Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp956177pxv; Thu, 1 Jul 2021 13:16:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwb3+LscsQJq+lC6mWdz07/pVWMUROt58ccEvW5OhQcdIw8919Xj5tp2PH+MCPPcQDdWhML X-Received: by 2002:a02:6382:: with SMTP id j124mr1419746jac.72.1625170568372; Thu, 01 Jul 2021 13:16:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1625170568; cv=none; d=google.com; s=arc-20160816; b=dGNxohuOyvCd+yq7tIFp6GLb+IFAbYmuWMM3WorlvbyVDrKB6f0Na4/wOgz19glCFV /1gtrxhHcTfBcmHq4X66CFC3CFep02A1WgSXle+XEQ3RsDoMcHR9kLkZq+hyx20dpDQw nYQ2WpTQlilULXuzXhpTpC+mDn4iE5qP/KpcUR68y9yw7G8pWh/jKxyxxybHNSWbC0IS UNJ+C+2kuRWp/IUbslGP3jIMuzEJ4MufKSbARyuwGOMKM5gnl7XHqv+GMFbKLHmX3AgA 6sYAnhaTp5/khUoKqpElCP3DynyXvpFuiVeDw9/Hmu1rdtcik42yd7mMZcfP5oIj87lx PG3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=2iNcNOPlfT+qWPK+b3Uy11X2JBFYAgrqY9VVeV4ulS8=; b=nldgn5k43cRz0Oo9v6StSQgirzT45ON3f12zCHMGvNc9+p6UzY5896P+TlSxSkbyEl k2LcHC40XVu46uoVWjzizf6KV7eRMG+3dba/T/mOEj8pzwY6yu4lhtCC5eQpeyHxFbiv Sbm3ciXQg7ZqkovPpuIhfP5cCnC4jOImYD3GV1tZL+083FMsjaraw14+XiZ4g0a1tNvm JggR96swaPOV23VL81tsgEoQYMgd35nPg8yTP8GZ3XN9hRVSwc85pLj5Omi5Eocsek4M fJvg02qjoGyQ5jcO8V+RjGdkyWvLdOgVlX2ygoq4SBGcYP6AHxKmz8w2i1ErQn0ifeBF tcwA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=H8D4sU0q; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l15si885009iok.34.2021.07.01.13.15.55; Thu, 01 Jul 2021 13:16:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=H8D4sU0q; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233498AbhGAUSA (ORCPT + 99 others); Thu, 1 Jul 2021 16:18:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54300 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232113AbhGAUR7 (ORCPT ); Thu, 1 Jul 2021 16:17:59 -0400 Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BF23EC061762 for ; Thu, 1 Jul 2021 13:15:27 -0700 (PDT) Received: by mail-lf1-x12e.google.com with SMTP id t17so14103546lfq.0 for ; Thu, 01 Jul 2021 13:15:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2iNcNOPlfT+qWPK+b3Uy11X2JBFYAgrqY9VVeV4ulS8=; b=H8D4sU0qi8I8AexpK1PssC7DU2czpDwmWVt+gaksX9V0+4qrhKVDeAU4WC8yrVExYC M4yjFLQXLHVEUWOJxmw4kTbvDus+9qR26Lidx/Zsz9UWn9KtkLtY1eQ68x/nntopJt5V MkXIhnFBYxdh8Ujqznp+zti9Rs1/SumlGyZC4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2iNcNOPlfT+qWPK+b3Uy11X2JBFYAgrqY9VVeV4ulS8=; b=RLRwu1xzLMGP3AINAWp4y+EYE6dAtTy8GsKNKaKRWRwSt8p177JNjXFQMrq4+s/Bdp uNirh0q4BkhlmUWE5MdMqVjsYx1rawnO6F6WOZ1olCbvi+kHsK8Ie66qoQ+GB834pJNq pzufba1DDguM4YfEMziD98GxNiL5C3VLlzfvC64KWlUWSpJQFxPtl99xjcUAGvpvd2Zq JXtOZErF0wFZYfrcaZiQ3iy35Usd0hWSdSCRv0gOTwozk03CDy4VYOWho0oyV0Y1nnSV gDvXxT/VRgc7zcGQU22Rje/AnjMRAH0nF0hxN/TKQKJwCYFLD/aBPWCRNL3ldEGV9dWR CNdw== X-Gm-Message-State: AOAM533OZLaW+jc4nBUfSWKuYrxWiVbbtp+EESjz1xtBNqXpkHjbHbRL 4QME8V8aLwUdWwBtkKpqJyNZHJkKmvK1fseOJVc= X-Received: by 2002:ac2:4906:: with SMTP id n6mr1077689lfi.592.1625170525486; Thu, 01 Jul 2021 13:15:25 -0700 (PDT) Received: from mail-lj1-f181.google.com (mail-lj1-f181.google.com. [209.85.208.181]) by smtp.gmail.com with ESMTPSA id n17sm63704lft.74.2021.07.01.13.15.23 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 01 Jul 2021 13:15:24 -0700 (PDT) Received: by mail-lj1-f181.google.com with SMTP id p24so10219914ljj.1 for ; Thu, 01 Jul 2021 13:15:23 -0700 (PDT) X-Received: by 2002:a05:651c:32e:: with SMTP id b14mr965880ljp.251.1625170523672; Thu, 01 Jul 2021 13:15:23 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Thu, 1 Jul 2021 13:15:07 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [git pull] drm for 5.14-rc1 To: Dave Airlie , Philip Yang , Felix Kuehling , Alex Deucher Cc: Daniel Vetter , dri-devel , LKML Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 30, 2021 at 9:34 PM Dave Airlie wrote: > > Hi Linus, > > This is the main drm pull request for 5.14-rc1. > > I've done a test pull into your current tree, and hit two conflicts > (one in vc4, one in amdgpu), both seem pretty trivial, the amdgpu one > is recent and sfr sent out a resolution for it today. Well, the resolutions may be trivial, but the conflict made me look at the code, and it's buggy. Commit 04d8d73dbcbe ("drm/amdgpu: add common HMM get pages function") is broken. It made the code do mmap_read_lock(mm); vma = find_vma(mm, start); mmap_read_unlock(mm); and then it *uses* that "vma" after it has dropped the lock. That's a big no-no - once you've dropped the lock, the vma contents simply aren't reliable any more. That mapping could now be unmapped and removed at any time. Now, the conflict actually made one of the uses go away (switching to vma_lookup() means that the subsequent code no longer needs to look at "vm_start" to verify we're actually _inside_ the vma), but it still checks for vma->vm_file afterwards. So those locking changes in commit 04d8d73dbcbe are completely bogus. I tried to fix up that bug while handling the conflict, but who knows what else similar is going on elsewhere. So I would ask people to (a) verify that I didn't make things worse as I fixed things up (note how I had to change the last argument to amdgpu_hmm_range_get_pages() from false to true etc). (b) go and look at their vma lookup code: you can't just look up a vma under the lock, and then drop the lock, and then think things stay stable. In particular for that (b) case: it is *NOT* enough to look up vma->vm_file inside the lock and cache that. No - if the test is about "no backing file before looking up pages", then you have to *keep* holding the lock until after you've actually looked up the pages! Because otherwise any test for "vma->vm_file" is entirely pointless, for the same reason it's buggy to even look at it after dropping the lock: because once you've dropped the lock, the thing you just tested for might not be true any more. So no, it's not valid to do bool has_file = vma && vma->vm_file; and then drop the lock, because you don't use 'vma' any more as a pointer, and then use 'has_file' outside the lock. Because after you've dropped the lock, 'has_file' is now meaningless. So it's not just about "you can't look at vma->vm_file after dropping the lock". It's more fundamental than that. Any *decision* you make based on the vma is entirely pointless and moot after the lock is dropped! Did I fix it up correctly? Who knows. The code makes more sense to me now and seems valid. But I really *really* want to stress how locking is important. You also can't just unlock in the middle of an operation - even if you then take the lock *again* later (as amdgpu_hmm_range_get_pages() then did), the fact that you unlocked in the middle means that all the earlier tests you did are simply no longer valid when you re-take the lock. Linus