Re: [PATCH v3 3/3] iova: defer maple tree erase on GFP_ATOMIC failure
From: Rik van Riel
Date: Fri Jun 12 2026 - 13:24:36 EST
On Fri, 2026-06-12 at 13:48 -0300, Jason Gunthorpe wrote:
> On Fri, Jun 12, 2026 at 12:02:55PM -0400, Rik van Riel wrote:
> >
> > The mas_erase() function calls mas_nomem(mas, GFP_KERNEL),
> > which is not safe to call while holding a spinlock.
>
> Oh, the kdoc doesn't say that, it doesn't return any error code if it
> can't allocate memory, and not a single caller checks for erase
> failures.
>
> I assumed internally it "somehow worked out" even though there are
> allocations in the callchains..
>
> This is probably a better question for Liam? Can mtree_erase actually
> fail ENOMEM? Is it safe to call it in an atomic context?
Yes, it can fail.
When it does, __free_iova and friends fall back to
asynchronously freeing the iova from a worker.
If we are ok with always asynchronously freeing
iovas, we might be able to simplify the code by
always going through that helper.
If there are cases where asynchronously freeing
the iova breaks the system, we cannot use the
maple tree, but need the augmented rbtree, instead.
I do still have a cleaned up version of the augmented
rbtree, if asynchronous freeing is a real concern.
--
All Rights Reversed.