Re: [PATCH] [Request for inclusion] Filesystem in Userspace
From: Daniel Phillips (phillips_at_istop.com)
Date: 12/03/04
- Previous message: Daniel Phillips: "Re: [PATCH] [Request for inclusion] Filesystem in Userspace"
- Maybe in reply to: Avi Kivity: "Re: [PATCH] [Request for inclusion] Filesystem in Userspace"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: Rik van Riel <riel@redhat.com> Date: Fri, 3 Dec 2004 17:07:26 -0500
Hi Rik,
On Saturday 27 November 2004 12:07, Rik van Riel wrote:
> On Fri, 19 Nov 2004, Miklos Szeredi wrote:
> > The solution I'm thinking is along the lines of accounting the number
> > of writable pages assigned to FUSE filesystems. Limiting this should
> > solve the deadlock problem. This would only impact performance for
> > shared writable mappings, which are rare anyway.
>
> Note that NFS, and any filesystems on iSCSI or g/e/ndb block
> devices have the exact same problem. To explain why this is
> the case, lets start with the VM allocation and pageout
> thresholds:
>
> pages_min ------------------
>
> GFP_ATOMIC ------------------
>
> PF_MEMALLOC ------------------
>
> 0 ------------------
>
> When writing out a dirty page, the pageout code is allowed
> to allocate network buffers down to the PF_MEMALLOC boundary.
>
> However, when receiving the ACK network packets from the server,
> the network stack is only allowed to allocate memory down to the
> GFP_ATOMIC watermark.
>
> This means it is relatively easy to get the system to deadlock,
> under a heavy shared mmap workload.
Why only mmap? What makes generic_file_write immune to this problem?
> Limiting the number of
> simultaneous writeouts might make the problem harder to trigger,
> but is still no solution since the network layer could exhaust
> its allowed memory for other packets, and never get around to
> processing the ACKs for the pageout related network traffic!
>
> I have a solution in mind, but it's not pretty. It might be safe
> now that DaveM no longer travels. Still have to come up with a
> way to avoid being maimed by the other network developers, though...
The network stack is only a specific case of the problem. In general,
deadlock is possible whenever an asynchronous task sitting in the memory
writeout path allocates memory. That a userspace filesystem shows this
deadlock is only indirectly due to being in userspace. The real problem is
that the userspace task is a separate task from the one trying to do
writeout, and therefore does not inherit the PF_MEMALLOC state.
A lot of people think that mempool solves this problem, but it does not.
Consider the case of device mapper raid1:
- Non PF_MEMALLOC tasks grab all available memory.
- Normal device mapper writeout queues requests to its own raid1 daemon,
which has a mempool for submitting multiple requests to underlying
devices.
- Non PF_MEMALLOC requests from the raid1 daemon tasks first try to do
normal allocation, but that fails, so they start eating into the mempool
reserve.
- When the mempool is empty, the next allocation forces the task into
PF_MEMALLOC mode.
- The PF_MEMALLOC task initiates writeout
- The writeout submits a request to device mapper raid1
- Device mapper queues the request to its daemon
- The daemon needs memory to set up writes to several disks
- But normal memory is used up and the mempool is used up too.
- Gack, we have a problem.
So how is mempool supposed to work anyway? The idea is, each withdrawal from
the pool is supposed to be balanced by freeing the object some bounded time
later, so the system always makes progress. The fly in the ointment is that
the mempool can be exhausted by non PF_MEMALLOC tasks that later block on
memory inversion, and so are unable to restore the pool. So mempool as a
general solution is inherently broken. It works for, e.g., bio allocation,
where there are no asynchronous memory users in the writeout path, but this
not the general case. The hard case where we do have asynchronous users is
getting more and more common.
So it seems we have an serious problem here that goes way beyond the specific
examples people have noticed. As I see it, the _only_ solution is to
propagate the MEMALLOC state (and probably NOFS as well) to the asynchronous
task in some way. There are many possible variations on how to do this. A
lot of suggestions boil down to partitioning memory in various ways.
However, each new partitioning scheme takes a big step backwards from the
worthy goal of cache unification. Moreover, even with partitioning, you
still need a scheme for knowing when to dip into the partition or the
partition's reserve if it has one. In other words, we immediately return to
the question of how to propagate the PF_MEMALLOC state. This is the real
problem, and we need to focus on it.
By the way, what is your secret solution for the network stack?
Regards,
Daniel
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- Previous message: Daniel Phillips: "Re: [PATCH] [Request for inclusion] Filesystem in Userspace"
- Maybe in reply to: Avi Kivity: "Re: [PATCH] [Request for inclusion] Filesystem in Userspace"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
