From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mike Rapoport Subject: Re: [PATCH v2 19/21] treewide: add checks for the return value of memblock_alloc*() Date: Thu, 31 Jan 2019 09:14:59 +0200 Message-ID: <20190131071459.GC28876@rapoport-lnx> References: <1548057848-15136-1-git-send-email-rppt@linux.ibm.com> <1548057848-15136-20-git-send-email-rppt@linux.ibm.com> <20190131064139.GB28876@rapoport-lnx> <8838f7ab-998b-6d78-02a8-a53f8a3619d9@c-s.fr> Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Return-path: Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org List-ID: Content-Type: text/plain; charset="iso-8859-1" To: Christophe Leroy Cc: linux-mm@kvack.org, Rich Felker , linux-ia64@vger.kernel.org, devicetree@vger.kernel.org, Catalin Marinas , Heiko Carstens , x86@kernel.org, linux-mips@vger.kernel.org, Max Filippov , Guo Ren , sparclinux@vger.kernel.org, Christoph Hellwig , linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org, Yoshinori Sato , Richard Weinberger , linux-sh@vger.kernel.org, Russell King , kasan-dev@googlegroups.com, Geert Uytterhoeven , Mark Salter , Dennis Zhou , Matt Turner , linux-snps-arc@lists.infradead. On Thu, Jan 31, 2019 at 08:07:29AM +0100, Christophe Leroy wrote: >=20 >=20 > Le 31/01/2019 =E0 07:44, Christophe Leroy a =E9crit=A0: > > > > > >Le 31/01/2019 =E0 07:41, Mike Rapoport a =E9crit=A0: > >>On Thu, Jan 31, 2019 at 07:07:46AM +0100, Christophe Leroy wrote: > >>> > >>> > >>>Le 21/01/2019 =E0 09:04, Mike Rapoport a =E9crit=A0: > >>>>Add check for the return value of memblock_alloc*() functions and call > >>>>panic() in case of error. > >>>>The panic message repeats the one used by panicing memblock > >>>>allocators with > >>>>adjustment of parameters to include only relevant ones. > >>>> > >>>>The replacement was mostly automated with semantic patches like the o= ne > >>>>below with manual massaging of format strings. > >>>> > >>>>@@ > >>>>expression ptr, size, align; > >>>>@@ > >>>>ptr =3D memblock_alloc(size, align); > >>>>+ if (!ptr) > >>>>+=A0=A0=A0=A0 panic("%s: Failed to allocate %lu bytes align=3D0x%lx\n= ", __func__, > >>>>size, align); > >>>> > >>>>Signed-off-by: Mike Rapoport > >>>>Reviewed-by: Guo Ren =A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0 # c-sky > >>>>Acked-by: Paul Burton =A0=A0=A0=A0=A0=A0=A0=A0 = # MIPS > >>>>Acked-by: Heiko Carstens # s390 > >>>>Reviewed-by: Juergen Gross =A0=A0=A0=A0=A0=A0=A0=A0 = # Xen > >>>>--- > >>> > >>>[...] > >>> > >>>>diff --git a/mm/sparse.c b/mm/sparse.c > >>>>index 7ea5dc6..ad94242 100644 > >>>>--- a/mm/sparse.c > >>>>+++ b/mm/sparse.c > >>> > >>>[...] > >>> > >>>>@@ -425,6 +436,10 @@ static void __init sparse_buffer_init(unsigned > >>>>long size, int nid) > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0 memblock_alloc_try_nid_raw(size, PAGE_SIZ= E, > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 __pa(MAX_DMA_ADDRESS), > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 MEMBLOCK_ALLOC_ACCESSIBLE, nid); > >>>>+=A0=A0=A0 if (!sparsemap_buf) > >>>>+=A0=A0=A0=A0=A0=A0=A0 panic("%s: Failed to allocate %lu bytes align= =3D0x%lx nid=3D%d > >>>>from=3D%lx\n", > >>>>+=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 __func__, size, PAGE_SIZE, n= id, __pa(MAX_DMA_ADDRESS)); > >>>>+ > >>> > >>>memblock_alloc_try_nid_raw() does not panic (help explicitly says: > >>>Does not > >>>zero allocated memory, does not panic if request cannot be satisfied.). > >> > >>"Does not panic" does not mean it always succeeds. > > > >I agree, but at least here you are changing the behaviour by making it > >panic explicitly. Are we sure there are not cases where the system could > >just continue functionning ? Maybe a WARN_ON() would be enough there ? >=20 > Looking more in details, it looks like everything is done to live with > sparsemap_buf NULL, all functions using it check it so having it NULL > shouldn't imply a panic I believe, see code below. You are right, I'm preparing the fix right now. =20 > static void *sparsemap_buf __meminitdata; > static void *sparsemap_buf_end __meminitdata; >=20 > static void __init sparse_buffer_init(unsigned long size, int nid) > { > WARN_ON(sparsemap_buf); /* forgot to call sparse_buffer_fini()? */ > sparsemap_buf =3D > memblock_alloc_try_nid_raw(size, PAGE_SIZE, > __pa(MAX_DMA_ADDRESS), > MEMBLOCK_ALLOC_ACCESSIBLE, nid); > sparsemap_buf_end =3D sparsemap_buf + size; > } >=20 > static void __init sparse_buffer_fini(void) > { > unsigned long size =3D sparsemap_buf_end - sparsemap_buf; >=20 > if (sparsemap_buf && size > 0) > memblock_free_early(__pa(sparsemap_buf), size); > sparsemap_buf =3D NULL; > } >=20 > void * __meminit sparse_buffer_alloc(unsigned long size) > { > void *ptr =3D NULL; >=20 > if (sparsemap_buf) { > ptr =3D PTR_ALIGN(sparsemap_buf, size); > if (ptr + size > sparsemap_buf_end) > ptr =3D NULL; > else > sparsemap_buf =3D ptr + size; > } > return ptr; > } >=20 >=20 > Christophe >=20 --=20 Sincerely yours, Mike. From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mike Rapoport Date: Thu, 31 Jan 2019 07:14:59 +0000 Subject: Re: [PATCH v2 19/21] treewide: add checks for the return value of memblock_alloc*() Message-Id: <20190131071459.GC28876@rapoport-lnx> List-Id: References: <1548057848-15136-1-git-send-email-rppt@linux.ibm.com> <1548057848-15136-20-git-send-email-rppt@linux.ibm.com> <20190131064139.GB28876@rapoport-lnx> <8838f7ab-998b-6d78-02a8-a53f8a3619d9@c-s.fr> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: Christophe Leroy Cc: Rich Felker , linux-ia64@vger.kernel.org, Petr Mladek , linux-sh@vger.kernel.org, Catalin Marinas , Heiko Carstens , linux-kernel@vger.kernel.org, Max Filippov , Guo Ren , sparclinux@vger.kernel.org, Christoph Hellwig , linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org, Yoshinori Sato , Richard Weinberger , x86@kernel.org, Russell King , kasan-dev@googlegroups.com, Geert Uytterhoeven , Mark Salter , Dennis Zhou , Matt Turner , linux-snps-arc@lists.infradead.org, uclinux-h8-devel@lists.sourceforge.jp, devicetree@vger.kernel.org, Stephen Rothwell , linux-xtensa@linux-xtensa.org, linux-um@lists.infradead.org, linux-m68k@lists.linux-m68k.org, Rob Herring , Greentime Hu , xen-devel@lists.xenproject.org, Stafford Horne , Guan Xuetao , linux-arm-kernel@lists.infradead.org, Michal Simek , Tony Luck , linux-mm@kvack.org, Greg Kroah-Hartman , linux-usb@vger.kernel.org, linux-mips@vger.kernel.org, Paul Burton , Vineet Gupta , linux-alpha@vger.kernel.org, Andrew Morton , linuxppc-dev@lists.ozlabs.org, "David S. Miller" , openrisc@lists.librecores.org On Thu, Jan 31, 2019 at 08:07:29AM +0100, Christophe Leroy wrote: >=20 >=20 > Le 31/01/2019 =E0 07:44, Christophe Leroy a =E9crit=A0: > > > > > >Le 31/01/2019 =E0 07:41, Mike Rapoport a =E9crit=A0: > >>On Thu, Jan 31, 2019 at 07:07:46AM +0100, Christophe Leroy wrote: > >>> > >>> > >>>Le 21/01/2019 =E0 09:04, Mike Rapoport a =E9crit=A0: > >>>>Add check for the return value of memblock_alloc*() functions and call > >>>>panic() in case of error. > >>>>The panic message repeats the one used by panicing memblock > >>>>allocators with > >>>>adjustment of parameters to include only relevant ones. > >>>> > >>>>The replacement was mostly automated with semantic patches like the o= ne > >>>>below with manual massaging of format strings. > >>>> > >>>>@@ > >>>>expression ptr, size, align; > >>>>@@ > >>>>ptr =3D memblock_alloc(size, align); > >>>>+ if (!ptr) > >>>>+=A0=A0=A0=A0 panic("%s: Failed to allocate %lu bytes align=3D0x%lx\n= ", __func__, > >>>>size, align); > >>>> > >>>>Signed-off-by: Mike Rapoport > >>>>Reviewed-by: Guo Ren =A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0 # c-sky > >>>>Acked-by: Paul Burton =A0=A0=A0=A0=A0=A0=A0=A0 = # MIPS > >>>>Acked-by: Heiko Carstens # s390 > >>>>Reviewed-by: Juergen Gross =A0=A0=A0=A0=A0=A0=A0=A0 = # Xen > >>>>--- > >>> > >>>[...] > >>> > >>>>diff --git a/mm/sparse.c b/mm/sparse.c > >>>>index 7ea5dc6..ad94242 100644 > >>>>--- a/mm/sparse.c > >>>>+++ b/mm/sparse.c > >>> > >>>[...] > >>> > >>>>@@ -425,6 +436,10 @@ static void __init sparse_buffer_init(unsigned > >>>>long size, int nid) > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0 memblock_alloc_try_nid_raw(size, PAGE_SIZ= E, > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 __pa(MAX_DMA_ADDRESS), > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 MEMBLOCK_ALLOC_ACCESSIBLE, nid); > >>>>+=A0=A0=A0 if (!sparsemap_buf) > >>>>+=A0=A0=A0=A0=A0=A0=A0 panic("%s: Failed to allocate %lu bytes align= =3D0x%lx nid=3D%d > >>>>from=3D%lx\n", > >>>>+=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 __func__, size, PAGE_SIZE, n= id, __pa(MAX_DMA_ADDRESS)); > >>>>+ > >>> > >>>memblock_alloc_try_nid_raw() does not panic (help explicitly says: > >>>Does not > >>>zero allocated memory, does not panic if request cannot be satisfied.). > >> > >>"Does not panic" does not mean it always succeeds. > > > >I agree, but at least here you are changing the behaviour by making it > >panic explicitly. Are we sure there are not cases where the system could > >just continue functionning ? Maybe a WARN_ON() would be enough there ? >=20 > Looking more in details, it looks like everything is done to live with > sparsemap_buf NULL, all functions using it check it so having it NULL > shouldn't imply a panic I believe, see code below. You are right, I'm preparing the fix right now. =20 > static void *sparsemap_buf __meminitdata; > static void *sparsemap_buf_end __meminitdata; >=20 > static void __init sparse_buffer_init(unsigned long size, int nid) > { > WARN_ON(sparsemap_buf); /* forgot to call sparse_buffer_fini()? */ > sparsemap_buf > memblock_alloc_try_nid_raw(size, PAGE_SIZE, > __pa(MAX_DMA_ADDRESS), > MEMBLOCK_ALLOC_ACCESSIBLE, nid); > sparsemap_buf_end =3D sparsemap_buf + size; > } >=20 > static void __init sparse_buffer_fini(void) > { > unsigned long size =3D sparsemap_buf_end - sparsemap_buf; >=20 > if (sparsemap_buf && size > 0) > memblock_free_early(__pa(sparsemap_buf), size); > sparsemap_buf =3D NULL; > } >=20 > void * __meminit sparse_buffer_alloc(unsigned long size) > { > void *ptr =3D NULL; >=20 > if (sparsemap_buf) { > ptr =3D PTR_ALIGN(sparsemap_buf, size); > if (ptr + size > sparsemap_buf_end) > ptr =3D NULL; > else > sparsemap_buf =3D ptr + size; > } > return ptr; > } >=20 >=20 > Christophe >=20 --=20 Sincerely yours, Mike. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.5 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED, USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3DC84C169C4 for ; Thu, 31 Jan 2019 07:15:23 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 1964D2087F for ; Thu, 31 Jan 2019 07:15:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730274AbfAaHPW (ORCPT ); Thu, 31 Jan 2019 02:15:22 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:36690 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726852AbfAaHPW (ORCPT ); Thu, 31 Jan 2019 02:15:22 -0500 Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0V7Exdl062192 for ; Thu, 31 Jan 2019 02:15:20 -0500 Received: from e06smtp05.uk.ibm.com (e06smtp05.uk.ibm.com [195.75.94.101]) by mx0b-001b2d01.pphosted.com with ESMTP id 2qbtbkn9pu-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 31 Jan 2019 02:15:20 -0500 Received: from localhost by e06smtp05.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Jan 2019 07:15:17 -0000 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp05.uk.ibm.com (192.168.101.135) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 31 Jan 2019 07:15:07 -0000 Received: from d06av22.portsmouth.uk.ibm.com (d06av22.portsmouth.uk.ibm.com [9.149.105.58]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x0V7F6tN55378120 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 31 Jan 2019 07:15:06 GMT Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D50C74C046; Thu, 31 Jan 2019 07:15:04 +0000 (GMT) Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5E7D14C040; Thu, 31 Jan 2019 07:15:01 +0000 (GMT) Received: from rapoport-lnx (unknown [9.148.8.84]) by d06av22.portsmouth.uk.ibm.com (Postfix) with ESMTPS; Thu, 31 Jan 2019 07:15:01 +0000 (GMT) Date: Thu, 31 Jan 2019 09:14:59 +0200 From: Mike Rapoport To: Christophe Leroy Cc: linux-mm@kvack.org, Rich Felker , linux-ia64@vger.kernel.org, devicetree@vger.kernel.org, Catalin Marinas , Heiko Carstens , x86@kernel.org, linux-mips@vger.kernel.org, Max Filippov , Guo Ren , sparclinux@vger.kernel.org, Christoph Hellwig , linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org, Yoshinori Sato , Richard Weinberger , linux-sh@vger.kernel.org, Russell King , kasan-dev@googlegroups.com, Geert Uytterhoeven , Mark Salter , Dennis Zhou , Matt Turner , linux-snps-arc@lists.infradead.org, uclinux-h8-devel@lists.sourceforge.jp, Petr Mladek , linux-xtensa@linux-xtensa.org, linux-alpha@vger.kernel.org, linux-um@lists.infradead.org, linux-m68k@lists.linux-m68k.org, Rob Herring , Greentime Hu , xen-devel@lists.xenproject.org, Stafford Horne , Guan Xuetao , linux-arm-kernel@lists.infradead.org, Michal Simek , Tony Luck , Greg Kroah-Hartman , linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, Paul Burton , Vineet Gupta , Andrew Morton , linuxppc-dev@lists.ozlabs.org, "David S. Miller" , openrisc@lists.librecores.org, Stephen Rothwell Subject: Re: [PATCH v2 19/21] treewide: add checks for the return value of memblock_alloc*() References: <1548057848-15136-1-git-send-email-rppt@linux.ibm.com> <1548057848-15136-20-git-send-email-rppt@linux.ibm.com> <20190131064139.GB28876@rapoport-lnx> <8838f7ab-998b-6d78-02a8-a53f8a3619d9@c-s.