Received: by 2002:a25:5b86:0:0:0:0:0 with SMTP id p128csp1093744ybb; Thu, 28 Mar 2019 19:46:09 -0700 (PDT) X-Google-Smtp-Source: APXvYqyodM19vgQ2JsagV7RE+Pzc4DbckXsSBB4TPN9PehE3b0vwcGOErsu882Z1lYw94sIWFlFc X-Received: by 2002:a63:7153:: with SMTP id b19mr37239220pgn.289.1553827569267; Thu, 28 Mar 2019 19:46:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553827569; cv=none; d=google.com; s=arc-20160816; b=MgaQPHy+19S13O4dPQU6Syh+z86PXnI784xqsKVGM+j7SoShPkYIuIGtO7/ww0pE8a eUcOeKmt0wpzTV2C4OkGCPPWdoZ0X0eiFgAU0G8rvLdeTQ6k+2i6SCBbuOSSelQZ+Dp3 tTDAg8l4CfbaFTbQ3jDn4dKr3zP6fUHu2ygYVOn4SGW+zRdOIoCcH5S7+UMPxDl0cANU eL5Cy+W6TEXOjbJURiXb1nSH3e2b7qRwb8L3a+SpBPuVyZ0XDA4sZ0YknofpTDPhn86R jo/j98EhN8oHNmUpUV00K0rUIIZEKyp4EzL1vb0Ol+Rg9dnYPFyJDrjk+tcGo2D93wX2 INmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=n2g2gZE/MhNi7nI6UCGVxkyvHL3xkteyl6AUacdA/M8=; b=A6WUqjGY7H0MxtrSRx98trLZiG00QH7iRilfZq2PC8iVHv0Ce3xwTM4lGo+adiM8uv Ks3cvSKlli9/Ycpnf1VN8F3vTgGlkV8HC1NKB9shl2Spspd9e6XQpdYjz86xPHLK6u3U ZWsmjoPVQUcEOsC/1qTjZ6kWBVDqt+v/0D+ywCJhPcJaA+BussSR3LHD2NXvIPfHP2Y9 L2B+S3+Wx3yH7Q+7ApJ0oSvYxIwtykEL/jxuYEn3BKOJKJ23Z4KpFaIQZZa1i551GzDB 9Mb3ZTkC7k5zNVw8k640GL2x4CCvFjPvKAnT52cggbwRiR3oUNoUH/Jydby7EdVmLcZo 4hDg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p9si680788pff.52.2019.03.28.19.45.52; Thu, 28 Mar 2019 19:46:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728022AbfC2CpQ (ORCPT + 99 others); Thu, 28 Mar 2019 22:45:16 -0400 Received: from mga11.intel.com ([192.55.52.93]:1928 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727434AbfC2CpP (ORCPT ); Thu, 28 Mar 2019 22:45:15 -0400 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Mar 2019 19:45:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,282,1549958400"; d="scan'208";a="156817100" Received: from iweiny-desk2.sc.intel.com ([10.3.52.157]) by fmsmga004.fm.intel.com with ESMTP; 28 Mar 2019 19:45:15 -0700 Date: Thu, 28 Mar 2019 11:44:08 -0700 From: Ira Weiny To: John Hubbard Cc: Jerome Glisse , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrew Morton , Dan Williams Subject: Re: [PATCH v2 10/11] mm/hmm: add helpers for driver to safely take the mmap_sem v2 Message-ID: <20190328184408.GK31324@iweiny-DESK2.sc.intel.com> References: <20190328213047.GB13560@redhat.com> <20190328220824.GE13560@redhat.com> <068db0a8-fade-8ed1-3b9d-c29c27797301@nvidia.com> <20190328224032.GH13560@redhat.com> <0b698b36-da17-434b-b8e7-4a91ac6c9d82@nvidia.com> <20190328230543.GI13560@redhat.com> <9e414b8c-0f98-a2f7-4f46-d335c015fc1b@nvidia.com> <20190328232404.GK13560@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.11.1 (2018-12-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 28, 2019 at 04:34:04PM -0700, John Hubbard wrote: > On 3/28/19 4:24 PM, Jerome Glisse wrote: > > On Thu, Mar 28, 2019 at 04:20:37PM -0700, John Hubbard wrote: > >> On 3/28/19 4:05 PM, Jerome Glisse wrote: > >>> On Thu, Mar 28, 2019 at 03:43:33PM -0700, John Hubbard wrote: > >>>> On 3/28/19 3:40 PM, Jerome Glisse wrote: > >>>>> On Thu, Mar 28, 2019 at 03:25:39PM -0700, John Hubbard wrote: > >>>>>> On 3/28/19 3:08 PM, Jerome Glisse wrote: > >>>>>>> On Thu, Mar 28, 2019 at 02:41:02PM -0700, John Hubbard wrote: > >>>>>>>> On 3/28/19 2:30 PM, Jerome Glisse wrote: > >>>>>>>>> On Thu, Mar 28, 2019 at 01:54:01PM -0700, John Hubbard wrote: > >>>>>>>>>> On 3/25/19 7:40 AM, jglisse@redhat.com wrote: > >>>>>>>>>>> From: J?r?me Glisse > >>>>>> [...] > >>>>>> OK, so let's either drop this patch, or if merge windows won't allow that, > >>>>>> then *eventually* drop this patch. And instead, put in a hmm_sanity_check() > >>>>>> that does the same checks. > >>>>> > >>>>> RDMA depends on this, so does the nouveau patchset that convert to new API. > >>>>> So i do not see reason to drop this. They are user for this they are posted > >>>>> and i hope i explained properly the benefit. > >>>>> > >>>>> It is a common pattern. Yes it only save couple lines of code but down the > >>>>> road i will also help for people working on the mmap_sem patchset. > >>>>> > >>>> > >>>> It *adds* a couple of lines that are misleading, because they look like they > >>>> make things safer, but they don't actually do so. > >>> > >>> It is not about safety, sorry if it confused you but there is nothing about > >>> safety here, i can add a big fat comment that explains that there is no safety > >>> here. The intention is to allow the page fault handler that potential have > >>> hundred of page fault queue up to abort as soon as it sees that it is pointless > >>> to keep faulting on a dying process. > >>> > >>> Again if we race it is _fine_ nothing bad will happen, we are just doing use- > >>> less work that gonna be thrown on the floor and we are just slowing down the > >>> process tear down. > >>> > >> > >> In addition to a comment, how about naming this thing to indicate the above > >> intention? I have a really hard time with this odd down_read() wrapper, which > >> allows code to proceed without really getting a lock. It's just too wrong-looking. > >> If it were instead named: > >> > >> hmm_is_exiting() > > > > What about: hmm_lock_mmap_if_alive() ? > > > > That's definitely better, but I want to vote for just doing a check, not > taking any locks. > > I'm not super concerned about the exact name, but I really want a routine that > just checks (and optionally asserts, via WARN or BUG), and that's *all*. Then > drivers can scatter that around like pixie dust as they see fit. Maybe right before > taking a lock, maybe in other places. Decoupled from locking. I agree. Names matter and any function which is called *_down_read and could potentially not take the lock should be called try_*_down_read. Furthermore users should be checking the return values from any try_*. It is also odd that we are calling "down/up" on something which is not a semaphore. So the user here needs to _know_ that they are really getting the lock on the mm which sits behind the scenes. What John is proposing is more explicit when reading driver code. Ira > > thanks, > -- > John Hubbard > NVIDIA >