Received: by 10.223.164.221 with SMTP id h29csp1739285wrb; Wed, 1 Nov 2017 23:34:38 -0700 (PDT) X-Google-Smtp-Source: ABhQp+Q6lhtFHDLf7CRzFajw99fvVvQG/kAeGqx7UFAzUSk24ElfhwoOe0GtH7zeBDhk2wOdokc3 X-Received: by 10.84.202.12 with SMTP id w12mr2168461pld.358.1509604478457; Wed, 01 Nov 2017 23:34:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1509604478; cv=none; d=google.com; s=arc-20160816; b=miwX8O/g5MIO+lCNCfakdBHCgiEt3F2G90ebvoaq/i4neJ8jvvSoNBDNhEUGzelx7y hTGGLkSb7I/oJi7c4QNGiSSpgc36yFdaOa6UelUFneNXegHkKgaEuP8inb3md0QzCY99 o95xNuVuzSuBT6OUFV8AqJJJdJaF35TkpjfGOKU91d3iIpBvglbuIv5BLQXyym2pwCu7 KU3HG/2/lcO1zrLif29X7yaIKvkxaYjP8khz11moh362Z4c0YdLwvDR8hHo0AVfYxfH7 SESYOg3rdA30PtCWrL7Gv6vyxIILHyyK839mD4gVTGM88G0Zpji2tvYCU8MZzvNtRNbb R76A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:dlp-filter:cms-type:message-id :date:subject:cc:to:from:dkim-signature:dkim-filter :arc-authentication-results; bh=Awb3zB5vISAYV+3Bkz4tzKe7vOhja7phApWBIPFxc80=; b=pij3BftKPsjIiM5K3Xw6HNzf7tL9JjAf/ZmTrqZHAJBmYheKUqsDO2AMSUXGOq8jeX wJEbSxRUt8uqqiz1cnv5aki+VoJdeYTuTGc7P6LYTE0g+fforHsuKpZ3Y6HkfjrssECA WRala5azHxE+HRoAJA1YS3AQtbw2PMkXQp7K0s8Jypsqtaf0KMi6j/Tcc8vBkU/iX6oF gaVQeqtN9pKa2PfeeRaIzQ575WF+iOwan5wTTTFTSCarN7Wn8PnO78sZ38NCarmxb5d7 blVJNGPCKx3xWKGVWPf2SN2O/sVSnpW7xWVBk+RBpFlWdLiXTtxuWnexix3uT5oAb9d6 u2Cg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@samsung.com header.s=mail20170921 header.b=gqQ9aboc; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=samsung.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p66si2632579pga.805.2017.11.01.23.34.24; Wed, 01 Nov 2017 23:34:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@samsung.com header.s=mail20170921 header.b=gqQ9aboc; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=samsung.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755009AbdKBGdw (ORCPT + 99 others); Thu, 2 Nov 2017 02:33:52 -0400 Received: from mailout1.samsung.com ([203.254.224.24]:48350 "EHLO mailout1.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750836AbdKBGdu (ORCPT ); Thu, 2 Nov 2017 02:33:50 -0400 Received: from epcas1p2.samsung.com (unknown [182.195.41.46]) by mailout1.samsung.com (KnoxPortal) with ESMTP id 20171102063348epoutp01ef3d72306873667808d4d668d423e0bc~zMTrA8tFi2811328113epoutp01E; Thu, 2 Nov 2017 06:33:48 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 mailout1.samsung.com 20171102063348epoutp01ef3d72306873667808d4d668d423e0bc~zMTrA8tFi2811328113epoutp01E DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samsung.com; s=mail20170921; t=1509604428; bh=Awb3zB5vISAYV+3Bkz4tzKe7vOhja7phApWBIPFxc80=; h=From:To:Cc:Subject:Date:References:From; b=gqQ9abocFNm9Kt+IpGuOuT9WRmOL+AaQMYxSvmge+Qd+c2DspQ91IqKkACHobeg7U