From: Dimitri Sivanich <sivanich@hpe.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Dan Carpenter <dan.carpenter@linaro.org>,
Dimitri Sivanich <dimitri.sivanich@hpe.com>,
Arnd Bergmann <arnd@arndb.de>,
linux-mm@kvack.org
Subject: Re: [bug report] mm: avoid leaving partial pfn mappings around in error case
Date: Wed, 18 Sep 2024 16:08:54 -0500 [thread overview]
Message-ID: <ZutBZknDnHpJ1JxK@hpe.com> (raw)
In-Reply-To: <CAHk-=wg1Rz5+L0hfhuaK5pbToo-WU1uUGLYRK_g9Nujbky1y9w@mail.gmail.com>
On Sun, Sep 15, 2024 at 03:14:06PM +0200, Linus Torvalds wrote:
> On Sun, 15 Sept 2024 at 14:05, Dan Carpenter <dan.carpenter@linaro.org> wrote:
> >
> > Yep. You're right. Smatch doesn't count allocations as sleeping when we pass a
> > variable to for the gfp flags and those functions do "get_zeroed_page(gfp)".
> > I've been intending for years to handle bitmasks better but I've never
> > implemented that code.
>
> That explains it. In this case, the 'variable' gfp values are
> basically identical: GFP_PGTABLE_KERNEL and GFP_PGTABLE_USER depending
> on which mm they get allocated to, and both are just variations of
> GFP_KERNEL (with __GFP_ZERO and a __GFP_ACCOUNT for the user case), so
> the exact details of th egfp flags are conditional, but they are
> unconditionally sleeping allocations.
>
> But yeah, if smatch doesn't follow that kind of conditional gfp flags,
> it explains why smatch thought the odd gru_fault() code used to be ok,
> even though it clearly isn't.
>
> I'm not sure why gru_fault does that preempt-disable at all, since the
> real locking seems to be that >s->ts_ctxlock mutex, but it has done
> it since its initial commit.
>
> And it's been very much wrong since that initial commit, but I suspect
> it never triggers in real life because the page tables probably are
> already set up.
>
> Probably more importantly, it doesn't trigger in real life because SGI
> UV machines with that GRU hardware are probably hard to find.
>
> Anyway, maybe somebody can explain why gru_fault() has that
> preempt_disable() in it, but it is very wrong. It always has been, and
> the recent change just made smatch notice a new case.
>
> I don't actually see any reason for that preemption disable, and I
> suspect it could just be removed. But maybe somebody else who knows
> that odd driver can pipe up.. Adding Dimirti and Arnd just in case.
>
Removing preemption disable from gru_fault, and the rest of the driver, seems
to be OK, and is probably the best way to fix this in light of the other
instance that Dan found in gru_get_cpu_resources.
I will submit a patch to do this.
next prev parent reply other threads:[~2024-09-18 21:09 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-15 10:08 Dan Carpenter
2024-09-15 10:23 ` Linus Torvalds
2024-09-15 12:05 ` Dan Carpenter
2024-09-15 13:14 ` Linus Torvalds
2024-09-18 21:08 ` Dimitri Sivanich [this message]
2024-09-15 12:01 ` Lorenzo Stoakes
2024-09-15 12:09 ` Dan Carpenter
2024-09-15 12:38 ` Lorenzo Stoakes
2024-09-15 13:14 ` Dan Carpenter
2024-09-15 13:26 ` Lorenzo Stoakes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZutBZknDnHpJ1JxK@hpe.com \
--to=sivanich@hpe.com \
--cc=arnd@arndb.de \
--cc=dan.carpenter@linaro.org \
--cc=dimitri.sivanich@hpe.com \
--cc=linux-mm@kvack.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox