Re: [RFC][Patch v9 2/6] KVM: Enables the kernel to isolate guest free pages

[Alexander Duyck]

On Tue, Mar 12, 2019 at 2:53 PM David Hildenbrand <david@xxxxxxxxxx> wrote:
>
> On 12.03.19 22:13, Alexander Duyck wrote:
> > On Tue, Mar 12, 2019 at 12:46 PM Nitesh Narayan Lal <nitesh@xxxxxxxxxx> wrote:
> >>
> >> On 3/8/19 4:39 PM, Alexander Duyck wrote:
> >>> On Fri, Mar 8, 2019 at 11:39 AM Nitesh Narayan Lal <nitesh@xxxxxxxxxx> wrote:
> >>>> On 3/8/19 2:25 PM, Alexander Duyck wrote:
> >>>>> On Fri, Mar 8, 2019 at 11:10 AM Nitesh Narayan Lal <nitesh@xxxxxxxxxx> wrote:
> >>>>>> On 3/8/19 1:06 PM, Alexander Duyck wrote:
> >>>>>>> On Thu, Mar 7, 2019 at 6:32 PM Michael S. Tsirkin <mst@xxxxxxxxxx> wrote:
> >>>>>>>> On Thu, Mar 07, 2019 at 02:35:53PM -0800, Alexander Duyck wrote:
> >>>>>>>>> The only other thing I still want to try and see if I can do is to add
> >>>>>>>>> a jiffies value to the page private data in the case of the buddy
> >>>>>>>>> pages.
> >>>>>>>> Actually there's one extra thing I think we should do, and that is make
> >>>>>>>> sure we do not leave less than X% off the free memory at a time.
> >>>>>>>> This way chances of triggering an OOM are lower.
> >>>>>>> If nothing else we could probably look at doing a watermark of some
> >>>>>>> sort so we have to have X amount of memory free but not hinted before
> >>>>>>> we will start providing the hints. It would just be a matter of
> >>>>>>> tracking how much memory we have hinted on versus the amount of memory
> >>>>>>> that has been pulled from that pool.
> >>>>>> This is to avoid false OOM in the guest?
> >>>>> Partially, though it would still be possible. Basically it would just
> >>>>> be a way of determining when we have hinted "enough". Basically it
> >>>>> doesn't do us much good to be hinting on free memory if the guest is
> >>>>> already constrained and just going to reallocate the memory shortly
> >>>>> after we hinted on it. The idea is with a watermark we can avoid
> >>>>> hinting until we start having pages that are actually going to stay
> >>>>> free for a while.
> >>>>>
> >>>>>>>  It is another reason why we
> >>>>>>> probably want a bit in the buddy pages somewhere to indicate if a page
> >>>>>>> has been hinted or not as we can then use that to determine if we have
> >>>>>>> to account for it in the statistics.
> >>>>>> The one benefit which I can see of having an explicit bit is that it
> >>>>>> will help us to have a single hook away from the hot path within buddy
> >>>>>> merging code (just like your arch_merge_page) and still avoid duplicate
> >>>>>> hints while releasing pages.
> >>>>>>
> >>>>>> I still have to check PG_idle and PG_young which you mentioned but I
> >>>>>> don't think we can reuse any existing bits.
> >>>>> Those are bits that are already there for 64b. I think those exist in
> >>>>> the page extension for 32b systems. If I am not mistaken they are only
> >>>>> used in VMA mapped memory. What I was getting at is that those are the
> >>>>> bits we could think about reusing.
> >>>>>
> >>>>>> If we really want to have something like a watermark, then can't we use
> >>>>>> zone->free_pages before isolating to see how many free pages are there
> >>>>>> and put a threshold on it? (__isolate_free_page() does a similar thing
> >>>>>> but it does that on per request basis).
> >>>>> Right. That is only part of it though since that tells you how many
> >>>>> free pages are there. But how many of those free pages are hinted?
> >>>>> That is the part we would need to track separately and then then
> >>>>> compare to free_pages to determine if we need to start hinting on more
> >>>>> memory or not.
> >>>> Only pages which are isolated will be hinted, and once a page is
> >>>> isolated it will not be counted in the zone free pages.
> >>>> Feel free to correct me if I am wrong.
> >>> You are correct up to here. When we isolate the page it isn't counted
> >>> against the free pages. However after we complete the hint we end up
> >>> taking it out of isolation and returning it to the "free" state, so it
> >>> will be counted against the free pages.
> >>>
> >>>> If I am understanding it correctly you only want to hint the idle pages,
> >>>> is that right?
> >>> Getting back to the ideas from our earlier discussion, we had 3 stages
> >>> for things. Free but not hinted, isolated due to hinting, and free and
> >>> hinted. So what we would need to do is identify the size of the first
> >>> pool that is free and not hinted by knowing the total number of free
> >>> pages, and then subtract the size of the pages that are hinted and
> >>> still free.
> >> To summarize, for now, I think it makes sense to stick with the current
> >> approach as this way we can avoid any locking in the allocation path and
> >> reduce the number of hypercalls for a bunch of MAX_ORDER - 1 page.
> >
> > I'm not sure what you are talking about by "avoid any locking in the
> > allocation path". Are you talking about the spin on idle bit, if so
> > then yes. However I have been testing your patches and I was correct
> > in the assumption that you forgot to handle the zone lock when you
> > were freeing __free_one_page. I just did a quick copy/paste from your
> > zone lock handling from the guest_free_page_hinting function into the
> > release_buddy_pages function and then I was able to enable multiple
> > CPUs without any issues.
> >
> >> For the next step other than the comments received in the code and what
> >> I mentioned in the cover email, I would like to do the following:
> >> 1. Explore the watermark idea suggested by Alex and bring down memhog
> >> execution time if possible.
> >
> > So there are a few things that are hurting us on the memhog test:
> > 1. The current QEMU patch is only madvising 4K pages at a time, this
> > is disabling THP and hurts the test.
> >
> > 2. The fact that we madvise the pages away makes it so that we have to
> > fault the page back in in order to use it for the memhog test. In
> > order to avoid that penalty we may want to see if we can introduce
> > some sort of "timeout" on the pages so that we are only hinting away
> > old pages that have not been used for some period of time.
> >
> > 3. Currently we are still doing a large amount of processing in the
> > page free path. Ideally we should look at getting away from trying to
> > do so much per-cpu work and instead just have some small tasks that
> > put the data needed in the page, and then have a separate thread
> > walking the free_list checking that data, isolating the pages, hinting
> > them, and then returning them back to the free_list.
>
> This is highly debatable. Whenever the is concurrency, there is the need
> for locking (well, at least synchronization - maybe using existing locks
> like the zone lock). The other thread has to run somewhere. One thread
> per VCPU might not what we want ... sorting this out might be more
> complicated than it would seem. I would suggest to defer the discussion
> of this change to a later stage. It can be easily reworked later - in
> theory :)

I'm not suggesting anything too complex for now. I would be happy with
just using the zone lock. The only other thing we would really need to
make it work is some sort of bit we could set once a page has been
hinted, and cleared when it is allocated. I"m leaning toward
PG_owner_priv_1 at this point since it doesn't seem to be used in the
buddy allocator but is heavily used/re-purposed in multiple other
spots.

> 1 and 2 you mention are the lower hanging fruits that will definitely
> improve performance.

Agreed. Although the challenge with 2 is getting to the page later
instead of trying to immediately hint on the page we just freed. That
is why I still thing 3 is going to tie in closely with 2.

> --
>
> Thanks,
>
> David / dhildenb