From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.3 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id ACD25C433ED for ; Thu, 13 May 2021 08:51:45 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 3CC75613DE for ; Thu, 13 May 2021 08:51:45 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3CC75613DE Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=suse.cz Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id C850C6B006E; Thu, 13 May 2021 04:51:44 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C33E76B0070; Thu, 13 May 2021 04:51:44 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AD49F6B0071; Thu, 13 May 2021 04:51:44 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0220.hostedemail.com [216.40.44.220]) by kanga.kvack.org (Postfix) with ESMTP id 785DD6B006E for ; Thu, 13 May 2021 04:51:44 -0400 (EDT) Received: from smtpin26.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 11A458249980 for ; Thu, 13 May 2021 08:51:44 +0000 (UTC) X-FDA: 78135589728.26.BC69E57 Received: from mx2.suse.de (mx2.suse.de [195.135.220.15]) by imf28.hostedemail.com (Postfix) with ESMTP id DDB0B2000264 for ; Thu, 13 May 2021 08:51:41 +0000 (UTC) X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 53959AEF8; Thu, 13 May 2021 08:51:42 +0000 (UTC) To: Hyeonggon Yoo <42.hyeyoo@gmail.com>, Andrew Morton Cc: iamjoonsoo.kim@lge.com, rientjes@google.com, penberg@kernel.org, cl@linux.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Marco Elver References: <20210511173448.GA54466@hyeyoo> <20210512195227.245000695c9014242e9a00e5@linux-foundation.org> <20210513031220.GA133011@hyeyoo> <20210512204024.401ff3de38649d7d0f5a45e8@linux-foundation.org> <20210513062809.GA319973@hyeyoo> From: Vlastimil Babka Subject: Re: [PATCH v3] mm, slub: change run-time assertion in kmalloc_index() to compile-time Message-ID: Date: Thu, 13 May 2021 10:51:41 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1 MIME-Version: 1.0 In-Reply-To: <20210513062809.GA319973@hyeyoo> Content-Type: text/plain; charset=utf-8 Content-Language: en-US X-Rspamd-Queue-Id: DDB0B2000264 Authentication-Results: imf28.hostedemail.com; dkim=none; dmarc=none; spf=pass (imf28.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.15 as permitted sender) smtp.mailfrom=vbabka@suse.cz X-Rspamd-Server: rspam04 X-Stat-Signature: 8dfms9u5grk14ark3xdqjattkt5ujj8i Received-SPF: none (suse.cz>: No applicable sender policy available) receiver=imf28; identity=mailfrom; envelope-from=""; helo=mx2.suse.de; client-ip=195.135.220.15 X-HE-DKIM-Result: none/none X-HE-Tag: 1620895901-193154 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 5/13/21 8:28 AM, Hyeonggon Yoo wrote: > On Wed, May 12, 2021 at 08:40:24PM -0700, Andrew Morton wrote: >> On Thu, 13 May 2021 12:12:20 +0900 Hyeonggon Yoo <42.hyeyoo@gmail.com>= wrote: >>=20 >> > On Wed, May 12, 2021 at 07:52:27PM -0700, Andrew Morton wrote: >> > > This explodes in mysterious ways. The patch as I have it is appen= ded, >> > > for reference. >> > >=20 >> > > gcc-10.3.0 allmodconfig. >> > >=20 >> > > This patch suppresses the error: >>=20 >> Ah, yes, of course, your patch changes kmalloc_index() to require that >> it always is called with a constant `size'. kfence_test doesn't do >> that. >>=20 >> kfence is being a bit naughty here - the other kmalloc_index() callers >> only comple up the call after verifying that `size' is a compile-time >> constant. Agreed. >> Would something like this work? I'd prefer if we kept kmalloc_index() for constant sizes only. The broken= build then warns anyone using it the wrong way that they shouldn't. Besides, it= really shouldn't be used outside of slab. But if kfence test really needs this, we could perhaps extract the index determining part out of kmalloc_slab(). Hmm or I guess the kfence tests could just use kmalloc_slab() directly? >> include/linux/slab.h | 12 ++++++++---- >> mm/kfence/kfence_test.c | 4 ++-- >> 2 files changed, 10 insertions(+), 6 deletions(-) >>=20 >> --- a/include/linux/slab.h~b >> +++ a/include/linux/slab.h >> @@ -374,7 +374,8 @@ static __always_inline enum kmalloc_cach >> * Note: there's no need to optimize kmalloc_index because it's evalu= ated >> * in compile-time. >> */ >> -static __always_inline unsigned int kmalloc_index(size_t size) >> +static __always_inline unsigned int kmalloc_index(size_t size, >> + bool size_is_constant) >> { >> if (!size) >> return 0; >> @@ -410,7 +411,10 @@ static __always_inline unsigned int kmal >> if (size <=3D 16 * 1024 * 1024) return 24; >> if (size <=3D 32 * 1024 * 1024) return 25; >> =20 >> - BUILD_BUG_ON_MSG(1, "unexpected size in kmalloc_index()"); >> + if (size_is_constant) >> + BUILD_BUG_ON_MSG(1, "unexpected size in kmalloc_index()"); >> + else >> + BUG(); >=20 >=20 > kfence is randomly generating size. because kfence is using non-constan= t > size, we should do run-time assertion or compile-time assertion dependi= ng > on situation. >=20 > I think we can use __builtin_constant_p here. we don't need to modify > kmalloc_index's prototype. >=20 > so what about this? > if you think it makes sense, I'll send patch v4. >=20 > I used KMALLOC_MAX_CACHE_SIZE to assure it's safe size. > it's safer than putting BUILD_BUG_ON_MSG(1, ...) to below if statements > because KMALLOC_MAX_CACHE_SIZE can be less than 32MB. >=20 > --- include/linux/slab.h.orig 2021-05-12 17:56:54.504738768 +0900 > +++ include/linux/slab.h 2021-05-13 15:06:25.724565850 +0900 > @@ -346,9 +346,18 @@ static __always_inline enum kmalloc_cach > * 1 =3D 65 .. 96 bytes > * 2 =3D 129 .. 192 bytes > * n =3D 2^(n-1)+1 .. 2^n > + * > + * Note: there's no need to optimize kmalloc_index because it's evalua= ted > + * in compile-time. > */ > static __always_inline unsigned int kmalloc_index(size_t size) > { > + if (__builtin_constant_p(size)) { > + BUILD_BUG_ON_MSG(size > KMALLOC_MAX_CACHE_SIZE , "unexpected size in= kmalloc_index()"); > + } else if (size > KMALLOC_MAX_CACHE_SIZE) { > + BUG(); > + } > + > if (!size) > return 0; >=20 > @@ -382,8 +391,6 @@ static __always_inline unsigned int kmal > if (size <=3D 8 * 1024 * 1024) return 23; > if (size <=3D 16 * 1024 * 1024) return 24; > if (size <=3D 32 * 1024 * 1024) return 25; > - if (size <=3D 64 * 1024 * 1024) return 26; > - BUG(); >=20 > /* Will never be reached. Needed because the compiler may complain */ > return -1; >=20