Re: [PATCH v3 3/3] iova: defer maple tree erase on GFP_ATOMIC failure
From: Jason Gunthorpe
Date: Fri Jun 12 2026 - 14:03:15 EST
On Fri, Jun 12, 2026 at 01:23:58PM -0400, Rik van Riel wrote:
> On Fri, 2026-06-12 at 13:48 -0300, Jason Gunthorpe wrote:
> > On Fri, Jun 12, 2026 at 12:02:55PM -0400, Rik van Riel wrote:
> > >
> > > The mas_erase() function calls mas_nomem(mas, GFP_KERNEL),
> > > which is not safe to call while holding a spinlock.
> >
> > Oh, the kdoc doesn't say that, it doesn't return any error code if it
> > can't allocate memory, and not a single caller checks for erase
> > failures.
> >
> > I assumed internally it "somehow worked out" even though there are
> > allocations in the callchains..
> >
> > This is probably a better question for Liam? Can mtree_erase actually
> > fail ENOMEM? Is it safe to call it in an atomic context?
>
> Yes, it can fail.
Currently it never returns a failure to the caller. Look at mas_erase():
entry = mas_state_walk(mas);
if (!entry)
return NULL;
[..]
if (mas_is_err(mas))
goto out;
[..]
out:
mas_destroy(mas);
return entry;
There is no propogation of ENOMEM, it returns success. No caller
checks for any error here either.
So I think the intention is that it cannot fail, yet it does have the
memory allocations and busted failure path. Hence asking Liam what it
should be, and what about an atomic context.
Perhaps this might be relying on the modern kernels "small allocations
never fail", meaning mas_erase never fails, but then you can't
call it from an atomic context..
In any case, it does look like you can't use mas_erase from an atomic
context anyhow so your prior option with the mas_store_gfp() and
failure handling seems reasonable.
Jason