From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5B0C2C433EF for ; Thu, 30 Jun 2022 13:49:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CD3928E0001; Thu, 30 Jun 2022 09:49:40 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C83CC6B0073; Thu, 30 Jun 2022 09:49:40 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B23AD8E0001; Thu, 30 Jun 2022 09:49:40 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id A30DE6B0072 for ; Thu, 30 Jun 2022 09:49:40 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 706EE33A4B for ; Thu, 30 Jun 2022 13:49:40 +0000 (UTC) X-FDA: 79635034920.24.B9BF0F0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf11.hostedemail.com (Postfix) with ESMTP id B9CBF4000A for ; Thu, 30 Jun 2022 13:49:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656596979; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=kAIsAO8/q3xt7t8QmRZnKGg22p7TRVULhh/Oocusryo=; b=YfnsrSjAeJ44q5QhuCTU0dHtE3oLjGNW229Tn53xxhrJ53uOT1P9AyjVK3c2vT1SNrgfFO ohyDG2Rj4b5Ur8sk9jM0VlQ1mV0ljuTQYS0sY92dWmog6Srb1jiY5x5GYuOEqHh91pX2k6 CoVU3LoLWZHzIWWNHaMbPYUlAFMyU6k= Received: from mail-il1-f199.google.com (mail-il1-f199.google.com [209.85.166.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-482-AkwF5WoDNvCX6MJcu0cP1A-1; Thu, 30 Jun 2022 09:49:37 -0400 X-MC-Unique: AkwF5WoDNvCX6MJcu0cP1A-1 Received: by mail-il1-f199.google.com with SMTP id i2-20020a056e021b0200b002dadf6a0a0eso243827ilv.12 for ; Thu, 30 Jun 2022 06:49:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=kAIsAO8/q3xt7t8QmRZnKGg22p7TRVULhh/Oocusryo=; b=Ary/9nVRPylatqOpRQgzYtQvCO9qFQARMO1hfmj7lO+v9vvx/0JKwI2RqhbdJW2HQG Pc4VLAoYueCgX+x+dSYWpUg7i4ZXlMBzeHy/KaUovoickgn462lOz+YfQ/ILvbmHoidk sNDQ/+C1WqtPnnctSss0ChIwsTxH/E9SmwAlgP5pE3+BO7E2TWx4CMXqCzWM7N4Zn9T6 I/B2QGzCB1EQGqJMlWP5fKlDZ0zhnsirICuIRrKtKb0SM33yU78lGs9dfLDSE2bOnAyE 99xW4mpdsTKGvF1dZ0rdM3Fo4o/590V5Bqo85LEnLzaKnvP19kbjTPHm9C6LvVUOYVx2 4t1Q== X-Gm-Message-State: AJIora+voclk/okROeAC8CnrJrYyjXYSiU4LDw09ciGygrWqfxwAOQZf pGYULP9jD4tZvsFw6HC/aPQ9XcCg+MQjdWIKHB3LKFYi91ZqP6NIwnf9f3KvdVlhy0/fG4eFjvp tPjc75cG68cI= X-Received: by 2002:a05:6638:264d:b0:33c:ba2d:72e6 with SMTP id n13-20020a056638264d00b0033cba2d72e6mr5277441jat.173.1656596976983; Thu, 30 Jun 2022 06:49:36 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tD4itwXAHEpqybOS05iyJ+cl7zul4Mwu95L2o5RF+XJkhqbNNhgR6ApJoHe/080Tk2rhwsPw== X-Received: by 2002:a05:6638:264d:b0:33c:ba2d:72e6 with SMTP id n13-20020a056638264d00b0033cba2d72e6mr5277419jat.173.1656596976660; Thu, 30 Jun 2022 06:49:36 -0700 (PDT) Received: from xz-m1.local (cpec09435e3e0ee-cmc09435e3e0ec.cpe.net.cable.rogers.com. [99.241.198.116]) by smtp.gmail.com with ESMTPSA id g18-20020a05663810f200b00339d5108b60sm8680220jae.17.2022.06.30.06.49.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Jun 2022 06:49:36 -0700 (PDT) Date: Thu, 30 Jun 2022 09:49:34 -0400 From: Peter Xu To: John Hubbard Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini , Andrew Morton , David Hildenbrand , "Dr . David Alan Gilbert" , Andrea Arcangeli , Linux MM Mailing List , Sean Christopherson Subject: Re: [PATCH 1/4] mm/gup: Add FOLL_INTERRUPTIBLE Message-ID: References: <20220622213656.81546-1-peterx@redhat.com> <20220622213656.81546-2-peterx@redhat.com> <16c181d3-09ef-ace4-c910-0a13fc245e48@nvidia.com> <177284f9-416d-c142-a826-e9a497751fca@nvidia.com> <17f9eae0-01bb-4793-201e-16ee267c07f2@nvidia.com> MIME-Version: 1.0 In-Reply-To: <17f9eae0-01bb-4793-201e-16ee267c07f2@nvidia.com> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Disposition: inline ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1656596980; a=rsa-sha256; cv=none; b=0X2OZaTQe26h50VxPLvHb+01rr6tTYLv9wOmAx0Q4BzHbnd3U5Q+2VJ59Tzv1UCOtWPMwf hJJpgWJo7o9Je5eldTvzJS85AAMdcYvvafq0Xp/EiEN6eNHE5U4WaNuwwFVSYMAgU5MlAu zsxspKvYh8y9ya4TbH5UaVkk+2gzzGI= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=YfnsrSjA; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf11.hostedemail.com: domain of peterx@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=peterx@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1656596980; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=kAIsAO8/q3xt7t8QmRZnKGg22p7TRVULhh/Oocusryo=; b=mtXZq2sE4FBQdc1UXWYdMiQxAZc5GrmTxUHJOtEIm7z2UshZlPU7P3A+uvwd9rYdIgtWA2 b/m7x7wI/fMrgVPSA9M+m6wVnOkRGUoaA1DusLC9gb36/k0+UP7sCxDezWthNjkZtjc9d7 g3qeFdGA1CBy+03UOtFbEieCzgANDIs= Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=YfnsrSjA; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf11.hostedemail.com: domain of peterx@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=peterx@redhat.com X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: B9CBF4000A X-Stat-Signature: dw9rwwa8s4tc4rfrg3gj6c3dii7qkhxy X-Rspam-User: X-HE-Tag: 1656596979-562262 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Jun 29, 2022 at 06:53:30PM -0700, John Hubbard