From: Dan Carpenter <dan.carpenter@oracle.com>
To: Tomer Samara <tomersamara98@gmail.com>
Cc: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
devel@driverdev.osuosl.org, "Todd Kjos" <tkjos@android.com>,
"Suren Baghdasaryan" <surenb@google.com>,
"Riley Andrews" <riandrews@android.com>,
dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org,
"Hridya Valsaraju" <hridya@google.com>,
"Arve Hjønnevåg" <arve@android.com>,
"Joel Fernandes" <joel@joelfernandes.org>,
"Laura Abbott" <labbott@redhat.com>,
"Martijn Coenen" <maco@android.com>,
"Sumit Semwal" <sumit.semwal@linaro.org>,
"Christian Brauner" <christian@brauner.io>
Subject: Re: [PATCH v3 1/2] staging: android: Remove BUG_ON from ion_page_pool.c
Date: Fri, 21 Aug 2020 16:15:02 +0300 [thread overview]
Message-ID: <20200821131502.GU1793@kadam> (raw)
In-Reply-To: <2e6c71ad168f92170ef856922b9a0c8dd0f85e11.1597865771.git.tomersamara98@gmail.com>
On Wed, Aug 19, 2020 at 10:38:47PM +0300, Tomer Samara wrote:
> BUG_ON() is removed at ion_page_pool.c and add error handleing to
> ion_page_pool_shrink
>
> Fixes the following issue:
> Avoid crashing the kernel - try using WARN_ON & recovery code ratherthan BUG() or BUG_ON().
>
> Signed-off-by: Tomer Samara <tomersamara98@gmail.com>
> ---
> drivers/staging/android/ion/ion_page_pool.c | 14 ++++++++++----
> 1 file changed, 10 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/staging/android/ion/ion_page_pool.c b/drivers/staging/android/ion/ion_page_pool.c
> index 0198b886d906..ae2bc57bcbe8 100644
> --- a/drivers/staging/android/ion/ion_page_pool.c
> +++ b/drivers/staging/android/ion/ion_page_pool.c
> @@ -46,11 +46,13 @@ static struct page *ion_page_pool_remove(struct ion_page_pool *pool, bool high)
> struct page *page;
>
> if (high) {
> - BUG_ON(!pool->high_count);
> + if (!pool->high_count)
> + return NULL;
I looked at the callers and it's trivial to verify that these conditions
are impossible. Just delete the BUG_ON() checks.
> page = list_first_entry(&pool->high_items, struct page, lru);
> pool->high_count--;
> } else {
> - BUG_ON(!pool->low_count);
> + if (!pool->low_count)
> + return NULL;
> page = list_first_entry(&pool->low_items, struct page, lru);
> pool->low_count--;
> }
> @@ -65,7 +67,8 @@ struct page *ion_page_pool_alloc(struct ion_page_pool *pool)
> {
> struct page *page = NULL;
>
> - BUG_ON(!pool);
> + if (!pool)
> + return NULL;
This one is slightly harder to verify... But really I would prefer that
we just deleted it as well. If we had a NULL dereference here then that
would give a pretty straight forward stack trace to debug.
>
> mutex_lock(&pool->mutex);
> if (pool->high_count)
> @@ -82,7 +85,8 @@ struct page *ion_page_pool_alloc(struct ion_page_pool *pool)
>
> void ion_page_pool_free(struct ion_page_pool *pool, struct page *page)
> {
> - BUG_ON(pool->order != compound_order(page));
> + if (pool->order != compound_order(page))
> + return;
Is returning really the correct way to handle this bug? I suggest,
just change BUG_ON() to a WARN_ON().
>
> ion_page_pool_add(pool, page);
> }
> @@ -124,6 +128,8 @@ int ion_page_pool_shrink(struct ion_page_pool *pool, gfp_t gfp_mask,
> break;
> }
> mutex_unlock(&pool->mutex);
> + if (!page)
> + break;
This change is no longer required if we delete the changes earlier as
I suggest. This change illustrates how when we start handling
impossible conditions then we just have to keep on imagining more and
more impossible conditions. When we start trying to write code for
situations which we know are impossible that is an unending task.
> ion_page_pool_free_pages(pool, page);
> freed += (1 << pool->order);
> }
regards,
dan carpenter
next prev parent reply other threads:[~2020-08-21 13:15 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-19 19:37 [PATCH v3 0/2] staging: android: Remove BUG/BUG_ONs Tomer Samara
2020-08-19 19:38 ` [PATCH v3 1/2] staging: android: Remove BUG_ON from ion_page_pool.c Tomer Samara
2020-08-21 13:15 ` Dan Carpenter [this message]
2020-08-19 19:39 ` [PATCH v3 2/2] staging: android: Remove BUG from ion_system_heap.c Tomer Samara
2020-08-21 13:32 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200821131502.GU1793@kadam \
--to=dan.carpenter@oracle.com \
--cc=arve@android.com \
--cc=christian@brauner.io \
--cc=devel@driverdev.osuosl.org \
--cc=dri-devel@lists.freedesktop.org \
--cc=gregkh@linuxfoundation.org \
--cc=hridya@google.com \
--cc=joel@joelfernandes.org \
--cc=labbott@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=maco@android.com \
--cc=riandrews@android.com \
--cc=sumit.semwal@linaro.org \
--cc=surenb@google.com \
--cc=tkjos@android.com \
--cc=tomersamara98@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox