| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Jul 2022 14:36:14 +0200
From: Vincent Guittot <vincent.guittot@...aro.org>
To: Qais Yousef <qais.yousef@....com>
Cc: Ingo Molnar <mingo@...nel.org>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Dietmar Eggemann <dietmar.eggemann@....com>,
linux-kernel@...r.kernel.org, Xuewen Yan <xuewen.yan94@...il.com>,
Wei Wang <wvw@...gle.com>,
Jonathan JMChen <Jonathan.JMChen@...iatek.com>,
Hank <han.lin@...iatek.com>
Subject: Re: [PATCH 1/7] sched/uclamp: Fix relationship between uclamp and
migration margin
On Wed, 29 Jun 2022 at 21:47, Qais Yousef <qais.yousef@....com> wrote:
>
> fits_capacity() verifies that a util is within 20% margin of the
> capacity of a CPU, which is an attempt to speed up upmigration.
>
> But when uclamp is used, this 20% margin is problematic because for
> example if a task is boosted to 1024, then it will not fit on any CPU
> according to fits_capacity() logic.
>
> Or if a task is boosted to capacity_orig_of(medium_cpu). The task will
> end up on big instead on the desired medium CPU.
>
> Similar corner cases exist for uclamp and usage of capacity_of().
> Slightest irq pressure on biggest CPU for example will make a 1024
> boosted task look like it can't fit.
>
> What we really want is for uclamp comparisons to ignore the migration
> margin and capacity pressure, yet retain them for when checking the
> _actual_ util signal.
I fully agree on the migration margin but I'm a bit more skeptical
about the capacity pressure. If uclam_min is set to ensure a minimum
compute capacity of X for a task but the CPU can't provide such
capacity because of some pressures (I have irq and thermal in mind),
then we should find a better cpu otherwise uclamp_min becomes
meaningless because it doesn't ensure a minimum compute capacity which
usually means a time to execute the work of the thread
>
> For example, task p:
>
> p->util_avg = 300
> p->uclamp[UCLAMP_MIN] = 1024
>
> Will fit a big CPU. But
>
> p->util_avg = 900
> p->uclamp[UCLAMP_MIN] = 1024
>
> will not, this should trigger overutilized state because the big CPU is
> now *actually* being saturated.
>
> Similar reasoning applies to capping tasks with UCLAMP_MAX. For example:
>
> p->util_avg = 1024
> p->uclamp[UCLAMP_MAX] = capacity_orig_of(medium_cpu)
>
> Should fit the task on medium cpus without triggering overutilized
> state.
>
> Inlined comments expand more on desired behavior in more scenarios.
>
> Introduce new util_fits_cpu() function which encapsulates the new logic.
> The new function is not used anywhere yet, but will be used to update
> various users of fits_capacity() in later patches.
>
> Fixes: af24bde8df202 ("sched/uclamp: Add uclamp support to energy_compute()")
> Signed-off-by: Qais Yousef <qais.yousef@....com>
> ---
> kernel/sched/fair.c | 114 ++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 114 insertions(+)
>
> diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
> index f80ae86bb404..5eecae32a0f6 100644
> --- a/kernel/sched/fair.c
> +++ b/kernel/sched/fair.c
> @@ -4203,6 +4203,120 @@ static inline void util_est_update(struct cfs_rq *cfs_rq,
> trace_sched_util_est_se_tp(&p->se);
> }
>
> +static inline int util_fits_cpu(unsigned long util,
> + unsigned long uclamp_min,
> + unsigned long uclamp_max,
> + int cpu)
> +{
> + unsigned long capacity = capacity_of(cpu);
> + unsigned long capacity_orig;
> + bool fits, max_capacity;
> + bool uclamp_max_fits;
> +
> + /*
> + * Check if the real util fits without any uclamp boost/cap applied.
> + */
> + fits = fits_capacity(util, capacity);
> +
> + if (!uclamp_is_used())
> + return fits;
> +
> + /*
> + * We must use capacity_orig_of() for comparing against uclamp_min and
> + * uclamp_max. We only care about capacity pressure (by using
> + * capacity_of()) for comparing against the real util.
I don't fully agree on this. see below
> + *
> + * If a task is boosted to 1024 for example, we don't want a tiny
> + * pressure to skew the check whether it fits a CPU or not.
But should we look for a CPU with less pressure ?