URy9lxq5VrushCW/OvlF5nZRSM0t3NYh2EDKuZKdrWHN4YNK9ma/QSLxxD9ebOEpDa Efg5ApG0rF7vfzPwJaBC/TttVqMWuiXv2V9syL/I= Received: from epsmges2p3.samsung.com (unknown [182.195.40.90]) by epcas1p3.samsung.com (KnoxPortal) with ESMTP id 20171102063348epcas1p31eb162094260822da0743006ca552f3b~zMTqwZ1xh1874518745epcas1p3E; Thu, 2 Nov 2017 06:33:48 +0000 (GMT) Received: from epcas2p2.samsung.com ( [182.195.41.54]) by epsmges2p3.samsung.com (Symantec Messaging Gateway) with SMTP id B3.70.04140.C4CBAF95; Thu, 2 Nov 2017 15:33:48 +0900 (KST) Received: from epsmgms2p2new.samsung.com (unknown [182.195.42.143]) by epcas2p2.samsung.com (KnoxPortal) with ESMTP id 20171102063347epcas2p2ce3e91597de3bf68e818130ea44ac769~zMTqey5-u0863108631epcas2p2R; Thu, 2 Nov 2017 06:33:47 +0000 (GMT) X-AuditID: b6c32a47-cefff7000000102c-53-59fabc4cac83 Received: from epmmp1.local.host ( [203.254.227.16]) by epsmgms2p2new.samsung.com (Symantec Messaging Gateway) with SMTP id 0F.56.03859.B4CBAF95; Thu, 2 Nov 2017 15:33:47 +0900 (KST) Received: from jaewon-linux.165.213.246.161 ([10.253.100.37]) by mmp1.samsung.com (Oracle Communications Messaging Server 7.0.5.31.0 64bit (built May 5 2014)) with ESMTPA id <0OYS00DAU2880X30@mmp1.samsung.com>; Thu, 02 Nov 2017 15:33:47 +0900 (KST) From: Jaewon Kim To: akpm@linux-foundation.org Cc: mhocko@suse.com, vbabka@suse.cz, minchan@kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, jaewon31.kim@gmail.com, Jaewon Kim Subject: [PATCH] mm: page_ext: allocate page extension though first PFN is invalid Date: Thu, 02 Nov 2017 15:35:07 +0900 Message-id: <20171102063507.25671-1-jaewon31.kim@samsung.com> X-Mailer: git-send-email 2.13.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrPKsWRmVeSWpSXmKPExsWy7bCmma7Pnl+RBkf6OCzmrF/DZtG9eSaj Re/7V0wWl3fNYbO4t+Y/q8X9PgeLZV/fs1vMbuxjdODw2DnrLrvHplWdbB6bPk1i9zgx4zeL R9+WVYwe67dcZfE4s+AIu8fnTXIBHFGpNhmpiSmpRQqpecn5KZl56bZK3sHxzvGmZgaGuoaW FuZKCnmJuam2Si4+AbpumTlAlykplCXmlAKFAhKLi5X07WyK8ktLUhUy8otLbJWiDQ2N9AwN zPWMjIz0TMxjrYxMgUoSUjN+vX7NWNCqWjFx22bGBsZOuS5GTg4JAROJnr/z2boYuTiEBHYw SjT+2coO4XxnlPjw4xEjTFX/8o1MILaQwG5GiQt3cyGK/jNKnPi+FizBJqAt8X7BJFYQW0RA VmLq3/MsIEXMAmsYJZ7sfgSWEBYIkZizdjoLiM0ioCrx/v8nMJtXwFZi0brnbBDb5CWu/OoH a5YQmMAmcfHkJhaIhIvExi2boIqEJV4d38IOYUtLPFu1kRGioZtRomfjeiaIRAeQ8yATwjaW +PT5M9g/zAJ8Eh2H/wI1cwDFeSU62oQgSjwkLq88DTXTUeLhw9usICVCArES39/ZTGCUXMDI sIpRLLWgODc9tdiowFivODG3uDQvXS85P3cTIzixaLnvYNx2zucQowAHoxIP7wH1X5FCrIll xZW5hxglOJiVRHiVVgGFeFMSK6tSi/Lji0pzUosPMZoCg2Mis5Rocj4w6eWVxBuaWBqYmJkZ mhuZGpgrifPWbbsWISSQnliSmp2aWpBaBNPHxMEp1cDYfDLrZ0Rb1NYdjj2av/qn3a/6kG9X KOZ7eM9JfW2Zy/U/zc4dWVgeHuIYW54+6d//hebVgprrF51pPxrGdNH1feeeBQ4neWwW7649 ofH5xClf+9l/aiZNKz/fFR657/zK79MSFNykfUyiM+70dq//4jj7RfbqMyGW3qv/TdxjYPLd