Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp47442imm;
        Thu, 31 May 2018 18:13:29 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKJmrg4dvYqSIPPhk16iJdy9B7B5N8fSNbthFoJYRIrmv+dXgeRft/6fPmXm0WXfs5XhbX4P
X-Received: by 2002:a17:902:9344:: with SMTP id g4-v6mr9229040plp.10.1527815609206;
        Thu, 31 May 2018 18:13:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1527815609; cv=none;
        d=google.com; s=arc-20160816;
        b=LQf8EcPup7Bv74JdiEQRsuVKK6LQ+00m7cOZzKrIOdFcwaRIKqunPnnuM2a2nA7IK9
         msA7M8nPBhuCwoDJYg90pKP2gwim4uK7Hw6BB5tgO7ak+ykCuPz++FoWw08Ovwxz4xK7
         UFfyLAH9QI2cmIVgx7df97EiK5bVC0Hfoerry4m0W3fghb1GSeCVx+sBp0qNRbVaxVYp
         hxjEd1TracMCZhiPPoS64Guqz35uwkxY1gvljg71qBmo0b3d6JHA+GySZcflO8uAP8U/
         4Ctz1tSP+A5G3B234lj2mPCvj2UNuA15UKCeW4tdUNn8uO+cMAIH0HSrgvaOko4OF4dg
         438w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=ojLNw20hPtKmyHmMx9esS/npQETs0jt9mMCS1T5ryA8=;
        b=HuE9F5JRPaaf3vu5teaNnnpzSxvTi8KuKzagkeDOI0ehsQ63WmF6I61BsHHYoihQoa
         fhSdVVxLT0OijaX6xm03LV2jdo7sJVgi2BFofIvKjyC0pJoODOW0PfRePSLPLsmDnpLE
         o/IeGDs64uPEfoVXhsNZd11cgcaZa6yR6uPtFIXI65yAIuNuKK/F112j6xaxI1PN3COo
         aJkjUbqcBfvG6o/cT+b6vmeVk2IPf0i7cwIulpdYbTvxSSFOKWGFczCNej4rlTkylEnE
         yIIfOvB1FKAVaO3eed88unvBXTAzO17U+dHZFdyp3pcJT1ww+R1Ru37KuqWXvlcJnq6A
         SvMA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=lQr1NY55;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 62-v6si5752060ply.411.2018.05.31.18.13.14;
        Thu, 31 May 2018 18:13:29 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=lQr1NY55;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751211AbeFABMp (ORCPT <rfc822;brice.berna@gmail.com>
        + 99 others); Thu, 31 May 2018 21:12:45 -0400
Received: from mail-pl0-f67.google.com ([209.85.160.67]:38055 "EHLO
        mail-pl0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750776AbeFABMm (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 31 May 2018 21:12:42 -0400
Received: by mail-pl0-f67.google.com with SMTP id c11-v6so14277235plr.5
        for <linux-kernel@vger.kernel.org>; Thu, 31 May 2018 18:12:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-transfer-encoding:content-language;
        bh=ojLNw20hPtKmyHmMx9esS/npQETs0jt9mMCS1T5ryA8=;
        b=lQr1NY55EuKFG+PsJHP9/ezqUqobhuc73Mn87LLjFgDV+BamOf4phcJ1nuNIBgMaZI
         jz8aLzDf4V99zI4uW8BwUs1VZgWuHunLLVGyHQISpil7+9iM+7YkKSwBTSpHkyX7sl3Y
         h5+DMm0/ne76/RaxQDT+WZQIrrkQ5jTU4gz/wgqHSUsa3pirIpotz6/jmz6wdstzmHHe
         DFKCpYc5YkPRTXOrO3R4F/9o5mh6c2Jr2AjfLdL/7wDegd1nUBmswEJ2kkcBJ/Z2Zj+X
         4v7xC11z7OG31qsAHCU7uDTG5YDc9bXjYuJCnblI8N9g4xeTk7NuMxnUg34JfIPsAS7Q
         sNSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-transfer-encoding
         :content-language;
        bh=ojLNw20hPtKmyHmMx9esS/npQETs0jt9mMCS1T5ryA8=;
        b=pwg30o35WFJBRQYU8tTcMldbf39W7qMOYZqTc122vFoaBvHtu4auT29FKGgEmfGnla
         r22JGAJkckKGhXAP//mb7pUqpJ+Kg+y6X223otKfKbQ9Q93xAY326x3qt4/BxF1TNq+n
         uFGLwieHHsvx1akeM4hhb2ZqeqpGHiWFl5cafK7ePTcWLosY1EGxp7VBNpBv9BgqPiWc
         Fl5OEkq0eIfD/6zmKqC6oaTd/bxgWQqZpbc4OFRd6siLltIM0OA2X9Utuk1NWb2KPawo
         80QltRNiE8PdtytM96bq7pvom830vCytvV8UPOFFzxLzoenN16FvaHt1RnkBKhkocuGC
         yZhA==
X-Gm-Message-State: ALKqPwcvWIS02j7YYkDlczGn4x7Vg5OvMPo4L+ENHl0/UZVQju5q+ByB
        qbPraXTtEhReTkfCzdeodNjVqEJK
X-Received: by 2002:a17:902:a586:: with SMTP id az6-v6mr9126273plb.210.1527815561626;
        Thu, 31 May 2018 18:12:41 -0700 (PDT)
Received: from ?IPv6:2402:f000:1:1501:200:5efe:166.111.70.46? ([2402:f000:1:1501:200:5efe:a66f:462e])
        by smtp.gmail.com with ESMTPSA id q11-v6sm12225336pgs.2.2018.05.31.18.12.39
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 31 May 2018 18:12:41 -0700 (PDT)
Subject: Re: Can kfree() sleep at runtime?
To:     Matthew Wilcox <willy@infradead.org>
Cc:     cl@linux.com, penberg@kernel.org, rientjes@google.com,
        iamjoonsoo.kim@lge.com, akpm@linux-foundation.org,
        linux-mm@kvack.org,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
References: <30ecafd7-ed61-907b-f924-77fc37dcc753@gmail.com>
 <20180531140808.GA30221@bombadil.infradead.org>
From:   Jia-Ju Bai <baijiaju1990@gmail.com>
Message-ID: <4e3c8b44-67cc-29ca-7d59-daf542d2fcf2@gmail.com>
Date:   Fri, 1 Jun 2018 09:12:20 +0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <20180531140808.GA30221@bombadil.infradead.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 2018/5/31 22:08, Matthew Wilcox wrote:
> On Thu, May 31, 2018 at 09:10:07PM +0800, Jia-Ju Bai wrote:
>> I write a static analysis tool (DSAC), and it finds that kfree() can sleep.
>>
>> Here is the call path for kfree().
>> Please look at it *from the bottom up*.
>>
>> [FUNC] alloc_pages(GFP_KERNEL)
>> arch/x86/mm/pageattr.c, 756: alloc_pages in split_large_page
>> arch/x86/mm/pageattr.c, 1283: split_large_page in __change_page_attr
> Here's your bug.  Coming from kfree(), we can't end up in the
> split_large_page() path.  __change_page_attr may be called in several
> different circumstances in which it would have to split a large page,
> but the path from kfree() is not one of them.
>
> I think the path from kfree() will lead to the 'level == PG_LEVEL_4K'
> path, but I'm not really familiar with this x86 code.

Thanks for reply :)
But from the code in my call path, I cannot find why kfree() will only lead to the 'level == PG_LEVEL_4K' path.
Could you please explain it in more detail?


Best wishes,
Jia-Ju Bai