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) X-TM-AS-GCONF: 00 x-cbid: 19013107-0020-0000-0000-0000030F29F7 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19013107-0021-0000-0000-000021602B4F Message-Id: <20190131071459.GC28876@rapoport-lnx> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-01-31_03:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=2 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1901310057 Sender: linux-mips-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-mips@vger.kernel.org On Thu, Jan 31, 2019 at 08:07:29AM +0100, Christophe Leroy wrote: > > > Le 31/01/2019 à 07:44, Christophe Leroy a écrit : > > > > > >Le 31/01/2019 à 07:41, Mike Rapoport a écrit : > >>On Thu, Jan 31, 2019 at 07:07:46AM +0100, Christophe Leroy wrote: > >>> > >>> > >>>Le 21/01/2019 à 09:04, Mike Rapoport a écrit : > >>>>Add check for the return value of memblock_alloc*() functions and call > >>>>panic() in case of error. > >>>>The panic message repeats the one used by panicing memblock > >>>>allocators with > >>>>adjustment of parameters to include only relevant ones. > >>>> > >>>>The replacement was mostly automated with semantic patches like the one > >>>>below with manual massaging of format strings. > >>>> > >>>>@@ > >>>>expression ptr, size, align; > >>>>@@ > >>>>ptr = memblock_alloc(size, align); > >>>>+ if (!ptr) > >>>>+     panic("%s: Failed to allocate %lu bytes align=0x%lx\n", __func__, > >>>>size, align); > >>>> > >>>>Signed-off-by: Mike Rapoport > >>>>Reviewed-by: Guo Ren              # c-sky > >>>>Acked-by: Paul Burton          # MIPS > >>>>Acked-by: Heiko Carstens # s390 > >>>>Reviewed-by: Juergen Gross          # Xen > >>>>--- > >>> > >>>[...] > >>> > >>>>diff --git a/mm/sparse.c b/mm/sparse.c > >>>>index 7ea5dc6..ad94242 100644 > >>>>--- a/mm/sparse.c > >>>>+++ b/mm/sparse.c > >>> > >>>[...] > >>> > >>>>@@ -425,6 +436,10 @@ static void __init sparse_buffer_init(unsigned > >>>>long size, int nid) > >>>>          memblock_alloc_try_nid_raw(size, PAGE_SIZE, > >>>>                          __pa(MAX_DMA_ADDRESS), > >>>>                          MEMBLOCK_ALLOC_ACCESSIBLE, nid); > >>>>+    if (!sparsemap_buf) > >>>>+        panic("%s: Failed to allocate %lu bytes align=0x%lx nid=%d > >>>>from=%lx\n", > >>>>+              __func__, size, PAGE_SIZE, nid, __pa(MAX_DMA_ADDRESS)); > >>>>+ > >>> > >>>memblock_alloc_try_nid_raw() does not panic (help explicitly says: > >>>Does not > >>>zero allocated memory, does not panic if request cannot be satisfied.). > >> > >>"Does not panic" does not mean it always succeeds. > > > >I agree, but at least here you are changing the behaviour by making it > >panic explicitly. Are we sure there are not cases where the system could > >just continue functionning ? Maybe a WARN_ON() would be enough there ? > > Looking more in details, it looks like everything is done to live with > sparsemap_buf NULL, all functions using it check it so having it NULL > shouldn't imply a panic I believe, see code below. You are right, I'm preparing the fix right now. > static void *sparsemap_buf __meminitdata; > static void *sparsemap_buf_end __meminitdata; > > static void __init sparse_buffer_init(unsigned long size, int nid) > { > WARN_ON(sparsemap_buf); /* forgot to call sparse_buffer_fini()? */ > sparsemap_buf = > memblock_alloc_try_nid_raw(size, PAGE_SIZE, > __pa(MAX_DMA_ADDRESS), > MEMBLOCK_ALLOC_ACCESSIBLE, nid); > sparsemap_buf_end = sparsemap_buf + size; > } > > static void __init sparse_buffer_fini(void) > { > unsigned long size = sparsemap_buf_end - sparsemap_buf; > > if (sparsemap_buf && size > 0) > memblock_free_early(__pa(sparsemap_buf), size); > sparsemap_buf = NULL; > } > > void * __meminit sparse_buffer_alloc(unsigned long size) > { > void *ptr = NULL; > > if (sparsemap_buf) { > ptr = PTR_ALIGN(sparsemap_buf, size); > if (ptr + size > sparsemap_buf_end) > ptr = NULL; > else > sparsemap_buf = ptr + size; > } > return ptr; > } > > > Christophe > -- Sincerely yours, Mike. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Thu, 31 Jan 2019 09:14:59 +0200 From: Mike Rapoport Subject: Re: [PATCH v2 19/21] treewide: add checks for the return value of memblock_alloc*() References: <1548057848-15136-1-git-send-email-rppt@linux.ibm.com> <1548057848-15136-20-git-send-email-rppt@linux.ibm.com> <20190131064139.GB28876@rapoport-lnx> <8838f7ab-998b-6d78-02a8-a53f8a3619d9@c-s.fr> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Message-Id: <20190131071459.GC28876@rapoport-lnx> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org List-Archive: To: Christophe Leroy Cc: Rich Felker , linux-ia64@vger.kernel.org, Petr Mladek , linux-sh@vger.kernel.org, Catalin Marinas , Heiko Carstens , linux-kernel@vger.kernel.org, Max Filippov , Guo Ren , sparclinux@vger.kernel.org, Christoph Hellwig , linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org, Yoshinori Sato , Richard Weinberger , x86@kernel.org, Russell King , kasan-dev@googlegroups.com, Geert Uytterhoeven , Mark Salter , Dennis Zhou , Matt Turner , linux-snps-arc@lists.infradead.org, uclinux-h8-devel@lists.sourceforge.jp, devicetree@vger.kernel.org, Stephen Rothwell , linux-xtensa@linux-xtensa.org, linux-um@lists.infradead.org, linux-m68k@lists.linux-m68k.org, Rob Herring , Greentime Hu , xen-devel@lists.xenproject.org, Stafford Horne , Guan Xuetao , linux-arm-kernel@lists.infradead.org, Michal Simek , Tony Luck , linux-mm@kvack.org, Greg Kroah-Hartman , linux-usb@vger.kernel.org, linux-mips@vger.kernel.org, Paul Burton , Vineet Gupta , linux-alpha@vger.kernel.org, Andrew