Re: [RFC 1/8] mm: add overflow and underflow checks for page->_refcount

From: Matthew Wilcox
Date: Tue Oct 26 2021 - 15:50:35 EST

Next message: Qian Cai: "Re: [PATCH] bitmap: simplify GENMASK(size - 1, 0) lines"
Previous message: kernel test robot: "[jpirko-mlxsw:petrm_soft_counters 1/4] drivers/net/netdevsim/netdevsim.h:105:22: error: field 'buffer' has incomplete type"
In reply to: Pasha Tatashin: "[RFC 1/8] mm: add overflow and underflow checks for page->_refcount"
Next in thread: Pasha Tatashin: "Re: [RFC 1/8] mm: add overflow and underflow checks for page->_refcount"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 26, 2021 at 05:38:15PM +0000, Pasha Tatashin wrote:
> static inline void page_ref_add(struct page *page, int nr)
> {
> - atomic_add(nr, &page->_refcount);
> + int ret;
> +
> + VM_BUG_ON(nr <= 0);
> + ret = atomic_add_return(nr, &page->_refcount);
> + VM_BUG_ON_PAGE(ret <= 0, page);

This isn't right. _refcount is allowed to overflow into the negatives.
See page_ref_zero_or_close_to_overflow() and the conversations that led
to it being added.

Next message: Qian Cai: "Re: [PATCH] bitmap: simplify GENMASK(size - 1, 0) lines"
Previous message: kernel test robot: "[jpirko-mlxsw:petrm_soft_counters 1/4] drivers/net/netdevsim/netdevsim.h:105:22: error: field 'buffer' has incomplete type"
In reply to: Pasha Tatashin: "[RFC 1/8] mm: add overflow and underflow checks for page->_refcount"
Next in thread: Pasha Tatashin: "Re: [RFC 1/8] mm: add overflow and underflow checks for page->_refcount"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]