rrK7X8JJiaU4I9FQi7moOBEAsmXlJkIDAAA= X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupgluLIzCtJLcpLzFFi42I5/e+xgK73nl+RBv9nmVnMWb+GzaJ780xG i973r5gsLu+aw2Zxb81/Vov7fQ4Wy76+Z7eY3djH6MDhsXPWXXaPTas62Tw2fZrE7nFixm8W j74tqxg91m+5yuJxZsERdo/Pm+QCOKK4bFJSczLLUov07RK4Mn69fs1Y0KpaMXHbZsYGxk65 LkZODgkBE4n+5RuZuhi5OIQEdjJKXOk9zQzhNDJJHFjYxwZSxSagLfF+wSRWEFtEQFZi6t/z LCBFzAJrGCXmN9xlAkkIC4RIzFk7nQXEZhFQlXj//xOYzStgK7Fo3XM2iHXyEld+9bNMYORa wMiwilEytaA4Nz232KjAKC+1XK84Mbe4NC9dLzk/dxMjMHy2Hdbq38H4eEn8IUYBDkYlHt4D 6r8ihVgTy4orcw8xSnAwK4nwKq0CCvGmJFZWpRblxxeV5qQWH2KU5mBREuflzz8WKSSQnliS mp2aWpBaBJNl4uCUamCsOaCwe6/EzpDNsiFaz5eurLuyaSq73/TORymn47YaSZpn+kkYGt98 qvds0YpA086UZUb5qudM0vhfT2A6c/HtZRWzX9rLRPmn1jS9KM9+pbXX5J2RflrG6Qr2i7uc 7nhZZfEtjZ5rV/qeu6b4xcfYgjUBsvGVkUn6Cee/zXZJcDVznCg+87ESS3FGoqEWc1FxIgBZ joUlGwIAAA== X-CMS-MailID: 20171102063347epcas2p2ce3e91597de3bf68e818130ea44ac769 X-Msg-Generator: CA CMS-TYPE: 102P DLP-Filter: Pass X-CFilter-Loop: Reflected X-CMS-RootMailID: 20171102063347epcas2p2ce3e91597de3bf68e818130ea44ac769 X-RootMTR: 20171102063347epcas2p2ce3e91597de3bf68e818130ea44ac769 References: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org online_page_ext and page_ext_init allocate page_ext for each section, but they do not allocate if the first PFN is !pfn_present(pfn) or !pfn_valid(pfn). Then section->page_ext remains as NULL. lookup_page_ext checks NULL only if CONFIG_DEBUG_VM is enabled. For a valid PFN, __set_page_owner will try to get page_ext through lookup_page_ext. Without CONFIG_DEBUG_VM lookup_page_ext will misuse NULL pointer as value 0. This incurrs invalid address access. This is the panic example when PFN 0x100000 is not valid but PFN 0x13FC00 is being used for page_ext. section->page_ext is NULL, get_entry returned invalid page_ext address as 0x1DFA000 for a PFN 0x13FC00. <1>[ 11.618085] Unable to handle kernel paging request at virtual address 01dfa014 <1>[ 11.618140] pgd = ffffffc0c6dc9000 <1>[ 11.618174] [01dfa014] *pgd=0000000000000000, *pud=0000000000000000 <4>[ 11.618240] ------------[ cut here ]------------ <2>[ 11.618278] Kernel BUG at ffffff80082371e0 [verbose debug info unavailable] <0>[ 11.618338] Internal error: Oops: 96000045 [#1] PREEMPT SMP <4>[ 11.618381] Modules linked in: <4>[ 11.618524] task: ffffffc0c6ec9180 task.stack: ffffffc0c6f40000 <4>[ 11.618569] PC is at __set_page_owner+0x48/0x78 <4>[ 11.618607] LR is at __set_page_owner+0x44/0x78 <4>[ 11.626025] [] __set_page_owner+0x48/0x78 <4>[ 11.626071] [] get_page_from_freelist+0x880/0x8e8 <4>[ 11.626118] [] __alloc_pages_nodemask+0x14c/0xc48 <4>[ 11.626165] [] __do_page_cache_readahead+0xdc/0x264 <4>[ 11.626214] [] filemap_fault+0x2ac/0x550 <4>[ 11.626259] [] ext4_filemap_fault+0x3c/0x58 <4>[ 11.626305] [] __do_fault+0x80/0x120 <4>[ 11.626347] [] handle_mm_fault+0x704/0xbb0 <4>[ 11.626393] [] do_page_fault+0x2e8/0x394 <4>[ 11.626437] [] do_mem_abort+0x88/0x124 Though the first page is not valid, page_ext could be useful for other pages in the section. But checking all PFNs in a section may be time consuming job. Let's check each (section count / 16) PFN, then prepare page_ext if any PFN is present or valid. And remove the CONFIG_DEBUG_VM in lookup_page_ext to avoid panic. Signed-off-by: Jaewon Kim --- mm/page_ext.c | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/mm/page_ext.c b/mm/page_ext.c index 32f18911deda..bf9c99beb312 100644 --- a/mm/page_ext.c +++ b/mm/page_ext.c @@ -124,7 +124,6 @@ struct page_ext *lookup_page_ext(struct page *page) struct page_ext *base; base = NODE_DATA(page_to_nid(page))->node_page_ext; -#if defined(CONFIG_DEBUG_VM) /* * The sanity checks the page allocator does upon freeing a * page can reach here before the page_ext arrays are @@ -133,7 +132,6 @@ struct page_ext *lookup_page_ext(struct page *page) */ if (unlikely(!base)) return NULL; -#endif index = pfn - round_down(node_start_pfn(page_to_nid(page)), MAX_ORDER_NR_PAGES); return get_entry(base, index); @@ -198,7 +196,6 @@ struct page_ext *lookup_page_ext(struct page *page) { unsigned long pfn = page_to_pfn(page); struct mem_section *section = __pfn_to_section(pfn); -#if defined(CONFIG_DEBUG_VM) /* * The sanity checks the page allocator does upon freeing a * page can reach here before the page_ext arrays are @@ -207,7 +204,6 @@ struct page_ext *lookup_page_ext(struct page *page) */ if (!section->page_ext) return NULL; -#endif return get_entry(section->page_ext, pfn); } @@ -312,7 +308,17 @@ static int __meminit online_page_ext(unsigned long start_pfn, } for (pfn = start; !fail && pfn < end; pfn += PAGES_PER_SECTION) { - if (!pfn_present(pfn)) + unsigned long t_pfn = pfn; + bool present = false; + + while (t_pfn < ALIGN(pfn + 1, PAGES_PER_SECTION)) { + if (pfn_present(t_pfn)) { + present = true; + break; + } + t_pfn = ALIGN(pfn + 1, PAGES_PER_SECTION >> 4); + } + if (!present) continue; fail = init_section_page_ext(pfn, nid); } @@ -391,8 +397,17 @@ void __init page_ext_init(void) */ for (pfn = start_pfn; pfn < end_pfn; pfn = ALIGN(pfn + 1, PAGES_PER_SECTION)) { - - if (!pfn_valid(pfn)) + unsigned long t_pfn = pfn; + bool valid = false; + + while (t_pfn < ALIGN(pfn + 1, PAGES_PER_SECTION)) { + if (pfn_valid(t_pfn)) { + valid = true; + break; + } + t_pfn = ALIGN(pfn + 1, PAGES_PER_SECTION >> 4); + } + if (!valid) continue; /* * Nodes's pfns can be overlapping. -- 2.13.0 From 1583363181267784184@xxx Mon Nov 06 23:59:59 +0000 2017 X-GM-THRID: 1583361813274704355 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread