From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2E8FAE6B240 for ; Fri, 1 Nov 2024 11:11:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9C31B6B007B; Fri, 1 Nov 2024 07:11:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 971E76B0082; Fri, 1 Nov 2024 07:11:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8393F6B0083; Fri, 1 Nov 2024 07:11:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 6569C6B007B for ; Fri, 1 Nov 2024 07:11:51 -0400 (EDT) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id E3FE4121685 for ; Fri, 1 Nov 2024 11:11:50 +0000 (UTC) X-FDA: 82737260046.27.E35A187 Received: from szxga03-in.huawei.com (szxga03-in.huawei.com [45.249.212.189]) by imf21.hostedemail.com (Postfix) with ESMTP id 7218A1C0020 for ; Fri, 1 Nov 2024 11:10:54 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf21.hostedemail.com: domain of linyunsheng@huawei.com designates 45.249.212.189 as permitted sender) smtp.mailfrom=linyunsheng@huawei.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1730459346; a=rsa-sha256; cv=none; b=6uSIRvOsxFVCyVllH5l90lswnHv4d0LuSmpMX4DuWZbn1C0H77SMW5qh6/zgmfLHhDSBuy zdkPHmmwDZe4tv7eKNLcgBexVkKX6s75StI9bbrr2sFLKXcSNzlcrzfu3mbk7ErBLqY0X6 vkigPdRGxEQKdzon48Bd2rvN+BYCG1I= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=huawei.com; spf=pass (imf21.hostedemail.com: domain of linyunsheng@huawei.com designates 45.249.212.189 as permitted sender) smtp.mailfrom=linyunsheng@huawei.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1730459346; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=X/yp0RIU1tfH+FH4g/fle3CCxq9U8T1Pl8zow6JWPd4=; b=7A5KJ/LpzwbjDgftwl4vNOhNnthBVj1r5gWRVCAhivuRy6WOOcRF/e+trjU5yW5pUB8fmB yERFBF7mz38rVHKg661ES9UqxRRdN8dS7LH0lG+h9lehtSVFLx2t5O346uG5VgdxFWq2Fl aGxuwp2kWoaq1Y3Lt9IDM5u/FHhhiZo= Received: from mail.maildlp.com (unknown [172.19.163.174]) by szxga03-in.huawei.com (SkyGuard) with ESMTP id 4XfypB0z8QzQsQH; Fri, 1 Nov 2024 19:10:42 +0800 (CST) Received: from dggpemf200006.china.huawei.com (unknown [7.185.36.61]) by mail.maildlp.com (Postfix) with ESMTPS id DC89E140337; Fri, 1 Nov 2024 19:11:43 +0800 (CST) Received: from [10.67.120.129] (10.67.120.129) by dggpemf200006.china.huawei.com (7.185.36.61) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.11; Fri, 1 Nov 2024 19:11:43 +0800 Message-ID: Date: Fri, 1 Nov 2024 19:11:43 +0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH net-next v3 3/3] page_pool: fix IOMMU crash when driver has already unbound To: =?UTF-8?Q?Toke_H=C3=B8iland-J=C3=B8rgensen?= , Jesper Dangaard Brouer , , , CC: , , , Robin Murphy , Alexander Duyck , IOMMU , Andrew Morton , Eric Dumazet , Ilias Apalodimas , , , , kernel-team References: <20241022032214.3915232-1-linyunsheng@huawei.com> <20241022032214.3915232-4-linyunsheng@huawei.com> <113c9835-f170-46cf-92ba-df4ca5dfab3d@huawei.com> <878qudftsn.fsf@toke.dk> <87r084e8lc.fsf@toke.dk> <878qu7c8om.fsf@toke.dk> <1eac33ae-e8e1-4437-9403-57291ba4ced6@huawei.com> <87o731by64.fsf@toke.dk> <023fdee7-dbd4-4e78-b911-a7136ff81343@huawei.com> <874j4sb60w.fsf@toke.dk> Content-Language: en-US From: Yunsheng Lin In-Reply-To: <874j4sb60w.fsf@toke.dk> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [10.67.120.129] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To dggpemf200006.china.huawei.com (7.185.36.61) X-Stat-Signature: ztot6jkitysbdj4nnqkdpkjdjn9q13ee X-Rspamd-Queue-Id: 7218A1C0020 