Re: [BUG] mm: truncate: a possible sleep-in-atomic-context bug in truncate_exceptional_pvec_entries()

From: Jia-Ju Bai
Date: Mon Aug 13 2018 - 05:31:05 EST

On 2018/8/13 16:56, Jan Kara wrote:

On Mon 13-08-18 11:10:23, Jia-Ju Bai wrote:
The kernel may sleep with holding a spinlock.

The function call paths (from bottom to top) in Linux-4.16 are:

[FUNC] schedule
fs/dax.c, 259: schedule in get_unlocked_mapping_entry
fs/dax.c, 450: get_unlocked_mapping_entry in __dax_invalidate_mapping_entry
fs/dax.c, 471: __dax_invalidate_mapping_entry in dax_delete_mapping_entry
mm/truncate.c, 97: dax_delete_mapping_entry in
mm/truncate.c, 82: spin_lock_irq in truncate_exceptional_pvec_entries

I do not find a good way to fix, so I only report.
This is found by my static analysis tool (DSAC).
Thanks for report but this is a false positive. Note that the lock is
acquired only if we are not operating on DAX mapping but we can get to
dax_delete_mapping_entry() only if we are operating on DAX mapping.

Thanks for your reply :)
My tool does not well check the path condition here...
Sorry for this false report.

Best wishes,
Jia-Ju Bai