From: Jia-Ju Bai <baijiaju1990@gmail.com>
To: Al Viro <viro@ZenIV.linux.org.uk>
Cc: 3chas3@gmail.com, linux-atm-general@lists.sourceforge.net,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] atm: firestream: Replace GFP_ATOMIC with GFP_KERNEL in fs_send
Date: Fri, 26 Jan 2018 22:17:08 +0800 [thread overview]
Message-ID: <35cb1c70-824b-e0a3-1bed-d147d0f5dec2@gmail.com> (raw)
In-Reply-To: <d5697036-e9aa-67a1-a6f3-3a17940542d6@gmail.com>
On 2018/1/26 21:56, Jia-Ju Bai wrote:
>
>
> On 2018/1/26 20:05, Al Viro wrote:
>> On Fri, Jan 26, 2018 at 04:00:27PM +0800, Jia-Ju Bai wrote:
>>> After checking all possible call chains to fs_send() here,
>>> my tool finds that fs_send() is never called in atomic context.
>>> And this function is assigned to a function pointer "dev->ops->send",
>>> which is only called by vcc_sendmsg() (net/atm/common.c)
>>> through vcc->dev->ops->send(), and vcc_sendmsg() calls schedule(),
>>> it indicates that fs_send() can call functions which may sleep.
>>> Thus GFP_ATOMIC is not necessary, and it can be replaced with
>>> GFP_KERNEL.
>>>
>>> This is found by a static analysis tool named DCNS written by myself.
>> The trouble is, places like
>> net/atm/raw.c:65: vcc->send = atm_send_aal0;
>> net/atm/raw.c:74: vcc->send = vcc->dev->ops->send;
>> net/atm/raw.c:83: vcc->send = vcc->dev->ops->send;
>> mean extra call chains. It's *not* just vcc_sendmsg(), and e.g.
>> ret = ATM_SKB(skb)->vcc->send(ATM_SKB(skb)->vcc, skb)
>> ? DROP_PACKET : 1;
>> bh_unlock_sock(sk_atm(vcc));
>> in pppoatm_send() definitely is called under a spinlock.
>>
>> Looking through the driver (in advanced bitrot, as usual for
>> drivers/atm),
>> I'd say that submit_queue() is fucked in head in the "queue full" case.
>> And judging by the history, had been thus since the original merge...
>
> Thanks for reply :)
>
> I am sorry for this false positive.
> I think other ATM related patches that I submitted are also false
> positives, sorry.
> My tool did not handle this situation of passing function pointer, and
> I will improve the tool...
>
>
> Thanks,
> Jia-Ju Bai
I check the code again, and confirm only my patches about "send" are
false positives.
I think other my patches that are about "open" does not has this problem:
https://marc.info/?l=linux-kernel&m=151693791432626&w=2
https://marc.info/?l=linux-kernel&m=151695475503314&w=2
https://marc.info/?l=linux-kernel&m=151693150131512&w=2
I hope you can have a check :)
Thanks,
Jia-Ju Bai
next prev parent reply other threads:[~2018-01-26 14:17 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-26 8:00 [PATCH] atm: firestream: Replace GFP_ATOMIC with GFP_KERNEL in fs_send Jia-Ju Bai
2018-01-26 12:05 ` Al Viro
2018-01-26 13:56 ` Jia-Ju Bai
2018-01-26 14:17 ` Jia-Ju Bai [this message]
2018-01-26 16:10 ` David Miller
2018-01-26 16:10 ` David Miller
2018-01-26 16:07 ` David Miller
2018-01-26 16:17 ` Jia-Ju Bai
2018-01-26 17:08 ` Al Viro
2018-01-27 4:09 ` Jia-Ju Bai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=35cb1c70-824b-e0a3-1bed-d147d0f5dec2@gmail.com \
--to=baijiaju1990@gmail.com \
--cc=3chas3@gmail.com \
--cc=linux-atm-general@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.