On Mon, Aug 03, 2020 at 12:32:59PM +0300, Kirill A. Shutemov wrote: > On Fri, Jul 31, 2020 at 01:32:41PM -0700, Peter Collingbourne wrote: > > Introduce a new mmap flag, MAP_REFPAGE, that creates a mapping similar > > to an anonymous mapping, but instead of clean pages being backed by the > > zero page, they are instead backed by a so-called reference page, whose > > address is specified using the offset argument to mmap. Loads from > > the mapping will load directly from the reference page, and initial > > stores to the mapping will copy-on-write from the reference page. > > > > Reference pages are useful in circumstances where anonymous mappings > > combined with manual stores to memory would impose undesirable costs, > > either in terms of performance or RSS. Use cases are focused on heap > > allocators and include: > > > > - Pattern initialization for the heap. This is where malloc(3) gives > > you memory whose contents are filled with a non-zero pattern > > byte, in order to help detect and mitigate bugs involving use > > of uninitialized memory. Typically this is implemented by having > > the allocator memset the allocation with the pattern byte before > > returning it to the user, but for large allocations this can result > > in a significant increase in RSS, especially for allocations that > > are used sparsely. Even for dense allocations there is a needless > > impact to startup performance when it may be better to amortize it > > throughout the program. By creating allocations using a reference > > page filled with the pattern byte, we can avoid these costs. > > > > - Pre-tagged heap memory. Memory tagging [1] is an upcoming ARMv8.5 > > feature which allows for memory to be tagged in order to detect > > certain kinds of memory errors with low overhead. In order to set > > up an allocation to allow memory errors to be detected, the entire > > allocation needs to have the same tag. The issue here is similar to > > pattern initialization in the sense that large tagged allocations > > will be expensive if the tagging is done up front. The idea is that > > the allocator would create reference pages with each of the possible > > memory tags, and use those reference pages for the large allocations. > > Looks like it's wrong layer to implement the functionality. Just have a > special fd that would return the same page for all vm_ops->fault and map > the fd with normal mmap(MAP_PRIVATE, fd). It will get you what you want > without touching core-mm. I think this would work even for the arm64 MTE (though I haven't tried): use memfd_create() to get such file descriptor, mmap() it as MAP_SHARED to populate the initial pattern, mmap() it as MAP_PRIVATE for any subsequent mapping that needs to be copied-on-write. -- Catalin