wrote: > On 6/29/22 08:47, Peter Xu wrote: > > > It looks like part of this comment is trying to document a pre-existing > > > concept, which is that faultin_page() only ever sets FAULT_FLAG_KILLABLE > > > if locked != NULL. > > > > I'd say that's not what I wanted to comment.. I wanted to express that > > INTERRUPTIBLE should rely on KILLABLE, that's also why I put the comment to > > be after KILLABLE, not before. IMHO it makes sense already to have > > "interruptible" only if "killable", no matter what's the pre-requisite for > > KILLABLE (in this case it's having "locked" being non-null). > > > > OK, I think I finally understand both the intention of the comment, > and (thanks to your notes, below) the interaction between *locked and > _RETRY, _KILLABLE, and _INTERRUPTIBLE. Really appreciate your leading > me by the nose through that. The pre-existing code is abusing *locked > a bit, by treating it as a flag when really it is a side effect of > flags, but at least now that's clear to me. I agree, alternatively we could have some other FOLL_ flags to represent "locked != NULL" and do sanity check to make sure when the flag is there locked is always set correctly. Current code is a more "dense" way to do this, even though it could be slightly harder to follow. > > Anyway...this leads to finally getting into the comment, which I now > think is not quite what we want: there is no need for a hierarchy of > "_INTERRUPTIBLE should depend upon _KILLABLE". That is: even though an > application allows a fatal signal to get through, it's not clear to me > that that implies that non-fatal signal handling should be prevented. > > The code is only vaguely enforcing such a thing, because it just so > happens that both cases require the same basic prerequisites. So the > code looks good, but I don't see a need to claim a hierarchy in the > comments. > > So I'd either delete the comment entirely, or go with something that is > doesn't try to talk about hierarchy nor locked/retry either. Does this > look reasonable to you: > > > /* > * FAULT_FLAG_INTERRUPTIBLE is opt-in: kernel callers must set > * FOLL_INTERRUPTIBLE. That's because some callers may not be > * prepared to handle early exits caused by non-fatal signals. > */ > > ? Looks good to me, I'd tune a bit to make it less ambiguous on a few places: /* * FAULT_FLAG_INTERRUPTIBLE is opt-in. GUP callers must set * FOLL_INTERRUPTIBLE to enable FAULT_FLAG_INTERRUPTIBLE. * That's because some callers may not be prepared to * handle early exits caused by non-fatal signals. */ Would that be okay to you? > > > > The problem I am (personally) having is that I don't yet understand why > > > or how those are connected: what is it about having locked non-NULL that > > > means the process is killable? (Can you explain why that is?) > > > > Firstly RETRY_KILLABLE relies on ALLOW_RETRY, because if we don't allow > > retry at all it means we'll never wait in handle_mm_fault() anyway, then no > > need to worry on being interrupted by any kind of signal (fatal or not). > > > > Then if we allow retry, we need some way to know "whether mmap_sem is > > released or not" during the process for the caller (because the caller > > cannot see VM_FAULT_RETRY). That's why we added "locked" parameter, so > > that we can set *locked=false to tell the caller we have released mmap_sem. > > > > I think that's why we have "locked" defined as "we allow this page fault > > request to retry and wait, during wait we can always allow fatal signals". > > I think that's defined throughout the gup call interfaces too, and > > faultin_page() is the last step to talk to handle_mm_fault(). > > > > To make this whole picture complete, NOWAIT is another thing that relies on > > ALLOW_RETRY but just to tell "oh please never release the mmap_sem at all". > > For example, when we want to make sure no vma will be released after > > faultin_page() returned. > > > > Again, thanks for taking the time to explain that for me. :) My thanks for reviewing! > > > > > > > If that were clear, I think I could suggest a good comment wording. > > > > IMHO it's a little bit weird to explain "locked" here, especially after > > KILLABLE is set, that's why I didn't try to mention "locked" in my 2nd > > attempt. There are some comments for "locked" above the definition of > > faultin_page(), I think that'll be a nicer place to enrich explanations for > > "locked", and it seems even more suitable as a separate patch? > > > > Totally agreed. I didn't intend to ask for that kind of documentation > here. > > For that, I'm thinking a combination of cleaning up *locked a little > bit, plus maybe some higher level notes like what you wrote above, added > to either pin_user_pages.rst or a new get_user_pages.rst or some .rst > anyway. Definitely a separately thing. Sounds good. Thanks, -- Peter Xu