Received: by 2002:ac0:950c:0:0:0:0:0 with SMTP id f12csp2290233imc; Tue, 12 Mar 2019 10:41:20 -0700 (PDT) X-Google-Smtp-Source: APXvYqw6Khm3ttF+0FnpfEcCib1lf31neLuf3DUNRWYu4r0YvxywSrO2Qg0YyD5ysPwmBEmp3eDc X-Received: by 2002:a17:902:586:: with SMTP id f6mr10848942plf.68.1552412480546; Tue, 12 Mar 2019 10:41:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552412480; cv=none; d=google.com; s=arc-20160816; b=Qyd8efp+SWD1owaDvZ5HEhlygFzAtIghKon9ixXhXFyvsaYU45uYqdSoQZBcO6S9YT mA5U2Um/1ZaNiAKJeD0OhH+tvm2kqtj15lwh0aCz47ESRed998Qkuqoz1wQbcQszhP79 3L8o0WwXNZfeDFsO4WS1v379S3iZzFsWPBYzVsUzPac+M/bJa9qZhqfACmdBS7t2CAb2 C0lsvgCm1YwZEUGQMj/USxd6hyhYvJZNV/+vSbsq8H3zCQ3g+RGwCTDpp/i2ZG3gBx5W PiCU/pP1kqQ1mw04+xpyFXTzeurzrYug09W6djv/wCFgbwXegNn0qASCmhEzItxRnY9w nPOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=PqprNLBXUEkvk4ZRGKjdYMSHH1TkQaGxwiPsK1gxvMY=; b=DaK9FsKURH3yssFNrm/zyJN0Cjh4WtyaEcUPYnpRoCKqBsUIf893EVBaS17++8nPHD EkqpcPCZJP9i9r+TtNUK/YkPMTt9KJgcPt6VmWVRXoFZXtmJEdN86d5e061I2M9Z8h+h ESDPIS1Zq6gQQ4t1Eec2yMS4JIOcSqzRD8fmTfyhujKHm7NCDipPuI4bUUctLd6CRA69 U+KJu/vt0HlYQbj4p8IHepJ27c75jtrLcwn2RLQmoURobhV3nxDTkYsvP07v61bLwTUF q+vw06avVQQcYyzfLZyJV7Vez9vIc97malHN1e3YTpI9YUZ1SpFGVR7xDxT1GNNBVMiF 0jmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=aNuq54Xr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c15si8491633pls.144.2019.03.12.10.41.04; Tue, 12 Mar 2019 10:41:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=aNuq54Xr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729436AbfCLRiy (ORCPT + 99 others); Tue, 12 Mar 2019 13:38:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:58544 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729137AbfCLRQ0 (ORCPT ); Tue, 12 Mar 2019 13:16:26 -0400 Received: from localhost (unknown [104.133.8.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 340842087C; Tue, 12 Mar 2019 17:16:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1552410986; bh=eGWkRknbF8T4dHs2N7IRbJJmV9BVpLxcNKK52eMrTCI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=aNuq54Xr9uXXsIMuBaNqX1hN9PtL1EcSoijNfadrxj6LN7VasFpRf14uYRkn+up62 Ryket7bs3bh6/4MsHo1pHZaDseEXFQVhUWpm7CRtUCxCj2JnIubW7hYNQ8e5dXhw2K GAauSwb9onODmfd40si90AbLEZ4hg5Fn/eQGBHPE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Michal Hocko , Mikhail Zaslonko , Gerald Schaefer , Mikhail Gavrilov , Oscar Salvador , Pavel Tatashin , Heiko Carstens , Martin Schwidefsky , Andrew Morton , Linus Torvalds , Sasha Levin Subject: [PATCH 4.14 081/135] mm, memory_hotplug: is_mem_section_removable do not pass the end of a zone Date: Tue, 12 Mar 2019 10:08:48 -0700 Message-Id: <20190312170348.640318024@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190312170341.127810985@linuxfoundation.org> References: <20190312170341.127810985@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ [ Upstream commit efad4e475c312456edb3c789d0996d12ed744c13 ] Patch series "mm, memory_hotplug: fix uninitialized pages fallouts", v2. Mikhail Zaslonko has posted fixes for the two bugs quite some time ago [1]. I have pushed back on those fixes because I believed that it is much better to plug the problem at the initialization time rather than play whack-a-mole all over the hotplug code and find all the places which expect the full memory section to be initialized. We have ended up with commit 2830bf6f05fb ("mm, memory_hotplug: initialize struct pages for the full memory section") merged and cause a regression [2][3]. The reason is that there might be memory layouts when two NUMA nodes share the same memory section so the merged fix is simply incorrect. In order to plug this hole we really have to be zone range aware in those handlers. I have split up the original patch into two. One is unchanged (patch 2) and I took a different approach for `removable' crash. [1] http://lkml.kernel.org/r/20181105150401.97287-2-zaslonko@linux.ibm.com [2] https://bugzilla.redhat.com/show_bug.cgi?id=1666948 [3] http://lkml.kernel.org/r/20190125163938.GA20411@dhcp22.suse.cz This patch (of 2): Mikhail has reported the following VM_BUG_ON triggered when reading sysfs removable state of a memory block: page:000003d08300c000 is uninitialized and poisoned page dumped because: VM_BUG_ON_PAGE(PagePoisoned(p)) Call Trace: is_mem_section_removable+0xb4/0x190 show_mem_removable+0x9a/0xd8 dev_attr_show+0x34/0x70 sysfs_kf_seq_show+0xc8/0x148 seq_read+0x204/0x480 __vfs_read+0x32/0x178 vfs_read+0x82/0x138 ksys_read+0x5a/0xb0 system_call+0xdc/0x2d8 Last Breaking-Event-Address: is_mem_section_removable+0xb4/0x190 Kernel panic - not syncing: Fatal exception: panic_on_oops The reason is that the memory block spans the zone boundary and we are stumbling over an unitialized struct page. Fix this by enforcing zone range in is_mem_section_removable so that we never run away from a zone. Link: http://lkml.kernel.org/r/20190128144506.15603-2-mhocko@kernel.org Signed-off-by: Michal Hocko Reported-by: Mikhail Zaslonko Debugged-by: Mikhail Zaslonko Tested-by: Gerald Schaefer Tested-by: Mikhail Gavrilov Reviewed-by: Oscar Salvador Cc: Pavel Tatashin Cc: Heiko Carstens Cc: Martin Schwidefsky Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Sasha Levin --- mm/memory_hotplug.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/memory_hotplug.c b/mm/memory_hotplug.c index c7c74a927d6f..39db89f3df65 100644 --- a/mm/memory_hotplug.c +++ b/mm/memory_hotplug.c @@ -1256,7 +1256,8 @@ static struct page *next_active_pageblock(struct page *page) bool is_mem_section_removable(unsigned long start_pfn, unsigned long nr_pages) { struct page *page = pfn_to_page(start_pfn); - struct page *end_page = page + nr_pages; + unsigned long end_pfn = min(start_pfn + nr_pages, zone_end_pfn(page_zone(page))); + struct page *end_page = pfn_to_page(end_pfn); /* Check the starting page of each pageblock within the range */ for (; page < end_page; page = next_active_pageblock(page)) { -- 2.19.1