From: "Huang, Ying" <ying.huang@linux.alibaba.com>
To: Chelsy Ratnawat <chelsyratnawat2001@gmail.com>,
Joshua Hahn <joshua.hahnjy@gmail.com>
Cc: akpm@linux-foundation.org, david@redhat.com, ziy@nvidia.com,
rakie.kim@sk.com, byungchul@sk.com, apopple@nvidia.com,
linux-mm@kvack.org
Subject: Re: [PATCH] mm/mempolicy: prevent the risk of division by 0
Date: Mon, 08 Sep 2025 11:48:52 +0800 [thread overview]
Message-ID: <87ldmpwqmz.fsf@DESKTOP-5N7EMDA> (raw)
In-Reply-To: <20250907235332.931050-1-joshua.hahnjy@gmail.com> (Joshua Hahn's message of "Sun, 7 Sep 2025 16:53:31 -0700")
Joshua Hahn <joshua.hahnjy@gmail.com> writes:
> On Sun, 7 Sep 2025 09:08:29 -0700 Chelsy Ratnawat <chelsyratnawat2001@gmail.com> wrote:
>
>> If no bits are set in the policy's node mask, then nodes will be 0.
>> This patch adds a check if nodes == 0 before dividing.
>
> Hello Chelsy,
>
> Thank you for the patch! I will start off by saying that it probably does not
> hurt to add a check like this. With that said, I think it's best if we clarify:
>
> (1) Have we seen this happen before?
> (2) Should we add a Fixes tag?
> (3) Do we expect to hit the nodes == 0 case, or is this just to be safe?
> (4) If so, should we do more than just return 0 (i.e. WARN_ON?)
>
> From what I can tell, I think it should not be possible for the policy to be
> interleave, and the nodes to be null. If we look at mpol_new, there is an
> explicit call to nodes_empty that checks if the nodes are empty, and returns
> an error if that is the case (of course, excluding MPOL_DEFAULT, which actually
> throws an error if the nodes are not empty).
>
> After all, it doesn't really make semantic sense to allow interleaving across
> 0 nodes ; -)
>
> But as always, it is very possible that I am missing something that you are
> seeing : -) Please feel free to correct me if you believe that is the case.
>
> With all of this said, I do agree that it's a bit scary to do a div0, even if
> I am confident that the value shouldn't be zero. I don't have any strong
> feelings about adding redundant checks, so I will let other mempolicy reviewers
> chime in with thier opinions. One thing I do feel strongly though, is that if
> we are to move forward in the patch, some explicit clarification that we
> have/have not seen it happen before, and a WARN_ON would make sense.
IIUC, the patch is to catch the bug during kernel development. And, if
an exception can be generated for dividing by 0, it can be used to catch
the bug already. If so, IMHO, the patch appears unnecessary.
[snip]
---
Best Regards,
Huang, Ying
next prev parent reply other threads:[~2025-09-08 3:49 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-07 16:08 Chelsy Ratnawat
2025-09-07 23:53 ` Joshua Hahn
2025-09-08 3:48 ` Huang, Ying [this message]
2025-09-08 7:50 ` David Hildenbrand
2025-09-08 18:12 ` Gregory Price
2025-09-08 21:25 ` Gregory Price
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ldmpwqmz.fsf@DESKTOP-5N7EMDA \
--to=ying.huang@linux.alibaba.com \
--cc=akpm@linux-foundation.org \
--cc=apopple@nvidia.com \
--cc=byungchul@sk.com \
--cc=chelsyratnawat2001@gmail.com \
--cc=david@redhat.com \
--cc=joshua.hahnjy@gmail.com \
--cc=linux-mm@kvack.org \
--cc=rakie.kim@sk.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox