Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp8356751imu; Fri, 28 Dec 2018 16:23:20 -0800 (PST) X-Google-Smtp-Source: ALg8bN5rxsSs3DXjR3cpuhy8SW06zwIW9PC29FDAucbQSEW664/0X9stLMBJmGCizTSaIighPYga X-Received: by 2002:a17:902:583:: with SMTP id f3mr30263924plf.202.1546043000020; Fri, 28 Dec 2018 16:23:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546042999; cv=none; d=google.com; s=arc-20160816; b=vbq7XYUlAz3aRYbNu4bJh3eYMsL6y4K1dOhSSnbGZf/vla4sZanyU57MkQkdkRqKyZ LK0sysAvsBke6kh77C1XRRtET320faOOQmoqdHNgWC3pdL/+ncIkl86IX2W78jR+I4kx XLeyznHJsTeVcYXYZfo21krYWdX1KE6WIILA6IPnl6TtUHw22LhzehWIbg7YQuTQcIkl E9XVtaqmA47xoZyjIUW0vLY/ozhU93LsFBTU7mL4Xu10sLRP+Ts3kJSucWAWBfLvb9ws HcT08FI+uCAyJ4L+PWnLn0dU7FMcIDWjgn82zIKereehxw/GuETaYE9D3k7Fq94vWGkR CnoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=XJcQ6SqOd7ySmWzpo5QXQurdTYc73sqmxoDMBmnk4w8=; b=XIzYYR2ma06yNy3ndIxn/hUPPBSIStkmBapNSD5zJWXMMSh0IOjR9SZ9JFFvlyS/DW zEnP3CuvPqhQfRRSvnwDeKdXuE94ADncWfVdVmmeUgRT+iz5T4N1FvdFl2svrMj9x4DI hDJkXgqYZq86+6yVKCXV9PFETL2IQiO32KCx4NtD3Vw3dtLC/Ht7Akqqbk00x2pY0n9D On26d0NW4ksSquTn5JFlE2ri1gy3+szAyr691ywIgSgsbNMFlQpq30U4LLZRzPeWu40g KL0bo/vaqfVw9cjRpttNY5CwX3BTT53Pn0mITlnBmwvx/C6zpneK/mC/sEwJEoC74yMQ rRtA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=xv50jDl1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j39si23325163plb.272.2018.12.28.16.23.04; Fri, 28 Dec 2018 16:23:19 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=xv50jDl1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729693AbeL1MWa (ORCPT + 99 others); Fri, 28 Dec 2018 07:22:30 -0500 Received: from mail.kernel.org ([198.145.29.99]:34342 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732296AbeL1MPT (ORCPT ); Fri, 28 Dec 2018 07:15:19 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id CEB142148E; Fri, 28 Dec 2018 12:15:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1545999318; bh=3yyD6OfFoBXnAX9nRh17ccyPROfLQFNvdhYSfZZ2oyY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=xv50jDl1FoS3bjtRIDKWaJfKiBJEib95T1GVju+BbGy0FTeefVoheTfffRzhW91E/ 7s5HxuI4dSSFqQX8DsVxk3jO+HS467B9RBSxXR4tOsGMZmXOY1gY/y17bie8Xlm0w8 4ReiZSIeTq/Vk812lRUf6vLJcQKQpfh834MwRosM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Oscar Salvador , Michal Hocko , David Hildenbrand , Vlastimil Babka , Pavel Tatashin , Mike Rapoport , Andrew Morton , Linus Torvalds Subject: [PATCH 4.19 42/46] mm, page_alloc: fix has_unmovable_pages for HugePages Date: Fri, 28 Dec 2018 12:52:36 +0100 Message-Id: <20181228113127.401931331@linuxfoundation.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20181228113124.971620049@linuxfoundation.org> References: <20181228113124.971620049@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: Oscar Salvador commit 17e2e7d7e1b83fa324b3f099bfe426659aa3c2a4 upstream. While playing with gigantic hugepages and memory_hotplug, I triggered the following #PF when "cat memoryX/removable": BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 #PF error: [normal kernel read fault] PGD 0 P4D 0 Oops: 0000 [#1] SMP PTI CPU: 1 PID: 1481 Comm: cat Tainted: G E 4.20.0-rc6-mm1-1-default+ #18 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 RIP: 0010:has_unmovable_pages+0x154/0x210 Call Trace: is_mem_section_removable+0x7d/0x100 removable_show+0x90/0xb0 dev_attr_show+0x1c/0x50 sysfs_kf_seq_show+0xca/0x1b0 seq_read+0x133/0x380 __vfs_read+0x26/0x180 vfs_read+0x89/0x140 ksys_read+0x42/0x90 do_syscall_64+0x5b/0x180 entry_SYSCALL_64_after_hwframe+0x44/0xa9 The reason is we do not pass the Head to page_hstate(), and so, the call to compound_order() in page_hstate() returns 0, so we end up checking all hstates's size to match PAGE_SIZE. Obviously, we do not find any hstate matching that size, and we return NULL. Then, we dereference that NULL pointer in hugepage_migration_supported() and we got the #PF from above. Fix that by getting the head page before calling page_hstate(). Also, since gigantic pages span several pageblocks, re-adjust the logic for skipping pages. While are it, we can also get rid of the round_up(). [osalvador@suse.de: remove round_up(), adjust skip pages logic per Michal] Link: http://lkml.kernel.org/r/20181221062809.31771-1-osalvador@suse.de Link: http://lkml.kernel.org/r/20181217225113.17864-1-osalvador@suse.de Signed-off-by: Oscar Salvador Acked-by: Michal Hocko Reviewed-by: David Hildenbrand Cc: Vlastimil Babka Cc: Pavel Tatashin Cc: Mike Rapoport Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- mm/page_alloc.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -7716,11 +7716,14 @@ bool has_unmovable_pages(struct zone *zo * handle each tail page individually in migration. */ if (PageHuge(page)) { + struct page *head = compound_head(page); + unsigned int skip_pages; - if (!hugepage_migration_supported(page_hstate(page))) + if (!hugepage_migration_supported(page_hstate(head))) goto unmovable; - iter = round_up(iter + 1, 1<