Morton , linuxppc-dev@lists.ozlabs.org, "David S. Miller" , openrisc@lists.librecores.org List-ID: On Thu, Jan 31, 2019 at 08:07:29AM +0100, Christophe Leroy wrote: > = > = > Le 31/01/2019 =E0 07:44, Christophe Leroy a =E9crit=A0: > > > > > >Le 31/01/2019 =E0 07:41, Mike Rapoport a =E9crit=A0: > >>On Thu, Jan 31, 2019 at 07:07:46AM +0100, Christophe Leroy wrote: > >>> > >>> > >>>Le 21/01/2019 =E0 09:04, Mike Rapoport a =E9crit=A0: > >>>>Add check for the return value of memblock_alloc*() functions and call > >>>>panic() in case of error. > >>>>The panic message repeats the one used by panicing memblock > >>>>allocators with > >>>>adjustment of parameters to include only relevant ones. > >>>> > >>>>The replacement was mostly automated with semantic patches like the o= ne > >>>>below with manual massaging of format strings. > >>>> > >>>>@@ > >>>>expression ptr, size, align; > >>>>@@ > >>>>ptr =3D memblock_alloc(size, align); > >>>>+ if (!ptr) > >>>>+=A0=A0=A0=A0 panic("%s: Failed to allocate %lu bytes align=3D0x%lx\n= ", __func__, > >>>>size, align); > >>>> > >>>>Signed-off-by: Mike Rapoport > >>>>Reviewed-by: Guo Ren =A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0 # c-sky > >>>>Acked-by: Paul Burton =A0=A0=A0=A0=A0=A0=A0=A0 = # MIPS > >>>>Acked-by: Heiko Carstens # s390 > >>>>Reviewed-by: Juergen Gross =A0=A0=A0=A0=A0=A0=A0=A0 = # Xen > >>>>--- > >>> > >>>[...] > >>> > >>>>diff --git a/mm/sparse.c b/mm/sparse.c > >>>>index 7ea5dc6..ad94242 100644 > >>>>--- a/mm/sparse.c > >>>>+++ b/mm/sparse.c > >>> > >>>[...] > >>> > >>>>@@ -425,6 +436,10 @@ static void __init sparse_buffer_init(unsigned > >>>>long size, int nid) > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0 memblock_alloc_try_nid_raw(size, PAGE_SIZ= E, > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 __pa(MAX_DMA_ADDRESS), > >>>>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 MEMBLOCK_ALLOC_ACCESSIBLE, nid); > >>>>+=A0=A0=A0 if (!sparsemap_buf) > >>>>+=A0=A0=A0=A0=A0=A0=A0 panic("%s: Failed to allocate %lu bytes align= =3D0x%lx nid=3D%d > >>>>from=3D%lx\n", > >>>>+=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 __func__, size, PAGE_SIZE, n= id, __pa(MAX_DMA_ADDRESS)); > >>>>+ > >>> > >>>memblock_alloc_try_nid_raw() does not panic (help explicitly says: > >>>Does not > >>>zero allocated memory, does not panic if request cannot be satisfied.). > >> > >>"Does not panic" does not mean it always succeeds. > > > >I agree, but at least here you are changing the behaviour by making it > >panic explicitly. Are we sure there are not cases where the system could > >just continue functionning ? Maybe a WARN_ON() would be enough there ? > = > Looking more in details, it looks like everything is done to live with > sparsemap_buf NULL, all functions using it check it so having it NULL > shouldn't imply a panic I believe, see code below. You are right, I'm preparing the fix right now. = > static void *sparsemap_buf __meminitdata; > static void *sparsemap_buf_end __meminitdata; > = > static void __init sparse_buffer_init(unsigned long size, int nid) > { > WARN_ON(sparsemap_buf); /* forgot to call sparse_buffer_fini()? */ > sparsemap_buf =3D > memblock_alloc_try_nid_raw(size, PAGE_SIZE, > __pa(MAX_DMA_ADDRESS), > MEMBLOCK_ALLOC_ACCESSIBLE, nid); > sparsemap_buf_end =3D sparsemap_buf + size; > } > = > static void __init sparse_buffer_fini(void) > { > unsigned long size =3D sparsemap_buf_end - sparsemap_buf; > = > if (sparsemap_buf && size > 0) > memblock_free_early(__pa(sparsemap_buf), size); > sparsemap_buf =3D NULL; > } > = > void * __meminit sparse_buffer_alloc(unsigned long size) > { > void *ptr =3D NULL; > = > if (sparsemap_buf) { > ptr =3D PTR_ALIGN(sparsemap_buf, size); > if (ptr + size > sparsemap_buf_end) > ptr =3D NULL; > else > sparsemap_buf =3D ptr + size; > } > return ptr; > } > = > = > Christophe > = -- = Sincerely yours, Mike. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel From mboxrd@z Thu Jan 1 00:00:00 1970 From: rppt@linux.ibm.com (Mike Rapoport) Date: Thu, 31 Jan 2019 09:14:59 +0200 Subject: [PATCH v2 19/21] treewide: add checks for the return value of memblock_alloc*() In-Reply-To: References: <1548057848-15136-1-git-send-email-rppt@linux.ibm.com> <1548057848-15136-20-git-send-email-rppt@linux.ibm.com> <20190131064139.GB28876@rapoport-lnx> <8838f7ab-998b-6d78-02a8-a53f8a3619d9@c-s.fr> List-ID: Message-ID: <20190131071459.GC28876@rapoport-lnx> To: linux-snps-arc@lists.infradead.org On Thu, Jan 31, 2019@08:07:29AM +0100, Christophe Leroy wrote: > > > Le 31/01/2019 ? 07:44, Christophe Leroy a ?crit?: > > > > > >Le 31/01/2019 ? 07:41, Mike Rapoport a ?crit?: > >>On Thu, Jan 31, 2019@07:07:46AM +0100, Christophe Leroy wrote: > >>> > >>> > >>>Le 21/01/2019 ? 09:04, Mike Rapoport a ?crit?: > >>>>Add check for the return value of memblock_alloc*() functions and call > >>>>panic() in case of error. > >>>>The panic message repeats the one used by panicing memblock > >>>>allocators with > >>>>adjustment of parameters to include only relevant ones. > >>>> > >>>>The replacement was mostly automated with semantic patches like the one > >>>>below with manual massaging of format strings. > >>>> > >>>>@@ > >>>>expression ptr, size, align; > >>>>@@ > >>>>ptr = memblock_alloc(size, align); > >>>>+ if (!ptr) > >>>>+???? panic("%s: Failed to allocate %lu bytes align=0x%lx\n", __func__, > >>>>size, align); > >>>> > >>>>Signed-off-by: Mike Rapoport > >>>>Reviewed-by: Guo Ren ???????????? # c-sky > >>>>Acked-by: Paul Burton ???????? # MIPS > >>>>Acked-by: Heiko Carstens # s390 > >>>>Reviewed-by: Juergen Gross ???????? # Xen > >>>>--- > >>> > >>>[...] > >>> > >>>>diff --git a/mm/sparse.c b/mm/sparse.c > >>>>index 7ea5dc6..ad94242 100644 > >>>>--- a/mm/sparse.c > >>>>+++ b/mm/sparse.c > >>> > >>>[...] > >>> > >>>>@@ -425,6 +436,10 @@ static void __init sparse_buffer_init(unsigned > >>>>long size, int nid) > >>>>????????? memblock_alloc_try_nid_raw(size, PAGE_SIZE, > >>>>????????????????????????? __pa(MAX_DMA_ADDRESS), > >>>>????????????????????????? MEMBLOCK_ALLOC_ACCESSIBLE, nid); > >>>>+??? if (!sparsemap_buf) > >>>>+??????? panic("%s: Failed to allocate %lu bytes align=0x%lx nid=%d > >>>>from=%lx\n", > >>>>+????????????? __func__, size, PAGE_SIZE, nid, __pa(MAX_DMA_ADDRESS)); > >>>>+ > >>> > >>>memblock_alloc_try_nid_raw() does not panic (help explicitly says: > >>>Does