Another example:
Task boosted to capacity_orig_of(medium_cpu) and there is pressure of
this medium CPU. Shouldn't we look for another CPU either a medium
without pressure or a big core if all mediums are under pressure ?
Otherwise, uclamp_min can become somewhat meaningless because you will
not have the requested min capacity when running. If you really want
your task to never go on big core, some cpu affinity would be a better
way to achieve this
> + *
> + * Similarly if a task is capped to capacity_orig_of(little_cpu), it
> + * should fit a little cpu even if there's some pressure.
> + *
> + * Known limitation is when thermal pressure is severe to the point
> + * where we have capacity inversion. We don't cater for that as the
> + * system performance will already be impacted severely.
> + */
> + capacity_orig = capacity_orig_of(cpu);
> +
> + /*
> + * We want to force a task to fit a cpu as implied by uclamp_max.
> + * But we do have some corner cases to cater for..
> + *
> + *
> + * C=z
> + * | ___
> + * | C=y | |
> + * |_ _ _ _ _ _ _ _ _ ___ _ _ _ | _ | _ _ _ _ _ uclamp_max
> + * | C=x | | | |
> + * | ___ | | | |
> + * | | | | | | | (util somewhere in this region)
> + * | | | | | | |
> + * | | | | | | |
> + * +----------------------------------------
> + * cpu0 cpu1 cpu2
> + *
> + * In the above example if a task is capped to a specific performance
> + * point, y, then when:
> + *
> + * * util = 80% of x then it does not fit on cpu0 and should migrate
> + * to cpu1
> + * * util = 80% of y then it is forced to fit on cpu1 to honour
> + * uclamp_max request.
> + *
> + * which is what we're enforcing here. A task always fits if
> + * uclamp_max <= capacity_orig. But when uclamp_max > capacity_orig,
> + * the normal upmigration rules should withhold still.
> + *
> + * Only exception is when we are on max capacity, then we need to be
> + * careful not to block overutilized state. This is so because:
> + *
> + * 1. There's no concept of capping at max_capacity! We can't go
> + * beyond this performance level anyway.
> + * 2. The system is being saturated when we're operating near
> + * max_capacity, it doesn't make sense to block overutilized.
> + */
> + max_capacity = (capacity_orig == SCHED_CAPACITY_SCALE) && (uclamp_max == SCHED_CAPACITY_SCALE);
Is this intermediate variable max_capacity really needed ?
> + uclamp_max_fits = !max_capacity && (uclamp_max <= capacity_orig);
> + fits = fits || uclamp_max_fits;
> +
> + /*
> + *
> + * C=z
> + * | ___ (region a, capped, util >= uclamp_max)
> + * | C=y | |
> + * |_ _ _ _ _ _ _ _ _ ___ _ _ _ | _ | _ _ _ _ _ uclamp_max
> + * | C=x | | | |
> + * | ___ | | | | (region b, uclamp_min <= util <= uclamp_max)
> + * |_ _ _|_ _|_ _ _ _| _ | _ _ _| _ | _ _ _ _ _ uclamp_min
> + * | | | | | | |
> + * | | | | | | | (region c, boosted, util < uclamp_min)
> + * +----------------------------------------
> + * cpu0 cpu1 cpu2
> + *
> + * a) If util > uclamp_max, then we're capped, we don't care about
> + * actual fitness value here. We only care if uclamp_max fits
> + * capacity without taking margin/pressure into account.
> + * See comment above.
> + *
> + * b) If uclamp_min <= util <= uclamp_max, then the normal
> + * fits_capacity() rules apply. Except we need to ensure that we
> + * enforce we remain within uclamp_max, see comment above.
> + *
> + * c) If util < uclamp_min, then we are boosted. Same as (b) but we
> + * need to take into account the boosted value fits the CPU without
> + * taking margin/pressure into account.
> + *
> + * Cases (a) and (b) are handled in the 'fits' variable already. We
> + * just need to consider an extra check for case (c) after ensuring we
> + * handle the case uclamp_min > uclamp_max.
> + */
> + uclamp_min = min(uclamp_min, uclamp_max);
> + if (util < uclamp_min)
> + fits = fits && (uclamp_min <= capacity_orig);
> +
> + return fits;
> +}
> +
> static inline int task_fits_capacity(struct task_struct *p,
> unsigned long capacity)
> {
> --
> 2.25.1
>
Powered by blists - more mailing lists