On Thu 09-04-20 08:52:58, Peter Xu wrote:
> On Thu, Apr 09, 2020 at 09:02:53AM +0200, Michal Hocko wrote:
> > This patch has been merged and it is actually wrong after ae46d2aa6a7f
> > has been merged. We can either revert or I suggest just handling >0,
> > like the patch below:
> >
> > From 03fbe30ec61e65b0927d0d41bccc7dff5f7eafd8 Mon Sep 17 00:00:00 2001
> > From: Michal Hocko <mhocko@xxxxxxxx>
> > Date: Thu, 9 Apr 2020 08:26:57 +0200
> > Subject: [PATCH] mm, mempolicy: fix up gup usage in lookup_node
> >
> > ba841078cd05 ("mm/mempolicy: Allow lookup_node() to handle fatal signal") has
> > added a special casing for 0 return value because that was a possible
> > gup return value when interrupted by fatal signal. This has been fixed
> > by ae46d2aa6a7f ("mm/gup: Let __get_user_pages_locked() return -EINTR
> > for fatal signal") in the mean time so ba841078cd05 can be reverted.
> > This patch however doesn't go all the way to revert it because 0 return
> > value is impossible. We always get an error or 1 for a single page
> > request.
> >
> > Fixes: ba841078cd05 ("mm/mempolicy: Allow lookup_node() to handle fatal signal")
> > Signed-off-by: Michal Hocko <mhocko@xxxxxxxx>
> > ---
> > mm/mempolicy.c | 5 +----
> > 1 file changed, 1 insertion(+), 4 deletions(-)
> >
> > diff --git a/mm/mempolicy.c b/mm/mempolicy.c
> > index 48ba9729062e..1965e2681877 100644
> > --- a/mm/mempolicy.c
> > +++ b/mm/mempolicy.c
> > @@ -927,10 +927,7 @@ static int lookup_node(struct mm_struct *mm, unsigned long addr)
> >
> > int locked = 1;
> > err = get_user_pages_locked(addr & PAGE_MASK, 1, 0, &p, &locked);
> > - if (err == 0) {
> > - /* E.g. GUP interrupted by fatal signal */
> > - err = -EFAULT;
> > - } else if (err > 0) {
> > + if (err > 0) {
> > err = page_to_nid(p);
> > put_page(p);
> > }
>
> Hi, Michal,
>
> I'm totally not against this, but note that get_user_pages_locked()
> could still return zero. Although I'm not 100% sure now on whether
> npages==0 will be the only case, it won't hurt to keep this ret==0
> check until we consolidate the whole gup code to never return zero.
As we have discussed in other email thread, returning 0 should be really
possible only for an nr_pages == 0. And even in that case we should
rather return EINVAL. I wanted to do that change as well but gup is a
heavily used interface and I do not have time to check all existing
callers.
> Assuming there's another case (even possible for a future gup bug)
> that could return a zero, your patch will let err be anything (which
> you didn't initialize err with your patch), then the function will
> return a random value. So even if you really want this change, I
> would suggest you initialize err to some error code.
I wouldn't really overcomplicate it. If you are worried about future
bugs then we can warn into the log when !err && nr_pages somewher inside
gup code. But let's keep callers as simple as possible. We surely do not
want to check for !err in all users now.
> I just don't see much gain we get from removing that check.
The code clarity is the primary reason.
--
Michal Hocko
SUSE Labs