not > >>>zero allocated memory, does not panic if request cannot be satisfied.). > >> > >>"Does not panic" does not mean it always succeeds. > > > >I agree, but at least here you are changing the behaviour by making it > >panic explicitly. Are we sure there are not cases where the system could > >just continue functionning ? Maybe a WARN_ON() would be enough there ? > > Looking more in details, it looks like everything is done to live with > sparsemap_buf NULL, all functions using it check it so having it NULL > shouldn't imply a panic I believe, see code below. You are right, I'm preparing the fix right now. > static void *sparsemap_buf __meminitdata; > static void *sparsemap_buf_end __meminitdata; > > static void __init sparse_buffer_init(unsigned long size, int nid) > { > WARN_ON(sparsemap_buf); /* forgot to call sparse_buffer_fini()? */ > sparsemap_buf = > memblock_alloc_try_nid_raw(size, PAGE_SIZE, > __pa(MAX_DMA_ADDRESS), > MEMBLOCK_ALLOC_ACCESSIBLE, nid); > sparsemap_buf_end = sparsemap_buf + size; > } > > static void __init sparse_buffer_fini(void) > { > unsigned long size = sparsemap_buf_end - sparsemap_buf; > > if (sparsemap_buf && size > 0) > memblock_free_early(__pa(sparsemap_buf), size); > sparsemap_buf = NULL; > } > > void * __meminit sparse_buffer_alloc(unsigned long size) > { > void *ptr = NULL; > > if (sparsemap_buf) { > ptr = PTR_ALIGN(sparsemap_buf, size); > if (ptr + size > sparsemap_buf_end) > ptr = NULL; > else > sparsemap_buf = ptr + size; > } > return ptr; > } > > > Christophe > -- Sincerely yours, Mike. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Thu, 31 Jan 2019 09:14:59 +0200 From: Mike Rapoport Subject: Re: [PATCH v2 19/21] treewide: add checks for the return value of memblock_alloc*() References: <1548057848-15136-1-git-send-email-rppt@linux.ibm.com> <1548057848-15136-20-git-send-email-rppt@linux.ibm.com> <20190131064139.GB28876@rapoport-lnx> <8838f7ab-998b-6d78-02a8-a53f8a3619d9@c-s.fr> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: Message-Id: <20190131071459.GC28876@rapoport-lnx> To: Christophe Leroy Cc: linux-mm@kvack.org, Rich Felker , linux-ia64@vger.kernel.org, devicetree@vger.kernel.org, Catalin Marinas , Heiko Carstens , x86@kernel.org, linux-mips@vger.kernel.org, Max Filippov , Guo Ren , sparclinux@vger.kernel.org, Christoph Hellwig , linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org, Yoshinori Sato , Richard Weinberger , linux-sh@vger.kernel.org, Russell King , kasan-dev@googlegroups.com, Geert Uytterhoeven , Mark Salter , Dennis Zhou , Matt Turner , linux-snps-arc@lists.infradead.org, uclinux-h8-devel@lists.sourceforge.jp, Petr Mladek , linux-xtensa@linux-xtensa.org, linux-alpha@vger.kernel.org, linux-um@lists.infradead.org, linux-m68k@lists.linux-m68k.org, Rob Herring , Greentime Hu , xen-devel@lists.xenproject.org, Stafford Horne , Guan Xuetao , linux-arm-kernel@lists.infradead.org, Michal Simek , Tony Luck , Greg Kroah-Hartman , linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, Paul Burton , Vineet Gupta , Andrew Morton , linuxppc-dev@lists.ozlabs.org, "David S. Miller" , openrisc@lists.librecores.org, Stephen Rothwell List-ID: On Thu, Jan 31, 2019 at 08:07:29AM +0100, Christophe Leroy wrote: >=20 >=20 > Le 31/01/2019 =EF=BF=BD 07:44, Christophe Leroy a =EF=BF=BDcrit=EF=BF=BD: > > > > > >Le 31/01/2019 =EF=BF=BD 07:41, Mike Rapoport a =EF=BF=BDcrit=EF=BF=BD: > >>On Thu, Jan 31, 2019 at 07:07:46AM +0100, Christophe Leroy wrote: > >>> > >>> > >>>Le 21/01/2019 =EF=BF=BD 09:04, Mike Rapoport a =EF=BF=BDcrit=EF=BF=BD: > >>>>Add check for the return value of memblock_alloc*() functions and call > >>>>panic() in case of error. > >>>>The panic message repeats the one used by panicing memblock > >>>>allocators with > >>>>adjustment of parameters to include only relevant ones. > >>>> > >>>>The replacement was mostly automated with semantic patches like the o= ne > >>>>below with manual massaging of format strings. > >>>> > >>>>@@ > >>>>expression ptr, size, align; > >>>>@@ > >>>>ptr =3D memblock_alloc(size, align); > >>>>+ if (!ptr) > >>>>+=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD panic("%s: Failed to allocate %= lu bytes align=3D0x%lx\n", __func__, > >>>>size, align); > >>>> > >>>>Signed-off-by: Mike Rapoport > >>>>Reviewed-by: Guo Ren =EF=BF=BD=EF=BF=BD=EF=BF=BD= =EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF= =BF=BD # c-sky > >>>>Acked-by: Paul Burton =EF=BF=BD=EF=BF=BD=EF=BF= =BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD # MIPS > >>>>Acked-by: Heiko Carstens # s390 > >>>>Reviewed-by: Juergen Gross =EF=BF=BD=EF=BF=BD=EF=BF= =BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD # Xen > >>>>--- > >>> > >>>[...] > >>> > >>>>diff --git a/mm/sparse.c b/mm/sparse.c > >>>>index 7ea5dc6..ad94242 100644 > >>>>--- a/mm/sparse.c > >>>>+++ b/mm/sparse.c > >>> > >>>[...] > >>> > >>>>@@ -425,6 +436,10 @@ static void __init sparse_buffer_init(unsigned > >>>>long size, int nid) > >>>>=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF= =BD=EF=BF=BD memblock_alloc_try_nid_raw(size, PAGE_SIZE, > >>>>=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF= =BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD= =EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF= =BF=BD __pa(MAX_DMA_ADDRESS), > >>>>=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF= =BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD= =EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF= =BF=BD MEMBLOCK_ALLOC_ACCESSIBLE, nid); > >>>>+=EF=BF=BD=EF=BF=BD=EF=BF=BD if (!sparsemap_buf) > >>>>+=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD pani= c("%s: Failed to allocate %lu bytes align=3D0x%lx nid=3D%d > >>>>from=3D%lx\n", > >>>>+=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF= =BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD __func__, size, PAGE_SI= ZE, nid, __pa(MAX_DMA_ADDRESS)); > >>>>+ > >>> > >>>memblock_alloc_try_nid_raw() does not panic (help explicitly says: > >>>Does not > >>>zero allocated memory, does not panic if request cannot be satisfied.). > >> > >>"Does not panic" does not mean it always succeeds. > > > >I agree, but at least here you are changing the behaviour by making it > >panic explicitly. Are we sure there are not cases where the system could > >just continue functionning ? Maybe a WARN_ON() would be enough there ? >=20 > Looking more