From: Dave Hansen <dave.hansen@intel.com>
To: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>,
"Li, Xiaoyao" <xiaoyao.li@intel.com>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"mingo@redhat.com" <mingo@redhat.com>,
"x86@kernel.org" <x86@kernel.org>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"bp@alien8.de" <bp@alien8.de>
Cc: "hpa@zytor.com" <hpa@zytor.com>,
"Chatre, Reinette" <reinette.chatre@intel.com>,
"kas@kernel.org" <kas@kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Qiang, Chenyi" <chenyi.qiang@intel.com>,
"Peng, Chao P" <chao.p.peng@intel.com>
Subject: Re: [PATCH v2] x86/split_lock: Handle unexpected split lock as fatal
Date: Wed, 7 Jan 2026 08:06:19 -0800 [thread overview]
Message-ID: <de707d86-abd1-4d77-b9e1-9a39afdd4c27@intel.com> (raw)
In-Reply-To: <07cf71d75b25d8be00eac554244d2a2e15845fd5.camel@intel.com>
On 1/7/26 07:24, Edgecombe, Rick P wrote:
>> If #AC occurs on split lock without X86_FEATURE_SPLIT_LOCK_DETECT,
>> that sounds more like a naughty hypervisor or buggy CPU that deserves
>> a BUG_ON() rather than a situation where the kernel wants to move
>> merrily along.
> Can you clarify your feelings on BUG_ON()'s? I was under the impression
> that new ones were basically banned, and we should WARN() here to try
> to keep running.
>
> Unless we could claim that continuing would destroy something or other
> situation a user would never want.
I'm conflicted about BUG_ON() here. It's a pretty nasty thing to be
sending exceptions that the kernel doesn't expect. x86 exception
handling is "fun" and has lots of sharp edges. There are absolutely
windows where the kernel can not recover from exceptions if they happen
in there. The real questions is why the kernel should even try to
recover if it's faced with a borderline malicious hypervisor or CPU so
buggy it's throwing unexpected exceptions.
On the other hand, in practice, this particular code path is from
userspace and a BUG_ON() is an instant DoS.
Balancing all that, a WARN_ON_ONCE() with panic_on_warn=1 is probably
the best course of action here.
But I still want to hear more about why the enumeration is broken and
can't be fixed.
next prev parent reply other threads:[~2026-01-07 16:06 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-07 13:49 [PATCH v2] x86/split_lock: Handle unexpected split lock as fatal Xiaoyao Li
2026-01-07 15:19 ` Dave Hansen
2026-01-07 15:24 ` Edgecombe, Rick P
2026-01-07 16:06 ` Dave Hansen [this message]
2026-01-08 2:19 ` Xiaoyao Li
2026-01-08 2:11 ` Xiaoyao Li
2026-01-07 15:20 ` Kiryl Shutsemau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=de707d86-abd1-4d77-b9e1-9a39afdd4c27@intel.com \
--to=dave.hansen@intel.com \
--cc=bp@alien8.de \
--cc=chao.p.peng@intel.com \
--cc=chenyi.qiang@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=kas@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=reinette.chatre@intel.com \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox