326 + __xfs_btree_split( 2328 2327 struct xfs_btree_cur *cur, 2329 2328 int level, 2330 2329 union xfs_btree_ptr *ptrp, ··· 2503 2502 XFS_BTREE_TRACE_CURSOR(cur, XBT_ERROR); 2504 2503 return error; 2505 2504 } 2505 + 2506 + struct xfs_btree_split_args { 2507 + struct xfs_btree_cur *cur; 2508 + int level; 2509 + union xfs_btree_ptr *ptrp; 2510 + union xfs_btree_key *key; 2511 + struct xfs_btree_cur **curp; 2512 + int *stat; /* success/failure */ 2513 + int result; 2514 + bool kswapd; /* allocation in kswapd context */ 2515 + struct completion *done; 2516 + struct work_struct work; 2517 + }; 2518 + 2519 + /* 2520 + * Stack switching interfaces for allocation 2521 + */ 2522 + static void 2523 + xfs_btree_split_worker( 2524 + struct work_struct *work) 2525 + { 2526 + struct xfs_btree_split_args *args = container_of(work, 2527 + struct xfs_btree_split_args, work); 2528 + unsigned long pflags; 2529 + unsigned long new_pflags = PF_FSTRANS; 2530 + 2531 + /* 2532 + * we are in a transaction context here, but may also be doing work 2533 + * in kswapd context, and hence we may need to inherit that state 2534 + * temporarily to ensure that we don't block waiting for memory reclaim 2535 + * in any way. 2536 + */ 2537 + if (args->kswapd) 2538 + new_pflags |= PF_MEMALLOC | PF_SWAPWRITE | PF_KSWAPD; 2539 + 2540 + current_set_flags_nested(&pflags, new_pflags); 2541 + 2542 + args->result = __xfs_btree_split(args->cur, args->level, args->ptrp, 2543 + args->key, args->curp, args->stat); 2544 + complete(args->done); 2545 + 2546 + current_restore_flags_nested(&pflags, new_pflags); 2547 + } 2548 + 2549 + /* 2550 + * BMBT split requests often come in with little stack to work on. Push 2551 + * them off to a worker thread so there is lots of stack to use. For the other 2552 + * btree types, just call directly to avoid the context switch overhead here. 2553 + */ 2554 + STATIC int /* error */ 2555 + xfs_btree_split( 2556 + struct xfs_btree_cur *cur, 2557 + int level, 2558 + union xfs_btree_ptr *ptrp, 2559 + union xfs_btree_key *key, 2560 + struct xfs_btree_cur **curp, 2561 + int *stat) /* success/failure */ 2562 + { 2563 + struct xfs_btree_split_args args; 2564 + DECLARE_COMPLETION_ONSTACK(done); 2565 + 2566 + if (cur->bc_btnum != XFS_BTNUM_BMAP) 2567 + return __xfs_btree_split(cur, level, ptrp, key, curp, stat); 2568 + 2569 + args.cur = cur; 2570 + args.level = level; 2571 + args.ptrp = ptrp; 2572 + args.key = key; 2573 + args.curp = curp; 2574 + args.stat = stat; 2575 + args.done = &done; 2576 + args.kswapd = current_is_kswapd(); 2577 + INIT_WORK_ONSTACK(&args.work, xfs_btree_split_worker); 2578 + queue_work(xfs_alloc_wq, &args.work); 2579 + wait_for_completion(&done); 2580 + destroy_work_on_stack(&args.work); 2581 + return args.result; 2582 + } 2583 + 2506 2584 2507 2585 /* 2508 2586 * Copy the old inode root contents into a real block and make the
+1 -2
fs/xfs/xfs_iomap.c
··· 749 749 * pointer that the caller gave to us. 750 750 */ 751 751 error = xfs_bmapi_write(tp, ip, map_start_fsb, 752 - count_fsb, 753 - XFS_BMAPI_STACK_SWITCH, 752 + count_fsb, 0, 754 753 &first_block, 1, 755 754 imap, &nimaps, &free_list); 756 755 if (error)