From: Linus Torvalds <torvalds@linux-foundation.org>
To: Dan Carpenter <dan.carpenter@linaro.org>,
Dimitri Sivanich <dimitri.sivanich@hpe.com>,
Arnd Bergmann <arnd@arndb.de>
Cc: linux-mm@kvack.org
Subject: Re: [bug report] mm: avoid leaving partial pfn mappings around in error case
Date: Sun, 15 Sep 2024 15:14:06 +0200 [thread overview]
Message-ID: <CAHk-=wg1Rz5+L0hfhuaK5pbToo-WU1uUGLYRK_g9Nujbky1y9w@mail.gmail.com> (raw)
In-Reply-To: <58a7aebb-6ffe-4909-a7cd-d98063509a57@stanley.mountain>
On Sun, 15 Sept 2024 at 14:05, Dan Carpenter <dan.carpenter@linaro.org> wrote:
>
> Yep. You're right. Smatch doesn't count allocations as sleeping when we pass a
> variable to for the gfp flags and those functions do "get_zeroed_page(gfp)".
> I've been intending for years to handle bitmasks better but I've never
> implemented that code.
That explains it. In this case, the 'variable' gfp values are
basically identical: GFP_PGTABLE_KERNEL and GFP_PGTABLE_USER depending
on which mm they get allocated to, and both are just variations of
GFP_KERNEL (with __GFP_ZERO and a __GFP_ACCOUNT for the user case), so
the exact details of th egfp flags are conditional, but they are
unconditionally sleeping allocations.
But yeah, if smatch doesn't follow that kind of conditional gfp flags,
it explains why smatch thought the odd gru_fault() code used to be ok,
even though it clearly isn't.
I'm not sure why gru_fault does that preempt-disable at all, since the
real locking seems to be that >s->ts_ctxlock mutex, but it has done
it since its initial commit.
And it's been very much wrong since that initial commit, but I suspect
it never triggers in real life because the page tables probably are
already set up.
Probably more importantly, it doesn't trigger in real life because SGI
UV machines with that GRU hardware are probably hard to find.
Anyway, maybe somebody can explain why gru_fault() has that
preempt_disable() in it, but it is very wrong. It always has been, and
the recent change just made smatch notice a new case.
I don't actually see any reason for that preemption disable, and I
suspect it could just be removed. But maybe somebody else who knows
that odd driver can pipe up.. Adding Dimirti and Arnd just in case.
Linus
next prev parent reply other threads:[~2024-09-15 13:14 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-15 10:08 Dan Carpenter
2024-09-15 10:23 ` Linus Torvalds
2024-09-15 12:05 ` Dan Carpenter
2024-09-15 13:14 ` Linus Torvalds [this message]
2024-09-18 21:08 ` Dimitri Sivanich
2024-09-15 12:01 ` Lorenzo Stoakes
2024-09-15 12:09 ` Dan Carpenter
2024-09-15 12:38 ` Lorenzo Stoakes
2024-09-15 13:14 ` Dan Carpenter
2024-09-15 13:26 ` Lorenzo Stoakes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHk-=wg1Rz5+L0hfhuaK5pbToo-WU1uUGLYRK_g9Nujbky1y9w@mail.gmail.com' \
--to=torvalds@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=dan.carpenter@linaro.org \
--cc=dimitri.sivanich@hpe.com \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox