Re: [PATCH resend] mm/page_alloc: fix comment is __get_free_pages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu 14-12-17 12:33:09, Andrew Morton wrote:
> On Thu, 14 Dec 2017 15:06:08 +0100 Michal Hocko <mhocko@xxxxxxxxxx> wrote:
> 
> > On Fri 01-12-17 12:18:45, Michal Hocko wrote:
> > > On Fri 01-12-17 08:24:14, Michal Hocko wrote:
> > > > On Thu 30-11-17 13:17:06, Andrew Morton wrote:
> > > > > On Thu, 30 Nov 2017 07:53:35 +0100 Michal Hocko <mhocko@xxxxxxxxxx> wrote:
> > > > > 
> > > > > > > mm...  So we have a caller which hopes to be getting highmem pages but
> > > > > > > isn't.  Caller then proceeds to pointlessly kmap the page and wonders
> > > > > > > why it isn't getting as much memory as it would like on 32-bit systems,
> > > > > > > etc.
> > > > > > 
> > > > > > How he can kmap the page when he gets a _virtual_ address?
> > > > > 
> > > > > doh.
> > > > > 
> > > > > > > I do think we should help ferret out such bogosity.  A WARN_ON_ONCE
> > > > > > > would suffice.
> > > > > > 
> > > > > > This function has always been about lowmem pages. I seriously doubt we
> > > > > > have anybody confused and asking for a highmem page in the kernel. I
> > > > > > haven't checked that but it would already blow up as VM_BUG_ON tends to
> > > > > > be enabled on many setups.
> > > > > 
> > > > > OK.  But silently accepting __GFP_HIGHMEM is a bit weird - callers
> > > > > shouldn't be doing that in the first place.
> > > > 
> > > > Yes, they shouldn't be.
> > > > 
> > > > > I wonder what happens if we just remove the WARN_ON and pass any
> > > > > __GFP_HIGHMEM straight through.  The caller gets a weird address from
> > > > > page_to_virt(highmem page) and usually goes splat?  Good enough
> > > > > treatment for something which never happens anyway?
> > > > 
> > > > page_address will return NULL so they will blow up and leak the freshly
> > > > allocated memory.
> > > 
> > > let me be more specific. They will blow up and leak if the returned
> > > address is not checked. If it is then we just leak. None of that sounds
> > > good to me.
> > 
> > So do we care and I will resend the patch in that case or I just drop
> > this from my patch queue?
> 
> Well..  I still think that silently accepting bad input would be bad
> practice.  If we can just delete the assertion and have such a caller
> reliably blow up later on then that's good enough.

The point is that if the caller checks for the failed allocation then
the result is a memory leak.
-- 
Michal Hocko
SUSE Labs

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]
  Powered by Linux