Re: [PATCH v17 13/18] drm/shmem-helper: Add memory shrinker

[Boris Brezillon]

On Tue, 26 Sep 2023 03:30:35 +0300
Dmitry Osipenko <dmitry.osipenko@xxxxxxxxxxxxx> wrote:

> On 9/15/23 11:46, Boris Brezillon wrote:
> > The naming becomes quite confusing, with drm_gem_shmem_unpin_locked()
> > and drm_gem_shmem_unpin_pages_locked(). By the look of it, it seems to
> > do exactly the opposite of drm_gem_shmem_swapin_locked(), except for
> > the missing ->evicted = true, which we can move here anyway, given
> > drm_gem_shmem_purge_locked() explicitly set it to false anyway. The
> > other thing that's missing is the
> > drm_gem_shmem_update_pages_state_locked(), but it can also be moved
> > there I think, if the the ->madv update happens before the
> > drm_gem_shmem_unpin_pages_locked() call in
> > drm_gem_shmem_purge_locked().
> > 
> > So, how about renaming this function drm_gem_shmem_swapout_locked()?  
> 
> The swapout name would be misleading to me because pages aren't moved to
> swap, but allowed to be moved. I'll rename it to
> drm_gem_shmem_shrinker_unpin_locked().

If you go this way, I would argue that drm_gem_shmem_swapin_locked() is
just as incorrect as drm_gem_shmem_swapout_locked(), in that
drm_gem_get_pages() might just return pages that were flagged
reclaimable but never reclaimed/swapped-out. I do think that having
some symmetry in the naming makes more sense than being 100% accurate.

> 
> >>  {
> >>  	struct drm_gem_object *obj = &shmem->base;
> >>  	struct drm_device *dev = obj->dev;
> >>  
> >>  	dma_resv_assert_held(shmem->base.resv);
> >>  
> >> -	drm_WARN_ON(obj->dev, !drm_gem_shmem_is_purgeable(shmem));
> >> +	if (shmem->evicted)
> >> +		return;
> >>  
> >>  	dma_unmap_sgtable(dev->dev, shmem->sgt, DMA_BIDIRECTIONAL, 0);  
> > Are we sure we'll always have sgt != NULL? IIRC, if the GEM is only
> > mmap-ed in userspace, get_sgt() is not necessarily called by the driver
> > (needed to map in GPU space), and we have a potential NULL deref here.
> > Maybe that changed at some point in the series, and sgt is
> > unconditionally populated when get_pages() is called now.  
> 
> The sgt is always set in this function because it's part of shrinker and
> shrinker doesn't touch GEMs without sgt.

Okay, that's questionable. Why would we not want to reclaim BOs that
are only mapped in userspace (sgt == NULL && pages_use_count > 0 &&
pages_pin_count == 0)? I agree that creating such a BO would be
pointless (why create a buffer through DRM if it's not passed to the
GPU), but that's still something the API allows...

> 
> >> +	__drm_gem_shmem_release_pages(shmem);  
> > Make sure you drop the implicit pages_use_count ref the sgt had, this
> > way you can still tie the necessity to drop the pages to sgt != NULL in
> > drm_gem_shmem_free().  
> 
> This will require further refcnt re-initialization when pages are
> restored if it's dropped to zero. I don't see how this will improve
> anything.

Sorry to disagree, but I do think it matters to have a clear ownership
model, and if I look at the code (drm_gem_shmem_get_pages_sgt_locked()),
the sgt clearly owns a reference to the pages it points to.