Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp563593imu;
        Thu, 20 Dec 2018 01:25:35 -0800 (PST)
X-Google-Smtp-Source: AFSGD/Xeh/M7CM9ddduvEP2uLOKreiJU3b8lsbf2Y3X9SW1yrmxlnH4QdlibiU7oW251EzI1MhCj
X-Received: by 2002:a63:6984:: with SMTP id e126mr9574900pgc.143.1545297935748;
        Thu, 20 Dec 2018 01:25:35 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1545297935; cv=none;
        d=google.com; s=arc-20160816;
        b=gv2bMw40GFurV+cKNxZi81FVQK7gtT/Qu6GdMmXqpdknO7r5PwKpRdpa7QNXPK5hEI
         9ywbXQEKBFS5LyLlwhz1E0UDFmg2ZQP0UfcbD7J6VTgN2Et8NPsLXwDuQADLIasnLi8a
         PzaXa9NBYxrnlCO6bSi7ZjL5O3KBKMjDBHXmSULBZMGGWeGAzRCfH03UANE4gAKctqz8
         jjdJCMaOQcENUQzzvL1udr1mexwR613bNrhKbKVsIppShUTAlYOPxAS9BFZBjZhQpaYc
         cfdPiuPGxHTphlpAWGCu0k+eaGi9Sz4esHNSs506tyMPXuxxJb7NC5Kj/+qSoHhxfGXO
         sncw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=w3cpPe+vy3OBNrxXVKZ95zPxUhMSrtDlayYZY7Th7zc=;
        b=bvy+V/lK4NsSy/DgqYqptncZy3e8X+S1xStwmFhGlrndrw+OBY/Kpb6GZk82y2M6iy
         4Y6worMfIcRH4jqT9TZO523+JNkXiRWR4QKe5m0WYy2/crEF4Ieq9luYArb99xJm3WTD
         dxkcFTdFg+Zd7k9sCqfDKu6johGynLu0yAZHO+HsfVm0wyTFyFgdBirE0T17gmTy0IXQ
         fSpdE3umAeOyshCY1HO3EGYdUZR+OQqrkaA/nQQRwoQUBsxDuoSrkO07VlbMfW4wlX9L
         bLfEfZ7ni3t8KIe+IgptYRMWu1IgmQr2rZOzNpnWD8CezPARYRJKlvM+0DtFyCIKPFeC
         1ynw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w5si17990567pfl.279.2018.12.20.01.25.20;
        Thu, 20 Dec 2018 01:25:35 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731261AbeLTJWH (ORCPT <rfc822;uzarths@gmail.com> + 99 others);
        Thu, 20 Dec 2018 04:22:07 -0500
Received: from mx2.suse.de ([195.135.220.15]:52556 "EHLO mx1.suse.de"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1731250AbeLTJWE (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 20 Dec 2018 04:22:04 -0500
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.220.254])
        by mx1.suse.de (Postfix) with ESMTP id D949AB005;
        Thu, 20 Dec 2018 09:22:02 +0000 (UTC)
Date:   Thu, 20 Dec 2018 10:22:02 +0100
From:   Michal Hocko <mhocko@kernel.org>
To:     Qian Cai <cai@lca.pw>
Cc:     akpm@linux-foundation.org, Pavel.Tatashin@microsoft.com,
        mingo@kernel.org, hpa@zytor.com, mgorman@techsingularity.net,
        tglx@linutronix.de, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH] mm/page_owner: fix for deferred struct page init
Message-ID: <20181220092202.GD14234@dhcp22.suse.cz>
References: <cbfacb4b-dbfd-f68f-3d1e-05e137feca18@lca.pw>
 <20181220060303.38686-1-cai@lca.pw>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20181220060303.38686-1-cai@lca.pw>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu 20-12-18 01:03:03, Qian Cai wrote:
> When booting a system with "page_owner=on",
> 
> start_kernel
>   page_ext_init
>     invoke_init_callbacks
>       init_section_page_ext
>         init_page_owner
>           init_early_allocated_pages
>             init_zones_in_node
>               init_pages_in_zone
>                 lookup_page_ext
>                   page_to_nid
> 
> The issue here is that page_to_nid() will not work since some page
> flags have no node information until later in page_alloc_init_late() due
> to DEFERRED_STRUCT_PAGE_INIT. Hence, it could trigger an out-of-bounds
> access with an invalid nid.
> 
> [    8.666047] UBSAN: Undefined behaviour in ./include/linux/mm.h:1104:50
> [    8.672603] index 7 is out of range for type 'zone [5]'
> 
> Also, kernel will panic since flags were poisoned earlier with,
> 
> CONFIG_DEBUG_VM_PGFLAGS=y
> CONFIG_NODE_NOT_IN_PAGE_FLAGS=n
> 
> start_kernel
>   setup_arch
>     pagetable_init
>       paging_init
>         sparse_init
>           sparse_init_nid
>             memblock_alloc_try_nid_raw
> 
> Although later it tries to set page flags for pages in reserved bootmem
> regions,
> 
> mm_init
>   mem_init
>     memblock_free_all
>       free_low_memory_core_early
>         reserve_bootmem_region
> 
> there could still have some freed pages from the page allocator but yet
> to be initialized due to DEFERRED_STRUCT_PAGE_INIT. It have already been
> dealt with a bit in page_ext_init().

Is there any reason why we cannot postpone page_ext initialization to
after all the memory is initialized?
-- 
Michal Hocko
SUSE Labs