From: Jamie Lokier <jamie@shareable.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Adrian Bunk <bunk@kernel.org>,
Rusty Russell <rusty@rustcorp.com.au>,
"Alan D. Brunelle" <Alan.Brunelle@hp.com>,
"Rafael J. Wysocki" <rjw@sisk.pl>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Kernel Testers List <kernel-testers@vger.kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Arjan van de Ven <arjan@linux.intel.com>,
Ingo Molnar <mingo@elte.hu>,
linux-embedded@vger.kernel.org
Subject: Re: [Bug #11342] Linux 2.6.27-rc3: kernel BUG at mm/vmalloc.c - bisected
Date: Wed, 27 Aug 2008 17:21:47 +0100 [thread overview]
Message-ID: <20080827162147.GB25387@shareable.org> (raw)
In-Reply-To: <alpine.LFD.1.10.0808261332570.3363@nehalem.linux-foundation.org>
Linus Torvalds wrote:
> > Most LOCs of the kernel are not written by people like you or Al Viro or
> > David Miller, and the average kernel developer is unlikely to do it as
> > good as gcc.
>
> Sure. But we do have tools. We do have checkstack.pl, it's just that it
> hasn't been an issue in a long time, so I suspect many people didn't even
> _realize_ we have it, and I certainly can attest to the fact that even
> people who remember it - like me - don't actually tend to run it all that
> often.
Sounds like what's really desired here isn't more worry and
unpredictability, but for GCC+Binutils to gain the ability to
calculate the stack depth over all callchains (doesn't have to be
exact, just an upper bound; annotate recursions) in a way that's good
enough to do on every compile, complain if a depth is exceeded
statically (or it can't be proven), and to gain the
architecture-independent option "optimise to reduce stack usage".
> > BTW:
> > I just ran checkstack on a (roughly) allyesconfig kernel, and we have a
> > new driver that allocates "unsigned char recvbuf[1500];" on the stack...
>
> Yeah, it's _way_ too easy to do bad things.
In my userspace code, I have macros tmp_alloc and tmp_free. They must
be matched in the same function:
unsigned char * recvbuf = tmp_alloc(1500);
....
tmp_free(recvbuf);
When stack is plentiful, it maps to alloca() which is roughly
equivalent to using a stack variable.
When stack is constrained (as it is on my little devices), that maps
to xmalloc/free. The kernel equivalent would be kmalloc GFP_ATOMIC
(perhaps).
With different macros to mine, it may be possible to map small
fixed-size requests exactly onto local variables, and large ones to
kmalloc(). A stab at it (not tested):
#define LOCAL_ALLOC_THRESHOLD 128
#define LOCAL_ALLOC(type, ptr) \
__typeof__(type) __attribute__((__unused__)) ptr##_local_struct; \
__typeof__(type) * ptr = \
((__builtin_constant_p(sizeof(type)) \
&& sizeof(type) <= LOCAL_ALLOC_THRESHOLD) \
? &ptr##_local_struct : kmalloc(sizeof(type), GFP_ATOMIC))
#define LOCAL_FREE(ptr) \
((__builtin_constant_p(sizeof (*(ptr))) \
&& sizeof(*(ptr)) <= LOCAL_ALLOC_THRESHOLD) \
? (void) 0 : kfree(ptr))
Would that be useful in the kernel?
I'm thinking if it were a commonly used pattern for temporary buffers,
unknown structures and arrays of macro-determined size, the "new
driver" author would be less likely to accidentally drop a big object
on the stack.
Obviously it would be nicer for GCC to code such a thing
automatically, but that really is wishful thinking.
-- Jamie
next prev parent reply other threads:[~2008-08-27 16:21 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <mzBsPw3QUOF.A.87F.wZGsIB@albercik>
[not found] ` <48B313E0.1000501@hp.com>
[not found] ` <alpine.LFD.1.10.0808251326500.3363@nehalem.linux-foundation.org>
[not found] ` <200808261111.19205.rusty@rustcorp.com.au>
[not found] ` <alpine.LFD.1.10.0808261019450.3363@nehalem.linux-foundation.org>
2008-08-26 18:30 ` [Bug #11342] Linux 2.6.27-rc3: kernel BUG at mm/vmalloc.c - bisected Adrian Bunk
[not found] ` <20080826183051.GB10925-re2QNgSbS3j4D6uPqz5PAwR5/fbUUdgG@public.gmane.org>
2008-08-26 18:40 ` Linus Torvalds
[not found] ` <alpine.LFD.1.10.0808261134530.3363-nfNrOhbfy2R17+2ddN/4kux8cNe9sq/dYPYVAmT7z5s@public.gmane.org>
2008-08-26 20:21 ` Adrian Bunk
2008-08-26 20:41 ` Linus Torvalds