in details, it looks like everything is done to live with > sparsemap_buf NULL, all functions using it check it so having it NULL > shouldn't imply a panic I believe, see code below. You are right, I'm preparing the fix right now. =20 > static void *sparsemap_buf __meminitdata; > static void *sparsemap_buf_end __meminitdata; >=20 > static void __init sparse_buffer_init(unsigned long size, int nid) > { > WARN_ON(sparsemap_buf); /* forgot to call sparse_buffer_fini()? */ > sparsemap_buf =3D > memblock_alloc_try_nid_raw(size, PAGE_SIZE, > __pa(MAX_DMA_ADDRESS), > MEMBLOCK_ALLOC_ACCESSIBLE, nid); > sparsemap_buf_end =3D sparsemap_buf + size; > } >=20 > static void __init sparse_buffer_fini(void) > { > unsigned long size =3D sparsemap_buf_end - sparsemap_buf; >=20 > if (sparsemap_buf && size > 0) > memblock_free_early(__pa(sparsemap_buf), size); > sparsemap_buf =3D NULL; > } >=20 > void * __meminit sparse_buffer_alloc(unsigned long size) > { > void *ptr =3D NULL; >=20 > if (sparsemap_buf) { > ptr =3D PTR_ALIGN(sparsemap_buf, size); > if (ptr + size > sparsemap_buf_end) > ptr =3D NULL; > else > sparsemap_buf =3D ptr + size; > } > return ptr; > } >=20 >=20 > Christophe >=20 --=20 Sincerely yours, Mike. From mboxrd@z Thu Jan 1 00:00:00 1970 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Subject: [v2,19/21] treewide: add checks for the return value of memblock_alloc*() From: Mike Rapoport Message-Id: <20190131071459.GC28876@rapoport-lnx> Date: Thu, 31 Jan 2019 09:14:59 +0200 To: Christophe Leroy Cc: linux-mm@kvack.org, Rich Felker , linux-ia64@vger.kernel.org, devicetree@vger.kernel.org, Catalin Marinas , Heiko Carstens , x86@kernel.org, linux-mips@vger.kernel.org, Max Filippov , Guo Ren , sparclinux@vger.kernel.org, Christoph Hellwig , linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org, Yoshinori Sato , Richard Weinberger , linux-sh@vger.kernel.org, Russell King , kasan-dev@googlegroups.com, Geert Uytterhoeven , Mark Salter , Dennis Zhou , Matt Turner , linux-snps-arc@lists.infradead.org, uclinux-h8-devel@lists.sourceforge.jp, Petr Mladek , linux-xtensa@linux-xtensa.org, linux-alpha@vger.kernel.org, linux-um@lists.infradead.org, linux-m68k@lists.linux-m68k.org, Rob Herring , Greentime Hu , xen-devel@lists.xenproject.org, Stafford Horne , Guan Xuetao , linux-arm-kernel@lists.infradead.org, Michal Simek , Tony Luck , Greg Kroah-Hartman , linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, Paul Burton , Vineet Gupta , Andrew Morton , linuxppc-dev@lists.ozlabs.org, "David S. Miller" , openrisc@lists.librecores.org, Stephen Rothwell List-ID: T24gVGh1LCBKYW4gMzEsIDIwMTkgYXQgMDg6MDc6MjlBTSArMDEwMCwgQ2hyaXN0b3BoZSBMZXJv eSB3cm90ZToKPiAKPiAKPiBMZSAzMS8wMS8yMDE5IMOgIDA3OjQ0LCBDaHJpc3RvcGhlIExlcm95 IGEgw6ljcml0wqA6Cj4gPgo+ID4KPiA+TGUgMzEvMDEvMjAxOSDDoCAwNzo0MSwgTWlrZSBSYXBv cG9ydCBhIMOpY3JpdMKgOgo+ID4+T24gVGh1LCBKYW4gMzEsIDIwMTkgYXQgMDc6MDc6NDZBTSAr MDEwMCwgQ2hyaXN0b3BoZSBMZXJveSB3cm90ZToKPiA+Pj4KPiA+Pj4KPiA+Pj5MZSAyMS8wMS8y MDE5IMOgIDA5OjA0LCBNaWtlIFJhcG9wb3J0IGEgw6ljcml0wqA6Cj4gPj4+PkFkZCBjaGVjayBm b3IgdGhlIHJldHVybiB2YWx1ZSBvZiBtZW1ibG9ja19hbGxvYyooKSBmdW5jdGlvbnMgYW5kIGNh bGwKPiA+Pj4+cGFuaWMoKSBpbiBjYXNlIG9mIGVycm9yLgo+ID4+Pj5UaGUgcGFuaWMgbWVzc2Fn ZSByZXBlYXRzIHRoZSBvbmUgdXNlZCBieSBwYW5pY2luZyBtZW1ibG9jawo+ID4+Pj5hbGxvY2F0 b3JzIHdpdGgKPiA+Pj4+YWRqdXN0bWVudCBvZiBwYXJhbWV0ZXJzIHRvIGluY2x1ZGUgb25seSBy ZWxldmFudCBvbmVzLgo+ID4+Pj4KPiA+Pj4+VGhlIHJlcGxhY2VtZW50IHdhcyBtb3N0bHkgYXV0 b21hdGVkIHdpdGggc2VtYW50aWMgcGF0Y2hlcyBsaWtlIHRoZSBvbmUKPiA+Pj4+YmVsb3cgd2l0 aCBtYW51YWwgbWFzc2FnaW5nIG9mIGZvcm1hdCBzdHJpbmdzLgo+ID4+Pj4KPiA+Pj4+QEAKPiA+ Pj4+ZXhwcmVzc2lvbiBwdHIsIHNpemUsIGFsaWduOwo+ID4+Pj5AQAo+ID4+Pj5wdHIgPSBtZW1i bG9ja19hbGxvYyhzaXplLCBhbGlnbik7Cj4gPj4+PisgaWYgKCFwdHIpCj4gPj4+PivCoMKgwqDC oCBwYW5pYygiJXM6IEZhaWxlZCB0byBhbGxvY2F0ZSAlbHUgYnl0ZXMgYWxpZ249MHglbHhcbiIs IF9fZnVuY19fLAo+ID4+Pj5zaXplLCBhbGlnbik7Cj4gPj4+Pgo+ID4+Pj5TaWduZWQtb2ZmLWJ5 OiBNaWtlIFJhcG9wb3J0IDxycHB0QGxpbnV4LmlibS5jb20+Cj4gPj4+PlJldmlld2VkLWJ5OiBH dW8gUmVuIDxyZW5fZ3VvQGMtc2t5LmNvbT7CoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqAgIyBjLXNr eQo+ID4+Pj5BY2tlZC1ieTogUGF1bCBCdXJ0b24gPHBhdWwuYnVydG9uQG1pcHMuY29tPsKgwqDC oMKgwqDCoMKgwqAgIyBNSVBTCj4gPj4+PkFja2VkLWJ5OiBIZWlrbyBDYXJzdGVucyA8aGVpa28u Y2Fyc3RlbnNAZGUuaWJtLmNvbT4gIyBzMzkwCj4gPj4+PlJldmlld2VkLWJ5OiBKdWVyZ2VuIEdy b3NzIDxqZ3Jvc3NAc3VzZS5jb20+wqDCoMKgwqDCoMKgwqDCoCAjIFhlbgo+ID4+Pj4tLS0KPiA+ Pj4KPiA+Pj5bLi4uXQo+ID4+Pgo+ID4+Pj5kaWZmIC0tZ2l0IGEvbW0vc3BhcnNlLmMgYi9tbS9z cGFyc2UuYwo+ID4+Pj5pbmRleCA3ZWE1ZGM2Li5hZDk0MjQyIDEwMDY0NAo+ID4+Pj4tLS0gYS9t bS9zcGFyc2UuYwo+ID4+Pj4rKysgYi9tbS9zcGFyc2UuYwo+ID4+Pgo+ID4+PlsuLi5dCj4gPj4+ Cj4gPj4+PkBAIC00MjUsNiArNDM2LDEwIEBAIHN0YXRpYyB2b2lkIF9faW5pdCBzcGFyc2VfYnVm ZmVyX2luaXQodW5zaWduZWQKPiA+Pj4+bG9uZyBzaXplLCBpbnQgbmlkKQo+ID4+Pj7CoMKgwqDC oMKgwqDCoMKgwqAgbWVtYmxvY2tfYWxsb2NfdHJ5X25pZF9yYXcoc2l6ZSwgUEFHRV9TSVpFLAo+ ID4+Pj7CoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCBf X3BhKE1BWF9ETUFfQUREUkVTUyksCj4gPj4+PsKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDC oMKgwqDCoMKgwqDCoMKgwqDCoMKgIE1FTUJMT0NLX0FMTE9DX0FDQ0VTU0lCTEUsIG5pZCk7Cj4g Pj4+PivCoMKgwqAgaWYgKCFzcGFyc2VtYXBfYnVmKQo+ID4+Pj4rwqDCoMKgwqDCoMKgwqAgcGFu aWMoIiVzOiBGYWlsZWQgdG8gYWxsb2NhdGUgJWx1IGJ5dGVzIGFsaWduPTB4JWx4IG5pZD0lZAo+ ID4+Pj5mcm9tPSVseFxuIiwKPiA+Pj4+K8KgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIF9fZnVu Y19fLCBzaXplLCBQQUdFX1NJWkUsIG5pZCwgX19wYShNQVhfRE1BX0FERFJFU1MpKTsKPiA+Pj4+ Kwo+ID4+Pgo+ID4+Pm1lbWJsb2NrX2FsbG9jX3RyeV9uaWRfcmF3KCkgZG9lcyBub3QgcGFuaWMg KGhlbHAgZXhwbGljaXRseSBzYXlzOgo+ID4+PkRvZXMgbm90Cj4gPj4+emVybyBhbGxvY2F0ZWQg bWVtb3J5LCBkb2VzIG5vdCBwYW5pYyBpZiByZXF1ZXN0IGNhbm5vdCBiZSBzYXRpc2ZpZWQuKS4K PiA+Pgo+ID4+IkRvZXMgbm90IHBhbmljIiBkb2VzIG5vdCBtZWFuIGl0IGFsd2F5cyBzdWNjZWVk cy4KPiA+Cj4gPkkgYWdyZWUsIGJ1dCBhdCBsZWFzdCBoZXJlIHlvdSBhcmUgY2hhbmdpbmcgdGhl IGJlaGF2aW91ciBieSBtYWtpbmcgaXQKPiA+cGFuaWMgZXhwbGljaXRseS4gQXJlIHdlIHN1cmUg dGhlcmUgYXJlIG5vdCBjYXNlcyB3aGVyZSB0aGUgc3lzdGVtIGNvdWxkCj4gPmp1c3QgY29udGlu dWUgZnVuY3Rpb25uaW5nID8gTWF5YmUgYSBXQVJOX09OKCkgd291bGQgYmUgZW5vdWdoIHRoZXJl ID8KPiAKPiBMb29raW5nIG1vcmUgaW4gZGV0YWlscywgaXQgbG9va3MgbGlrZSBldmVyeXRoaW5n IGlzIGRvbmUgdG8gbGl2ZSB3aXRoCj4gc3BhcnNlbWFwX2J1ZiBOVUxMLCBhbGwgZnVuY3Rpb25z IHVzaW5nIGl0IGNoZWNrIGl0IHNvIGhhdmluZyBpdCBOVUxMCj4gc2hvdWxkbid0IGltcGx5IGEg cGFuaWMgSSBiZWxpZXZlLCBzZWUgY29kZSBiZWxvdy4KCllvdSBhcmUgcmlnaHQsIEknbSBwcmVw