diff mbox series

[v15,02/23] drm/shmem-helper: Use flag for tracking page count bumped by get_pages_sgt()

Message ID 20230827175449.1766701-3-dmitry.osipenko@collabora.com (mailing list archive)
State New, archived
Headers show
Series Add generic memory shrinker to VirtIO-GPU and Panfrost DRM drivers | expand

Commit Message

Dmitry Osipenko Aug. 27, 2023, 5:54 p.m. UTC 
Use separate flag for tracking page count bumped by shmem->sgt to avoid
imbalanced page counter during of drm_gem_shmem_free() time. It's fragile
to assume that populated shmem->pages at a freeing time means that the
count was bumped by drm_gem_shmem_get_pages_sgt(), using a flag removes
the ambiguity.

Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
---
 drivers/gpu/drm/drm_gem_shmem_helper.c | 3 ++-
 drivers/gpu/drm/lima/lima_gem.c        | 1 +
 include/drm/drm_gem_shmem_helper.h     | 7 +++++++
 3 files changed, 10 insertions(+), 1 deletion(-)

Comments

Boris Brezillon Aug. 28, 2023, 10:55 a.m. UTC | #1 
On Sun, 27 Aug 2023 20:54:28 +0300
Dmitry Osipenko <dmitry.osipenko@collabora.com> wrote:

> Use separate flag for tracking page count bumped by shmem->sgt to avoid
> imbalanced page counter during of drm_gem_shmem_free() time. It's fragile
> to assume that populated shmem->pages at a freeing time means that the
> count was bumped by drm_gem_shmem_get_pages_sgt(), using a flag removes
> the ambiguity.
> 
> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
> ---
>  drivers/gpu/drm/drm_gem_shmem_helper.c | 3 ++-
>  drivers/gpu/drm/lima/lima_gem.c        | 1 +
>  include/drm/drm_gem_shmem_helper.h     | 7 +++++++
>  3 files changed, 10 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/gpu/drm/drm_gem_shmem_helper.c b/drivers/gpu/drm/drm_gem_shmem_helper.c
> index 78d9cf2355a5..db20b9123891 100644
> --- a/drivers/gpu/drm/drm_gem_shmem_helper.c
> +++ b/drivers/gpu/drm/drm_gem_shmem_helper.c
> @@ -152,7 +152,7 @@ void drm_gem_shmem_free(struct drm_gem_shmem_object *shmem)
>  			sg_free_table(shmem->sgt);
>  			kfree(shmem->sgt);
>  		}
> -		if (shmem->pages)
> +		if (shmem->got_sgt)
>  			drm_gem_shmem_put_pages(shmem);

Can't we just move this drm_gem_shmem_put_pages() call in the
if (shmem->sgt) block?

>  
>  		drm_WARN_ON(obj->dev, shmem->pages_use_count);
> @@ -687,6 +687,7 @@ static struct sg_table *drm_gem_shmem_get_pages_sgt_locked(struct drm_gem_shmem_
>  	if (ret)
>  		goto err_free_sgt;
>  
> +	shmem->got_sgt = true;
>  	shmem->sgt = sgt;
>  
>  	return sgt;
> diff --git a/drivers/gpu/drm/lima/lima_gem.c b/drivers/gpu/drm/lima/lima_gem.c
> index 4f9736e5f929..28602302c281 100644
> --- a/drivers/gpu/drm/lima/lima_gem.c
> +++ b/drivers/gpu/drm/lima/lima_gem.c
> @@ -89,6 +89,7 @@ int lima_heap_alloc(struct lima_bo *bo, struct lima_vm *vm)
>  	}
>  
>  	*bo->base.sgt = sgt;
> +	bo->base.got_sgt = true;
>  
>  	if (vm) {
>  		ret = lima_vm_map_bo(vm, bo, old_size >> PAGE_SHIFT);
> diff --git a/include/drm/drm_gem_shmem_helper.h b/include/drm/drm_gem_shmem_helper.h
> index ec70a98a8fe1..f87124629bb5 100644
> --- a/include/drm/drm_gem_shmem_helper.h
> +++ b/include/drm/drm_gem_shmem_helper.h
> @@ -73,6 +73,13 @@ struct drm_gem_shmem_object {
>  	 */
>  	unsigned int vmap_use_count;
>  
> +	/**
> +	 * @got_sgt:
> +	 *
> +	 * True if SG table was retrieved using drm_gem_shmem_get_pages_sgt()
> +	 */
> +	bool got_sgt : 1;
> +
>  	/**
>  	 * @imported_sgt:
>  	 *
Dmitry Osipenko Sept. 2, 2023, 6:28 p.m. UTC | #2 
On 8/28/23 13:55, Boris Brezillon wrote:
> On Sun, 27 Aug 2023 20:54:28 +0300
> Dmitry Osipenko <dmitry.osipenko@collabora.com> wrote:
> 
>> Use separate flag for tracking page count bumped by shmem->sgt to avoid
>> imbalanced page counter during of drm_gem_shmem_free() time. It's fragile
>> to assume that populated shmem->pages at a freeing time means that the
>> count was bumped by drm_gem_shmem_get_pages_sgt(), using a flag removes
>> the ambiguity.
>>
>> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
>> ---
>>  drivers/gpu/drm/drm_gem_shmem_helper.c | 3 ++-
>>  drivers/gpu/drm/lima/lima_gem.c        | 1 +
>>  include/drm/drm_gem_shmem_helper.h     | 7 +++++++
>>  3 files changed, 10 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/gpu/drm/drm_gem_shmem_helper.c b/drivers/gpu/drm/drm_gem_shmem_helper.c
>> index 78d9cf2355a5..db20b9123891 100644
>> --- a/drivers/gpu/drm/drm_gem_shmem_helper.c
>> +++ b/drivers/gpu/drm/drm_gem_shmem_helper.c
>> @@ -152,7 +152,7 @@ void drm_gem_shmem_free(struct drm_gem_shmem_object *shmem)
>>  			sg_free_table(shmem->sgt);
>>  			kfree(shmem->sgt);
>>  		}
>> -		if (shmem->pages)
>> +		if (shmem->got_sgt)
>>  			drm_gem_shmem_put_pages(shmem);
> 
> Can't we just move this drm_gem_shmem_put_pages() call in the
> if (shmem->sgt) block?

As you've seen in patch #1, the shmem->sgt may belong to imported dmabuf
and pages aren't referenced in this case.

I agree that the freeing code is confusing. The flags make it a better,
not ideal. Though, the flags+comments solution is good enough to me.
Please let me know if you have more suggestions, otherwise I'll add
comment to the code and keep this patch for v16.

BTW, I realized that the new flag wasn't placed properly in the Lima
driver, causing unbalanced page count in the error path. Will correct it
in v16.
Boris Brezillon Sept. 4, 2023, 7:52 a.m. UTC | #3 
On Sat, 2 Sep 2023 21:28:21 +0300
Dmitry Osipenko <dmitry.osipenko@collabora.com> wrote:

> On 8/28/23 13:55, Boris Brezillon wrote:
> > On Sun, 27 Aug 2023 20:54:28 +0300
> > Dmitry Osipenko <dmitry.osipenko@collabora.com> wrote:
> >   
> >> Use separate flag for tracking page count bumped by shmem->sgt to avoid
> >> imbalanced page counter during of drm_gem_shmem_free() time. It's fragile
> >> to assume that populated shmem->pages at a freeing time means that the
> >> count was bumped by drm_gem_shmem_get_pages_sgt(), using a flag removes
> >> the ambiguity.
> >>
> >> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
> >> ---
> >>  drivers/gpu/drm/drm_gem_shmem_helper.c | 3 ++-
> >>  drivers/gpu/drm/lima/lima_gem.c        | 1 +
> >>  include/drm/drm_gem_shmem_helper.h     | 7 +++++++
> >>  3 files changed, 10 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/drivers/gpu/drm/drm_gem_shmem_helper.c b/drivers/gpu/drm/drm_gem_shmem_helper.c
> >> index 78d9cf2355a5..db20b9123891 100644
> >> --- a/drivers/gpu/drm/drm_gem_shmem_helper.c
> >> +++ b/drivers/gpu/drm/drm_gem_shmem_helper.c
> >> @@ -152,7 +152,7 @@ void drm_gem_shmem_free(struct drm_gem_shmem_object *shmem)
> >>  			sg_free_table(shmem->sgt);
> >>  			kfree(shmem->sgt);
> >>  		}
> >> -		if (shmem->pages)
> >> +		if (shmem->got_sgt)
> >>  			drm_gem_shmem_put_pages(shmem);  
> > 
> > Can't we just move this drm_gem_shmem_put_pages() call in the
> > if (shmem->sgt) block?  
> 
> As you've seen in patch #1, the shmem->sgt may belong to imported dmabuf
> and pages aren't referenced in this case.

