From: Jason Gunthorpe <jgg@ziepe.ca>
To: Christoph Hellwig <hch@lst.de>
Cc: "Jérôme Glisse" <jglisse@redhat.com>,
"Ben Skeggs" <bskeggs@redhat.com>,
"Ralph Campbell" <rcampbell@nvidia.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"nouveau@lists.freedesktop.org" <nouveau@lists.freedesktop.org>,
"dri-devel@lists.freedesktop.org"
<dri-devel@lists.freedesktop.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 4/6] nouveau: unlock mmap_sem on all errors from nouveau_range_fault
Date: Tue, 23 Jul 2019 14:17:31 -0300 [thread overview]
Message-ID: <20190723171731.GD15357@ziepe.ca> (raw)
In-Reply-To: <20190723163048.GD1655@lst.de>
On Tue, Jul 23, 2019 at 06:30:48PM +0200, Christoph Hellwig wrote:
> On Tue, Jul 23, 2019 at 03:18:28PM +0000, Jason Gunthorpe wrote:
> > Hum..
> >
> > The caller does this:
> >
> > again:
> > ret = nouveau_range_fault(&svmm->mirror, &range);
> > if (ret == 0) {
> > mutex_lock(&svmm->mutex);
> > if (!nouveau_range_done(&range)) {
> > mutex_unlock(&svmm->mutex);
> > goto again;
> >
> > And we can't call nouveau_range_fault() -> hmm_range_fault() without
> > holding the mmap_sem, so we can't allow nouveau_range_fault to unlock
> > it.
>
> Goto again can only happen if nouveau_range_fault was successful,
> in which case we did not drop mmap_sem.
Oh, right we switch from success = number of pages to success =0..
However the reason this looks so weird to me is that the locking
pattern isn't being followed, any result of hmm_range_fault should be
ignored until we enter the svmm->mutex and check if there was a
colliding invalidation.
So the 'goto again' *should* be possible even if range_fault failed.
But that is not for this patch..
> > ret = hmm_range_fault(range, true);
> > if (ret <= 0) {
> > if (ret == 0)
> > ret = -EBUSY;
> > - up_read(&range->vma->vm_mm->mmap_sem);
> > hmm_range_unregister(range);
>
> This would hold mmap_sem over hmm_range_unregister, which can lead
> to deadlock if we call exit_mmap and then acquire mmap_sem again.
That reminds me, this code is also leaking hmm_range_unregister() in
the success path, right?
I think the right way to structure this is to move the goto again and
related into the nouveau_range_fault() so the whole retry algorithm is
sensibly self contained.
Jason
next prev parent reply other threads:[~2019-07-23 17:17 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-22 9:44 hmm_range_fault related fixes and legacy API removal v2 Christoph Hellwig
2019-07-22 9:44 ` [PATCH 1/6] mm: always return EBUSY for invalid ranges in hmm_range_{fault,snapshot} Christoph Hellwig
2019-07-22 9:44 ` [PATCH 1/6] mm: always return EBUSY for invalid ranges in hmm_range_{fault, snapshot} Christoph Hellwig
2019-07-22 14:37 ` [PATCH 1/6] mm: always return EBUSY for invalid ranges in hmm_range_{fault,snapshot} Souptick Joarder
2019-07-22 14:37 ` [PATCH 1/6] mm: always return EBUSY for invalid ranges in hmm_range_{fault, snapshot} Souptick Joarder
2019-07-23 14:54 ` [PATCH 1/6] mm: always return EBUSY for invalid ranges in hmm_range_{fault,snapshot} Jason Gunthorpe
2019-07-23 16:19 ` Christoph Hellwig
2019-07-23 16:19 ` [PATCH 1/6] mm: always return EBUSY for invalid ranges in hmm_range_{fault, snapshot} Christoph Hellwig
2019-07-23 17:18 ` [PATCH 1/6] mm: always return EBUSY for invalid ranges in hmm_range_{fault,snapshot} Jason Gunthorpe
2019-07-22 9:44 ` [PATCH 2/6] mm: move hmm_vma_range_done and hmm_vma_fault to nouveau Christoph Hellwig
2019-07-23 14:55 ` Jason Gunthorpe
2019-07-22 9:44 ` [PATCH 3/6] nouveau: remove the block parameter to nouveau_range_fault Christoph Hellwig
2019-07-23 14:56 ` Jason Gunthorpe
2019-07-23 14:56 ` Jason Gunthorpe
2019-07-23 16:23 ` Christoph Hellwig
2019-07-22 9:44 ` [PATCH 4/6] nouveau: unlock mmap_sem on all errors from nouveau_range_fault Christoph Hellwig
2019-07-23 15:18 ` Jason Gunthorpe
2019-07-23 16:30 ` Christoph Hellwig
2019-07-23 17:17 ` Jason Gunthorpe [this message]
2019-07-23 17:23 ` Christoph Hellwig
2019-07-23 17:30 ` Jason Gunthorpe
2019-07-22 9:44 ` [PATCH 5/6] nouveau: return -EBUSY when hmm_range_wait_until_valid fails Christoph Hellwig
2019-07-23 15:18 ` Jason Gunthorpe
2019-07-22 9:44 ` [PATCH 6/6] mm: remove the legacy hmm_pfn_* APIs Christoph Hellwig
2019-07-23 1:11 ` hmm_range_fault related fixes and legacy API removal v2 Ralph Campbell
2019-07-23 1:11 ` Ralph Campbell
2019-07-23 15:20 ` Jason Gunthorpe
2019-07-23 15:20 ` Jason Gunthorpe
2019-07-23 15:27 ` Jason Gunthorpe
2019-07-23 16:32 ` Christoph Hellwig
-- strict thread matches above, loose matches on Subject: below --
2019-07-03 22:02 Christoph Hellwig
2019-07-03 22:02 ` [PATCH 4/6] nouveau: unlock mmap_sem on all errors from nouveau_range_fault Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190723171731.GD15357@ziepe.ca \
--to=jgg@ziepe.ca \
--cc=bskeggs@redhat.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=hch@lst.de \
--cc=jglisse@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=nouveau@lists.freedesktop.org \
--cc=rcampbell@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.