YXJpbmcgdGhlIGZpeCByaWdodCBub3cuCiAKPiBzdGF0aWMgdm9pZCAqc3BhcnNlbWFwX2J1ZiBf X21lbWluaXRkYXRhOwo+IHN0YXRpYyB2b2lkICpzcGFyc2VtYXBfYnVmX2VuZCBfX21lbWluaXRk YXRhOwo+IAo+IHN0YXRpYyB2b2lkIF9faW5pdCBzcGFyc2VfYnVmZmVyX2luaXQodW5zaWduZWQg bG9uZyBzaXplLCBpbnQgbmlkKQo+IHsKPiAJV0FSTl9PTihzcGFyc2VtYXBfYnVmKTsJLyogZm9y Z290IHRvIGNhbGwgc3BhcnNlX2J1ZmZlcl9maW5pKCk/ICovCj4gCXNwYXJzZW1hcF9idWYgPQo+ IAkJbWVtYmxvY2tfYWxsb2NfdHJ5X25pZF9yYXcoc2l6ZSwgUEFHRV9TSVpFLAo+IAkJCQkJCV9f cGEoTUFYX0RNQV9BRERSRVNTKSwKPiAJCQkJCQlNRU1CTE9DS19BTExPQ19BQ0NFU1NJQkxFLCBu aWQpOwo+IAlzcGFyc2VtYXBfYnVmX2VuZCA9IHNwYXJzZW1hcF9idWYgKyBzaXplOwo+IH0KPiAK PiBzdGF0aWMgdm9pZCBfX2luaXQgc3BhcnNlX2J1ZmZlcl9maW5pKHZvaWQpCj4gewo+IAl1bnNp Z25lZCBsb25nIHNpemUgPSBzcGFyc2VtYXBfYnVmX2VuZCAtIHNwYXJzZW1hcF9idWY7Cj4gCj4g CWlmIChzcGFyc2VtYXBfYnVmICYmIHNpemUgPiAwKQo+IAkJbWVtYmxvY2tfZnJlZV9lYXJseShf X3BhKHNwYXJzZW1hcF9idWYpLCBzaXplKTsKPiAJc3BhcnNlbWFwX2J1ZiA9IE5VTEw7Cj4gfQo+ IAo+IHZvaWQgKiBfX21lbWluaXQgc3BhcnNlX2J1ZmZlcl9hbGxvYyh1bnNpZ25lZCBsb25nIHNp emUpCj4gewo+IAl2b2lkICpwdHIgPSBOVUxMOwo+IAo+IAlpZiAoc3BhcnNlbWFwX2J1Zikgewo+ IAkJcHRyID0gUFRSX0FMSUdOKHNwYXJzZW1hcF9idWYsIHNpemUpOwo+IAkJaWYgKHB0ciArIHNp emUgPiBzcGFyc2VtYXBfYnVmX2VuZCkKPiAJCQlwdHIgPSBOVUxMOwo+IAkJZWxzZQo+IAkJCXNw YXJzZW1hcF9idWYgPSBwdHIgKyBzaXplOwo+IAl9Cj4gCXJldHVybiBwdHI7Cj4gfQo+IAo+IAo+ IENocmlzdG9waGUKPgo= From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mike Rapoport Date: Thu, 31 Jan 2019 09:14:59 +0200 Subject: [OpenRISC] [PATCH v2 19/21] treewide: add checks for the return value of memblock_alloc*() In-Reply-To: References: <1548057848-15136-1-git-send-email-rppt@linux.ibm.com> <1548057848-15136-20-git-send-email-rppt@linux.ibm.com> <20190131064139.GB28876@rapoport-lnx> <8838f7ab-998b-6d78-02a8-a53f8a3619d9@c-s.fr> Message-ID: <20190131071459.GC28876@rapoport-lnx> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit To: openrisc@lists.librecores.org On Thu, Jan 31, 2019 at 08:07:29AM +0100, Christophe Leroy wrote: > > > Le 31/01/2019 à 07:44, Christophe Leroy a écrit : > > > > > >Le 31/01/2019 à 07:41, Mike Rapoport a écrit : > >>On Thu, Jan 31, 2019 at 07:07:46AM +0100, Christophe Leroy wrote: > >>> > >>> > >>>Le 21/01/2019 à 09:04, Mike Rapoport a écrit : > >>>>Add check for the return value of memblock_alloc*() functions and call > >>>>panic() in case of error. > >>>>The panic message repeats the one used by panicing memblock > >>>>allocators with > >>>>adjustment of parameters to include only relevant ones. > >>>> > >>>>The replacement was mostly automated with semantic patches like the one > >>>>below with manual massaging of format strings. > >>>> > >>>>@@ > >>>>expression ptr, size, align; > >>>>@@ > >>>>ptr = memblock_alloc(size, align); > >>>>+ if (!ptr) > >>>>+     panic("%s: Failed to allocate %lu bytes align=0x%lx\n", __func__, > >>>>size, align); > >>>> > >>>>Signed-off-by: Mike Rapoport > >>>>Reviewed-by: Guo Ren              # c-sky > >>>>Acked-by: Paul Burton          # MIPS > >>>>Acked-by: Heiko Carstens # s390 > >>>>Reviewed-by: Juergen Gross          # Xen > >>>>--- > >>> > >>>[...] > >>> > >>>>diff --git a/mm/sparse.c b/mm/sparse.c > >>>>index 7ea5dc6..ad94242 100644 > >>>>--- a/mm/sparse.c > >>>>+++ b/mm/sparse.c > >>> > >>>[...] > >>> > >>>>@@ -425,6 +436,10 @@ static void __init sparse_buffer_init(unsigned > >>>>long size, int nid) > >>>>          memblock_alloc_try_nid_raw(size, PAGE_SIZE, > >>>>                          __pa(MAX_DMA_ADDRESS), > >>>>                          MEMBLOCK_ALLOC_ACCESSIBLE, nid); > >>>>+    if (!sparsemap_buf) > >>>>+        panic("%s: Failed to allocate %lu bytes align=0x%lx nid=%d > >>>>from=%lx\n", > >>>>+              __func__, size, PAGE_SIZE, nid, __pa(MAX_DMA_ADDRESS)); > >>>>+ > >>> > >>>memblock_alloc_try_nid_raw() does not panic (help explicitly says: > >>>Does not > >>>zero allocated memory, does not panic if request cannot be satisfied.). > >> > >>"Does not panic" does not mean it always succeeds. > > > >I agree, but at least here you are changing the behaviour by making it > >panic explicitly. Are we sure there are not cases where the system could > >just continue functionning ? Maybe a WARN_ON() would be enough there ? > > Looking more in details, it looks like everything is done to live with > sparsemap_buf NULL, all functions using it check it so having it NULL > shouldn't imply a panic I believe, see code below. You are right, I'm preparing the fix right now. > static void *sparsemap_buf __meminitdata; > static void *sparsemap_buf_end __meminitdata; > > static void __init sparse_buffer_init(unsigned long size, int nid) > { > WARN_ON(sparsemap_buf); /* forgot to call sparse_buffer_fini()? */ > sparsemap_buf = > memblock_alloc_try_nid_raw(size, PAGE_SIZE, > __pa(MAX_DMA_ADDRESS), > MEMBLOCK_ALLOC_ACCESSIBLE, nid); > sparsemap_buf_end = sparsemap_buf + size; > } > > static void __init sparse_buffer_fini(void) > { > unsigned long size = sparsemap_buf_end - sparsemap_buf; > > if (sparsemap_buf && size > 0) > memblock_free_early(__pa(sparsemap_buf), size); > sparsemap_buf = NULL; > } > > void * __meminit sparse_buffer_alloc(unsigned long size) > { > void *ptr = NULL; > > if (sparsemap_buf) { > ptr = PTR_ALIGN(sparsemap_buf, size); > if (ptr + size > sparsemap_buf_end) > ptr = NULL; > else > sparsemap_buf = ptr + size; > } > return ptr; > } > > > Christophe > -- Sincerely yours, Mike. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.5 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED, USER_AGENT_MUTT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A692AC169C4 for ; Thu, 31 Jan 2019 07:17:13 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id EC7352087F for ; Thu, 31 Jan 2019 07:17:12 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EC7352087F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 43qs4R2J7YzDqWK for ; Thu, 31 Jan 2019 18:17:11 +1100 (AEDT) Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0a-001b2d01.pphosted.com; envelope-from=rppt@linux.ibm.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.ibm.com Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 43qs2M6mzZzDq9W for ; Thu, 31 Jan 2019 18:15:23 +1100 (AEDT) Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0V7E87V139752 for ; Thu, 31 Jan 2019 02:15:21 -0500 Received: from e06smtp05.uk.ibm.com (e06smtp05.uk.ibm.com [195.75.94.101]) by mx0b-001b2d01.pphosted.com with ESMTP id 2qbv80grpm-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 31 Jan 2019 02:15:20 -0500 Received: from localhost by e06smtp05.