Unless I'm wrong, you're already in the if (!import_attach) branch
here, so shmem->sgt should not be a dmabuf sgt.

> 
> I agree that the freeing code is confusing. The flags make it a better,
> not ideal. Though, the flags+comments solution is good enough to me.

But what's the point of adding a flag when you can just do an
if (!shmem->import_attach && shmem->sgt) check. At best, it just
confuses people as to what these fields mean/are used for (especially
when the field has such a generic name, when what you want is actually
something like ->got_sgt_for_non_imported_object). But the most
problematic aspect is that it adds fields to maintain, and those might
end up being inconsistent with the object state because
new/driver-specific code forgot to update them.

> Please let me know if you have more suggestions, otherwise I'll add
> comment to the code and keep this patch for v16.

I'd definitely prefer adding the following helper

static bool has_implicit_pages_ref(struct drm_gem_shmem_object *shmem)
{
	return !shmem->import_attach && shmem->sgt;
}

which provides the same logic without adding a new field/flag.

> 
> BTW, I realized that the new flag wasn't placed properly in the Lima
> driver, causing unbalanced page count in the error path. Will correct it
> in v16.

See, that's the sort of subtle bugs I'm talking about. If the state is
inferred from other fields that can't happen.
diff mbox series

Patch

diff --git a/drivers/gpu/drm/drm_gem_shmem_helper.c b/drivers/gpu/drm/drm_gem_shmem_helper.c
index 78d9cf2355a5..db20b9123891 100644
--- a/drivers/gpu/drm/drm_gem_shmem_helper.c
+++ b/drivers/gpu/drm/drm_gem_shmem_helper.c
@@ -152,7 +152,7 @@  void drm_gem_shmem_free(struct drm_gem_shmem_object *shmem)
 			sg_free_table(shmem->sgt);
 			kfree(shmem->sgt);
 		}
-		if (shmem->pages)
+		if (shmem->got_sgt)
 			drm_gem_shmem_put_pages(shmem);
 
 		drm_WARN_ON(obj->dev, shmem->pages_use_count);
@@ -687,6 +687,7 @@  static struct sg_table *drm_gem_shmem_get_pages_sgt_locked(struct drm_gem_shmem_
 	if (ret)
 		goto err_free_sgt;
 
+	shmem->got_sgt = true;
 	shmem->sgt = sgt;
 
 	return sgt;
diff --git a/drivers/gpu/drm/lima/lima_gem.c b/drivers/gpu/drm/lima/lima_gem.c
index 4f9736e5f929..28602302c281 100644
--- a/drivers/gpu/drm/lima/lima_gem.c
+++ b/drivers/gpu/drm/lima/lima_gem.c
@@ -89,6 +89,7 @@  int lima_heap_alloc(struct lima_bo *bo, struct lima_vm *vm)
 	}
 
 	*bo->base.sgt = sgt;
+	bo->base.got_sgt = true;
 
 	if (vm) {
 		ret = lima_vm_map_bo(vm, bo, old_size >> PAGE_SHIFT);
diff --git a/include/drm/drm_gem_shmem_helper.h b/include/drm/drm_gem_shmem_helper.h
index ec70a98a8fe1..f87124629bb5 100644
--- a/include/drm/drm_gem_shmem_helper.h
+++ b/include/drm/drm_gem_shmem_helper.h
@@ -73,6 +73,13 @@  struct drm_gem_shmem_object {
 	 */
 	unsigned int vmap_use_count;
 
+	/**
+	 * @got_sgt:
+	 *
+	 * True if SG table was retrieved using drm_gem_shmem_get_pages_sgt()
+	 */
+	bool got_sgt : 1;
+
 	/**
 	 * @imported_sgt:
 	 *