X-Rspamd-Server: rspam08 X-Rspam-User: X-HE-Tag: 1730459454-736704 X-HE-Meta: U2FsdGVkX1+JNlQFD7lp2uIurX8OQtQ8VXs5tudiqRtZ+RQLkDl5B11z6EyfEwWnLVYpyyCoWgGBHB9oFCbwY0PqRxyKGZOZ5LOAlS0cyMNuxsFiDGyQdFREnjbDjiLLItky6/dkIGpV6VHW49qard/NflP9TEVYBZZOHaIIqQZJiyLHSeaD4PKo/oxXXva0/B7dqiyAn5JTwI2WM1RMir2SvSbjS8+JaQIKxEgehdnDLzDFaQQ+MMHHaAhWjhTKlhThwYrxklC/egeglhcD2py4mBxztcq107t1Dr8uymGaIPSTuP+haz+pg+bVjmQLqEPrXMO7Mn/qVp4Mff7gxK8gLH1gS/XUHfP8cbmBUdJ0E76dlxVG6pVR7hYEjkM5Hgx2Fh8isckA8upQL9cmQGswG2q7ZHdckDdtwGPKsgeTaWjIbRNAhAmoZMOeidHQfkQ3i8fA0kXUz0pZ/OGR5rB15AAWEAhY4mj958yoXg8gsQ5ikyiAkGyju8qW27VivPtGGhep6Nw6NjGwlS6VzVTqkxb3EWc8nOQOe3Il9eE/UlT6ndU57t/t90+34Q/2/4F5ycHm6f3nUOVmLEIaejB/qvM0ChvxrQN2tzziRSLQXS26mbWpGaC6PsZYhZW7ZCSnjS9KV4EUIAyICdAXhWjxRmMZFKmhp0nEh4nkKFrAGO/SWVpH7OJQ5AcSpMWf8qPC8zt/PEd3BKu4a2dNcuhgxLrgWsmCUmWnVp5ET4KmFI/qv0Vx2YErX9mq4YqJnCTeqym7Pdx20qiYjyo69a4HN6juwAHgspjQZmKdAVtXJJ3fdfAj2INS6mxxQaxgxO1aqc0CE8obBEkSSOHFiY2bVoujPqwnjy5ptKdTxEXCHkRtO5iF/ljftbImy80zog2MO06IbvH0Yc8+H/fk++xefIPa6yu5OIGEnq3ULxaF39Oa88D4s9Q1spAw5HOfpE12RB00m2J7Q9ZspS6 F9ogm+gW UnBgikmMWhHANo1Dobg4j4qWEIn4OZ1omi0nmVeJYYDez3u0vVBRGDlorPtFLPFpcp4sjr//aXOBmj0TlUpwz7LsWZ/oP0nbsqNiOVSiz1rR8JiGkquEicqWmLr8Lwju61lZv+McX8tZRK+5/1GBnMcyx/meMnrcm28ed7RqHRtGEBmaa0zimQ9m65vZGvKSZSS4uN2GZcfYs8PlwyNQPc/zPi/PZkVnRkCIe6qJ1eUJX5tg2GG6wYIQL7LmWWtX7L5rXcOZx81oy+VLlGT2hrEZ8ZhmW3Jl/BNUSt+FhGOWIUBYUjg5LLvWB76EKLu6CQRQ9 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 2024/11/1 0:18, Toke Høiland-Jørgensen wrote: ... >>> >>> Eliding the details above, but yeah, you're right, there are probably >>> some pernicious details to get right if we want to flush all caches. S >>> I wouldn't do that to start with. Instead, just add the waiting to start >>> with, then wait and see if this actually turns out to be a problem in >>> practice. And if it is, identify the source of that problem, deal with >>> it, rinse and repeat :) >> >> I am not sure if I have mentioned to you that jakub had a RFC for the waiting, >> see [1]. And Yonglong Cc'ed had tested it, the waiting caused the driver unload >> stalling forever and some task hung, see [2]. >> >> The root cause for the above case is skb_defer_free_flush() not being called >> as mentioned before. > > Well, let's fix that, then! We already logic to flush backlogs when a > netdevice is going away, so AFAICT all that's needed is to add the Is there a possiblity that the page_pool owned page might be still handled/cached in somewhere of networking if netif_rx_internal() is already called for the corresponding skb and skb_attempt_defer_free() is called after skb_defer_free_flush() added in below patch is called? Maybe add a timeout thing like timer to call kick_defer_list_purge() if you treat 'outstanding forever' as leaked? I actually thought about this, but had not found out an elegant way to add the timeout. > skb_defer_free_flush() to that logic. Totally untested patch below, that > we should maybe consider applying in any case. I am not sure about that as the above mentioned timing window, but it does seem we might need to do something similar in dev_cpu_dead(). > >> I am not sure if I understand the reasoning behind the above suggestion to 'wait >> and see if this actually turns out to be a problem' when we already know that there >> are some cases which need cache kicking/flushing for the waiting to work and those >> kicking/flushing may