From: Jason Gunthorpe <jgg@ziepe.ca>
To: Christoph Hellwig <hch@lst.de>
Cc: "Jérôme Glisse" <jglisse@redhat.com>,
"Ben Skeggs" <bskeggs@redhat.com>,
"Ralph Campbell" <rcampbell@nvidia.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"nouveau@lists.freedesktop.org" <nouveau@lists.freedesktop.org>,
"dri-devel@lists.freedesktop.org"
<dri-devel@lists.freedesktop.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 4/6] nouveau: unlock mmap_sem on all errors from nouveau_range_fault
Date: Tue, 23 Jul 2019 14:17:31 -0300 [thread overview]
Message-ID: <20190723171731.GD15357@ziepe.ca> (raw)
In-Reply-To: <20190723163048.GD1655@lst.de>
On Tue, Jul 23, 2019 at 06:30:48PM +0200, Christoph Hellwig wrote:
> On Tue, Jul 23, 2019 at 03:18:28PM +0000, Jason Gunthorpe wrote:
> > Hum..
> >
> > The caller does this:
> >
> > again:
> > ret = nouveau_range_fault(&svmm->mirror, &range);
> > if (ret == 0) {
> > mutex_lock(&svmm->mutex);
> > if (!nouveau_range_done(&range)) {
> > mutex_unlock(&svmm->mutex);
> > goto again;
> >
> > And we can't call nouveau_range_fault() -> hmm_range_fault() without
> > holding the mmap_sem, so we can't allow nouveau_range_fault to unlock
> > it.
>
> Goto again can only happen if nouveau_range_fault was successful,
> in which case we did not drop mmap_sem.
Oh, right we switch from success = number of pages to success =0..
However the reason this looks so weird to me is that the locking
pattern isn't being followed, any result of hmm_range_fault should be
ignored until we enter the svmm->mutex and check if there was a
colliding invalidation.
So the 'goto again' *should* be possible even if range_fault failed.
But that is not for this patch..
> > ret = hmm_range_fault(range, true);
> > if (ret <= 0) {
> > if (ret == 0)
> > ret = -EBUSY;
> > - up_read(&range->vma->vm_mm->mmap_sem);
> > hmm_range_unregister(range);
>
> This would hold mmap_sem over hmm_range_unregister, which can lead
> to deadlock if we call exit_mmap and then acquire mmap_sem again.
That reminds me, this code is also leaking hmm_range_unregister() in
the success path, right?
I think the right way to structure this is to move the goto again and
related into the nouveau_range_fault() so the whole retry algorithm is
sensibly self contained.
Jason
next prev parent reply other threads:[~2019-07-23 17:17 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-22 9:44 hmm_range_fault related fixes and legacy API removal v2 Christoph Hellwig
2019-07-22 9:44 ` [PATCH 1/6] mm: always return EBUSY for invalid ranges in hmm_range_{fault,snapshot} Christoph Hellwig
2019-07-22 14:37 ` Souptick Joarder
2019-07-23 14:54 ` Jason Gunthorpe
2019-07-23 16:19 ` Christoph Hellwig
2019-07-23 17:18 ` Jason Gunthorpe
2019-07-22 9:44 ` [PATCH 2/6] mm: move hmm_vma_range_done and hmm_vma_fault to nouveau Christoph Hellwig
2019-07-23 14:55 ` Jason Gunthorpe
2019-07-22 9:44 ` [PATCH 3/6] nouveau: remove the block parameter to nouveau_range_fault Christoph Hellwig
2019-07-23 14:56 ` Jason Gunthorpe
2019-07-23 16:23 ` Christoph Hellwig
2019-07-22 9:44 ` [PATCH 4/6] nouveau: unlock mmap_sem on all errors from nouveau_range_fault Christoph Hellwig
2019-07-23 15:18 ` Jason Gunthorpe
2019-07-23 16:30 ` Christoph Hellwig
2019-07-23 17:17 ` Jason Gunthorpe [this message]
2019-07-23 17:23 ` Christoph Hellwig
2019-07-23 17:30 ` Jason Gunthorpe
2019-07-22 9:44 ` [PATCH 5/6] nouveau: return -EBUSY when hmm_range_wait_until_valid fails Christoph Hellwig
2019-07-23 15:18 ` Jason Gunthorpe
2019-07-22 9:44 ` [PATCH 6/6] mm: remove the legacy hmm_pfn_* APIs Christoph Hellwig
2019-07-23 1:11 ` hmm_range_fault related fixes and legacy API removal v2 Ralph Campbell
2019-07-23 15:20 ` Jason Gunthorpe
2019-07-23 15:27 ` Jason Gunthorpe
2019-07-23 16:32 ` Christoph Hellwig
-- strict thread matches above, loose matches on Subject: below --
2019-07-03 22:02 Christoph Hellwig
2019-07-03 22:02 ` [PATCH 4/6] nouveau: unlock mmap_sem on all errors from nouveau_range_fault Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190723171731.GD15357@ziepe.ca \
--to=jgg@ziepe.ca \
--cc=bskeggs@redhat.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=hch@lst.de \
--cc=jglisse@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=nouveau@lists.freedesktop.org \
--cc=rcampbell@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).