2008-08-27 16:21 ` Jamie Lokier [this message]
2008-08-26 18:47 ` Linus Torvalds
2008-08-26 19:02 ` Jamie Lokier
[not found] ` <20080826190213.GA30255-yetKDKU6eevNLxjTenLetw@public.gmane.org>
2008-08-26 19:18 ` Linus Torvalds
[not found] ` <alpine.LFD.1.10.0808261144510.3363-nfNrOhbfy2R17+2ddN/4kux8cNe9sq/dYPYVAmT7z5s@public.gmane.org>
2008-08-26 20:59 ` Adrian Bunk
2008-08-26 21:04 ` Linus Torvalds
[not found] ` <alpine.LFD.1.10.0808261403360.3363-nfNrOhbfy2R17+2ddN/4kux8cNe9sq/dYPYVAmT7z5s@public.gmane.org>
2008-08-26 22:54 ` Parag Warudkar
[not found] ` <f7848160808261554j2f4eaaa6i1ee8801ae75ca7bf-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2008-08-26 23:00 ` David VomLehn
2008-08-26 23:45 ` Adrian Bunk
2008-08-26 23:47 ` Linus Torvalds
[not found] ` <alpine.LFD.1.10.0808261644260.3363-nfNrOhbfy2R17+2ddN/4kux8cNe9sq/dYPYVAmT7z5s@public.gmane.org>
2008-08-27 0:53 ` Greg Ungerer
2008-08-27 1:08 ` Parag Warudkar
2008-08-27 1:31 ` Greg Ungerer
[not found] ` <48B4AE68.4040205-XXXsiaCtIV5Wk0Htik3J/w@public.gmane.org>
2008-08-27 2:16 ` Parag Warudkar
2008-08-27 8:44 ` Bernd Petrovitsch
2008-08-27 0:58 ` Parag Warudkar
[not found] ` <f7848160808261758q7b84aab1m188c1ebb59304818-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2008-08-27 1:49 ` Linus Torvalds
[not found] ` <alpine.LFD.1.10.0808261837530.3363-nfNrOhbfy2R17+2ddN/4kux8cNe9sq/dYPYVAmT7z5s@public.gmane.org>
2008-08-27 2:36 ` Parag Warudkar
[not found] ` <f7848160808261936m18c69dc0r26f41850efae4b91-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2008-08-27 2:52 ` Linus Torvalds
2008-08-27 8:32 ` Alan Cox
2008-08-27 6:01 ` Paul Mackerras
[not found] ` <18612.60878.887716.452936-nUko2b1QN/1kfgV4h6NXRTJtLkR7yuzc@public.gmane.org>
2008-08-27 10:58 ` Arjan van de Ven
2008-08-27 15:18 ` Linus Torvalds
2008-08-27 11:58 ` Adrian Bunk
2008-08-27 9:00 ` Bernd Petrovitsch
[not found] ` <1219827609.30209.29.camel-7sPfb3biEqGJZy4MaDjwDw@public.gmane.org>
2008-08-27 12:56 ` Parag Warudkar
2008-08-27 13:17 ` Bernd Petrovitsch
[not found] ` <1219843032.30209.51.camel-7sPfb3biEqGJZy4MaDjwDw@public.gmane.org>
2008-08-27 15:48 ` Jamie Lokier
2008-08-27 16:38 ` Bernd Petrovitsch
[not found] ` <1219855121.30209.112.camel-7sPfb3biEqGJZy4MaDjwDw@public.gmane.org>
2008-08-27 17:51 ` Jamie Lokier
2008-08-27 19:30 ` Bernd Petrovitsch
2008-08-28 0:06 ` Greg Ungerer
[not found] ` <20080827154805.GA25387-yetKDKU6eevNLxjTenLetw@public.gmane.org>
2008-08-28 0:11 ` Greg Ungerer
2008-08-27 8:34 ` Bernd Petrovitsch
2008-08-26 23:24 ` Adrian Bunk
[not found] ` <20080826232411.GC11734-re2QNgSbS3j4D6uPqz5PAwR5/fbUUdgG@public.gmane.org>
2008-08-26 23:51 ` Linus Torvalds
[not found] ` <alpine.LFD.1.10.0808261648140.3363-nfNrOhbfy2R17+2ddN/4kux8cNe9sq/dYPYVAmT7z5s@public.gmane.org>
2008-08-27 0:23 ` Adrian Bunk
2008-08-27 0:28 ` Linus Torvalds
[not found] ` <alpine.LFD.1.10.0808261726560.3363-nfNrOhbfy2R17+2ddN/4kux8cNe9sq/dYPYVAmT7z5s@public.gmane.org>
2008-08-27 11:58 ` Adrian Bunk
[not found] ` <20080827115829.GF11734-re2QNgSbS3j4D6uPqz5PAwR5/fbUUdgG@public.gmane.org>
2008-08-27 16:00 ` Paul Mundt
2008-08-27 17:35 ` Adrian Bunk
2008-08-28 0:32 ` Paul Mundt
2008-08-28 0:46 ` David Miller
[not found] ` <20080827.174605.85608276.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2008-08-28 1:02 ` Paul Mundt
2008-08-28 16:16 ` Adrian Bunk
2008-08-28 1:05 ` Greg Ungerer
2008-08-27 8:25 ` Alan Cox
2008-08-27 12:52 ` Parag Warudkar
[not found] ` <f7848160808270552u2ee66167x912a68e0bf8b25bf-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2008-08-27 13:21 ` Alan Cox
[not found] ` <20080827142142.303cdba8-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org>
2008-08-27 16:24 ` Parag Warudkar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080827162147.GB25387@shareable.org \
--to=jamie@shareable.org \
--cc=Alan.Brunelle@hp.com \
--cc=akpm@linux-foundation.org \
--cc=arjan@linux.intel.com \
--cc=bunk@kernel.org \
--cc=kernel-testers@vger.kernel.org \
--cc=linux-embedded@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=rjw@sisk.pl \
--cc=rusty@rustcorp.com.au \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).