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 31 Jan 2019 07:15:17 -0000 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp05.uk.ibm.com (192.168.101.135) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 31 Jan 2019 07:15:07 -0000 Received: from d06av22.portsmouth.uk.ibm.com (d06av22.portsmouth.uk.ibm.com [9.149.105.58]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x0V7F6tN55378120 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 31 Jan 2019 07:15:06 GMT Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D50C74C046; Thu, 31 Jan 2019 07:15:04 +0000 (GMT) Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5E7D14C040; Thu, 31 Jan 2019 07:15:01 +0000 (GMT) Received: from rapoport-lnx (unknown [9.148.8.84]) by d06av22.portsmouth.uk.ibm.com (Postfix) with ESMTPS; Thu, 31 Jan 2019 07:15:01 +0000 (GMT) Date: Thu, 31 Jan 2019 09:14:59 +0200 From: Mike Rapoport To: Christophe Leroy Subject: Re: [PATCH v2 19/21] treewide: add checks for the return value of memblock_alloc*() References: <1548057848-15136-1-git-send-email-rppt@linux.ibm.com> <1548057848-15136-20-git-send-email-rppt@linux.ibm.com> <20190131064139.GB28876@rapoport-lnx> <8838f7ab-998b-6d78-02a8-a53f8a3619d9@c-s.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) X-TM-AS-GCONF: 00 x-cbid: 19013107-0020-0000-0000-0000030F29F7 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19013107-0021-0000-0000-000021602B4F Message-Id: <20190131071459.GC28876@rapoport-lnx> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-31_03:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=2 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1901310057 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Rich Felker , linux-ia64@vger.kernel.org, Petr Mladek , linux-sh@vger.kernel.org, Catalin Marinas , Heiko Carstens , linux-kernel@vger.kernel.org, Max Filippov , Guo Ren , sparclinux@vger.kernel.org, Christoph Hellwig , linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org, Yoshinori Sato , Richard Weinberger , x86@kernel.org, Russell King , kasan-dev@googlegroups.com, Geert Uytterhoeven , Mark Salter , Dennis Zhou , Matt Turner , linux-snps-arc@lists.infradead.org, uclinux-h8-devel@lists.sourceforge.jp, devicetree@vger.kernel.org, Stephen Rothwell , linux-xtensa@linux-xtensa.org, linux-um@lists.infradead.org, linux-m68k@lists.linux-m68k.org, Rob Herring , Greentime Hu , xen-devel@lists.xenproject.org, Stafford Horne , Guan Xuetao , linux-arm-kernel@lists.infradead.org, Michal Simek , Tony Luck , linux-mm@kvack.org, Greg Kroah-Hartman , linux-usb@vger.kernel.org, linux-mips@vger.kernel.org, Paul Burton , Vineet Gupta , linux-alpha@vger.kernel.org, Andrew Morton , linuxppc-dev@lists.ozlabs.org, "David S. Miller" , openrisc@lists.librecores.org Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" On Thu, Jan 31, 2019 at 08:07:29AM +0100, Christophe Leroy wrote: > > > Le 31/01/2019 à 07:44, Christophe Leroy a écrit : > > > > > >Le 31/01/2019 à 07:41, Mike Rapoport a écrit : > >>On Thu, Jan 31, 2019 at 07:07:46AM +0100, Christophe Leroy wrote: > >>> > >>> > >>>Le 21/01/2019 à 09:04, Mike Rapoport a écrit : > >>>>Add check for the return value of memblock_alloc*() functions and call > >>>>panic() in case of error. > >>>>The panic message repeats the one used by panicing memblock > >>>>allocators with > >>>>adjustment of parameters to include only relevant ones. > >>>> > >>>>The replacement was mostly automated with semantic patches like the one > >>>>below with manual massaging of format strings. > >>>> > >>>>@@ > >>>>expression ptr, size, align; > >>>>@@ > >>>>ptr = memblock_alloc(size, align); > >>>>+ if (!ptr) > >>>>+     panic("%s: Failed to allocate %lu bytes align=0x%lx\n", __func__, > >>>>size, align); > >>>> > >>>>Signed-off-by: Mike Rapoport > >>>>Reviewed-by: Guo Ren              # c-sky > >>>>Acked-by: Paul Burton          # MIPS > >>>>Acked-by: Heiko Carstens # s390 > >>>>Reviewed-by: Juergen Gross          # Xen > >>>>--- > >>> > >>>[...] > >>> > >>>>diff --git a/mm/sparse.c b/mm/sparse.c > >>>>index 7ea5dc6..ad94242 100644 > >>>>--- a/mm/sparse.c > >>>>+++ b/mm/sparse.c > >>> > >>>[...] > >>> > >>>>@@ -425,6 +436,10 @@ static void __init sparse_buffer_init(unsigned > >>>>long size, int nid) > >>>>          memblock_alloc_try_nid_raw(size, PAGE_SIZE, > >>>>                          __pa(MAX_DMA_ADDRESS), > >>>>                          MEMBLOCK_ALLOC_ACCESSIBLE, nid); > >>>>+    if (!sparsemap_buf) > >>>>+        panic("%s: Failed to allocate %lu bytes align=0x%lx nid=%d > >>>>from=%lx\n", > >>>>+              __func__, size, PAGE_SIZE, nid, __pa(MAX_DMA_ADDRESS)); > >>>>+ > >>> > >>>memblock_alloc_try_nid_raw() does not panic (help explicitly says: > >>>Does not > >>>zero allocated memory, does not panic if request cannot be satisfied.). > >> > >>"Does not panic" does not mean it always succeeds. > > > >I agree, but at least here you are changing the behaviour by making it > >panic explicitly. Are we sure there are not cases where the system could > >just continue functionning ? Maybe a WARN_ON() would be enough there ? > > Looking more in details, it looks like everything is done to live with > sparsemap_buf NULL, all functions using it check it so having it NULL > shouldn't imply a panic I believe, see code below. You are right, I'm preparing the fix right now. > static void *sparsemap_buf __meminitdata; > static void *sparsemap_buf_end __meminitdata; > > static void __init sparse_buffer_init(unsigned long size, int nid) > { > WARN_ON(sparsemap_buf); /* forgot to call sparse_buffer_fini()? */ > sparsemap_buf = > memblock_alloc_try_nid_raw(size, PAGE_SIZE, > __pa(MAX_DMA_ADDRESS), > MEMBLOCK_ALLOC_ACCESSIBLE, nid); > sparsemap_buf_end = sparsemap_buf + size; > } > > static void __init sparse_buffer_fini(void) > { > unsigned long size = sparsemap_buf_end - sparsemap_buf; > > if (sparsemap_buf && size > 0) > memblock_free_early(__pa(sparsemap_buf), size); > sparsemap_buf = NULL; > } > > void * __meminit sparse_buffer_alloc(unsigned long size) > { > void *ptr = NULL; > > if (sparsemap_buf) { > ptr = PTR_ALIGN(sparsemap_buf, size); > if (ptr + size > sparsemap_buf_end) > ptr = NULL; > else > sparsemap_buf = ptr + size; > } > return ptr; > } > > > Christophe > -- Sincerely yours, Mike.