not be easy and may take indefinite time too, not to mention >> there might be other cases that need kicking/flushing that we don't know yet. >> >> Is there any reason not to consider recording the inflight pages so that unmapping >> can be done for inflight pages before driver unbound supposing dynamic number of >> inflight pages can be supported? >> >> IOW, Is there any reason you and jesper taking it as axiomatic that recording the >> inflight pages is bad supposing the inflight pages can be unlimited and recording >> can be done with least performance overhead? > > Well, page pool is a memory allocator, and it already has a mechanism to > handle returning of memory to it. You're proposing to add a second, > orthogonal, mechanism to do this, one that adds both overhead and I would call it as a replacement/improvement for the old one instead of 'a second, orthogonal' as the old one doesn't really exist after this patch. > complexity, yet doesn't handle all cases (cf your comment about devmem). I am not sure if unmapping only need to be done using its own version DMA API for devmem yet, but it seems waiting might also need to use its own version of kicking/flushing for devmem as devmem might be held from the user space? > > And even if it did handle all cases, force-releasing pages in this way > really feels like it's just papering over the issue. If there are pages > being leaked (or that are outstanding forever, which basically amounts > to the same thing), that is something we should be fixing the root cause > of, not just working around it like this series does. If there is a definite time for waiting, I am probably agreed with the above. >From the previous discussion, it seems the time to do the kicking/flushing would be indefinite depending how much cache to be scaned/flushed. For the 'papering over' part, it seems it is about if we want to paper over different kicking/flushing or paper over unmapping using different DMA API. Also page_pool is not really a allocator, instead it is more like a pool based on different allocator, such as buddy allocator or devmem allocator. I am not sure it makes much to do the flushing when page_pool_destroy() is called if the buddy allocator behind the page_pool is not under memory pressure yet. For the 'leaked' part mentioned above, I am agreed that it should be fixed if we have a clear and unified definition of 'leaked', for example, is it allowed to keep the cache outstanding forever if the allocator is not under memory pressure and not ask for the releasing of its memory? Doesn't it make more sense to use something like shrinker_register() mechanism to decide whether to do the flushing? IOW, maybe it makes more sense that the allocator behind the page_pool should be deciding whether to do the kicking/flushing, and maybe page_pool should also use the shrinker_register() mechanism to empty its cache when necessary instead of deciding whether to do the kicking/flushing. So I am not even sure if it is appropriate to do the cache kicking/flushing during waiting, not to mention the indefinite time to do the kicking/flushing. > > -Toke > > > Patch to flush the deferred free list when taking down a netdevice; > compile-tested only: As mentioned above, doesn't it have the time window below? CPU 0 CPU1 unregister_netdev() . . . flush_all_backlogs() . . . . skb_attempt_defer_free() . . . . . . . .