From: Al Viro <viro@ZenIV.linux.org.uk>
To: Hugh Dickins <hughd@google.com>
Cc: linux-mm@kvack.org, Mel Gorman <mel@csn.ul.ie>,
linux-kernel@vger.kernel.org
Subject: Re: ENOSPC returned by handle_mm_fault()
Date: Sun, 5 Jun 2011 20:50:25 +0100 [thread overview]
Message-ID: <20110605195025.GH11521@ZenIV.linux.org.uk> (raw)
In-Reply-To: <alpine.LSU.2.00.1106051141570.5792@sister.anvils>
On Sun, Jun 05, 2011 at 12:16:08PM -0700, Hugh Dickins wrote:
> Good find, news to me. Interesting uses of -PTR_ERR()!
*snerk*
I've run into a bug where ->open() returned -PTR_ERR(...) on one of the failure
exits and went grepping. Caught so far:
* l2tp_debugfs - originally found bug
* xfs mknod() returning the error with wrong sign if xfs_get_acl()
fails
* jfs lmLogOpen() - positive error value returned (and propagated
all way be to userland if we'd been doing remount) if block device can't be
opened
* sunrpc - two bugs of the same kind
* this one, where the *sign* is right, but mixing E.. with VM_FAULT_..
is not.
Bugs are like mushrooms - found one, look around for more...
> Looks like we'd better not have more than 12 VM_FAULT_ flags.
> > Am I right assuming that we want VM_FAULT_OOM in both cases?
>
> No, where hugetlb_get_quota() fails it should be VM_FAULT_SIGBUS:
> there's no excuse to go on an OOM-killing spree just because hugetlb
> quota is exhausted.
Good point...
> VM_FAULT_OOM is appropriate where vma_needs_reservation() fails,
> because region_chg() couldn't kmalloc a structure, as you point out.
>
> (Though that doesn't matter much, since the only way the kmalloc can
> fail is when this task is already selected for OOM-kill - I think.)
You mean, something like the diff below?
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index f33bb31..3de23f0 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -125,7 +125,7 @@ static long region_chg(struct list_head *head, long f, long t)
if (&rg->link == head || t < rg->from) {
nrg = kmalloc(sizeof(*nrg), GFP_KERNEL);
if (!nrg)
- return -ENOMEM;
+ return -VM_FAULT_OOM;
nrg->from = f;
nrg->to = f;
INIT_LIST_HEAD(&nrg->link);
@@ -1036,7 +1036,7 @@ static struct page *alloc_huge_page(struct vm_area_struct *vma,
return ERR_PTR(chg);
if (chg)
if (hugetlb_get_quota(inode->i_mapping, chg))
- return ERR_PTR(-ENOSPC);
+ return ERR_PTR(-VM_FAULT_SIGBUS);
spin_lock(&hugetlb_lock);
page = dequeue_huge_page_vma(h, vma, addr, avoid_reserve);
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@ZenIV.linux.org.uk>
To: Hugh Dickins <hughd@google.com>
Cc: linux-mm@kvack.org, Mel Gorman <mel@csn.ul.ie>,
linux-kernel@vger.kernel.org
Subject: Re: ENOSPC returned by handle_mm_fault()
Date: Sun, 5 Jun 2011 20:50:25 +0100 [thread overview]
Message-ID: <20110605195025.GH11521@ZenIV.linux.org.uk> (raw)
In-Reply-To: <alpine.LSU.2.00.1106051141570.5792@sister.anvils>
On Sun, Jun 05, 2011 at 12:16:08PM -0700, Hugh Dickins wrote:
> Good find, news to me. Interesting uses of -PTR_ERR()!
*snerk*
I've run into a bug where ->open() returned -PTR_ERR(...) on one of the failure
exits and went grepping. Caught so far:
* l2tp_debugfs - originally found bug
* xfs mknod() returning the error with wrong sign if xfs_get_acl()
fails
* jfs lmLogOpen() - positive error value returned (and propagated
all way be to userland if we'd been doing remount) if block device can't be
opened
* sunrpc - two bugs of the same kind
* this one, where the *sign* is right, but mixing E.. with VM_FAULT_..
is not.
Bugs are like mushrooms - found one, look around for more...
> Looks like we'd better not have more than 12 VM_FAULT_ flags.
> > Am I right assuming that we want VM_FAULT_OOM in both cases?
>
> No, where hugetlb_get_quota() fails it should be VM_FAULT_SIGBUS:
> there's no excuse to go on an OOM-killing spree just because hugetlb
> quota is exhausted.
Good point...
> VM_FAULT_OOM is appropriate where vma_needs_reservation() fails,
> because region_chg() couldn't kmalloc a structure, as you point out.
>
> (Though that doesn't matter much, since the only way the kmalloc can
> fail is when this task is already selected for OOM-kill - I think.)
You mean, something like the diff below?
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index f33bb31..3de23f0 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -125,7 +125,7 @@ static long region_chg(struct list_head *head, long f, long t)
if (&rg->link == head || t < rg->from) {
nrg = kmalloc(sizeof(*nrg), GFP_KERNEL);
if (!nrg)
- return -ENOMEM;
+ return -VM_FAULT_OOM;
nrg->from = f;
nrg->to = f;
INIT_LIST_HEAD(&nrg->link);
@@ -1036,7 +1036,7 @@ static struct page *alloc_huge_page(struct vm_area_struct *vma,
return ERR_PTR(chg);
if (chg)
if (hugetlb_get_quota(inode->i_mapping, chg))
- return ERR_PTR(-ENOSPC);
+ return ERR_PTR(-VM_FAULT_SIGBUS);
spin_lock(&hugetlb_lock);
page = dequeue_huge_page_vma(h, vma, addr, avoid_reserve);
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2011-06-05 19:50 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-05 13:43 ENOSPC returned by handle_mm_fault() Al Viro
2011-06-05 13:43 ` Al Viro
2011-06-05 19:16 ` Hugh Dickins
2011-06-05 19:16 ` Hugh Dickins
2011-06-05 19:50 ` Al Viro [this message]
2011-06-05 19:50 ` Al Viro
2011-06-05 20:48 ` Hugh Dickins
2011-06-05 20:48 ` Hugh Dickins
2011-06-05 22:13 ` Al Viro
2011-06-05 22:13 ` Al Viro
2011-06-06 5:03 ` [PATCH] mm: fix " Hugh Dickins
2011-06-06 5:03 ` Hugh Dickins
2011-06-07 9:57 ` Mel Gorman
2011-06-07 9:57 ` Mel Gorman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110605195025.GH11521@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=hughd@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mel@csn.ul.ie \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.