On 22.08.24 11:34, Linus Torvalds wrote:
On Thu, 22 Aug 2024 at 17:27, David Hildenbrand <da...@redhat.com> wrote:
To me, that implies that if you pass in MAX_ORDER+1 the VM will "retry
infinitely". if that implies just OOPSing or actually be in a busy loop,
I don't care. It could effectively happen with MAX_ORDER as well, as
stated. But certainly not BUG_ON.
No BUG_ON(), but also no endless loop.
Just return NULL for bogus users. Really. Give a WARN_ON_ONCE() to
make it easy to find offenders, and then let them deal with it.
Don't take it upon yourself to say "we have to deal with any amount of
stupidity".
The MM layer is not some slave to users. The MM layer is one of the
most core pieces of code in the kernel, and as such the MM layer is
damn well in charge.
Nobody has the right to say "I will not deal with allocation
failures". The MM should not bend over backwards over something like
that.
Seriously. Get a spine already, people. Tell random drivers that claim
that they cannot deal with errors to just f-ck off.
And you don't do it by looping forever, and you don't do it by killing
the kernel. You do it by ignoring their bullying tactics.
Then you document the *LIMITED* cases where you actually will try forever.
So on the buddy level, that might mean that we limit it to a single
page, and document "NOFAIL is ineffective and ignored when allcoating
pages of order > 0. Any attempt will result in a WARN_ON_ONCE()".
(assuming we can find and eliminate users that allocate order > 0 fairly
easily)
{kv}malloc allocators would be different, as Michal said.
No idea if that is feasible, but it sounds like something you have in mind.
--
Cheers,
David / dhildenb