From: Vlastimil Babka <vbabka@suse.cz>
To: Michal Hocko <mhocko@suse.com>
Cc: "Mike Rapoport" <rppt@kernel.org>, "Mel Gorman" <mgorman@suse.de>,
"David Hildenbrand" <david@redhat.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Andrea Arcangeli" <aarcange@redhat.com>,
"Baoquan He" <bhe@redhat.com>, "Borislav Petkov" <bp@alien8.de>,
"Chris Wilson" <chris@chris-wilson.co.uk>,
"H. Peter Anvin" <hpa@zytor.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Linus Torvalds" <torvalds@linux-foundation.org>,
"Łukasz Majczak" <lma@semihalf.com>,
"Mike Rapoport" <rppt@linux.ibm.com>, "Qian Cai" <cai@lca.pw>,
"Sarvela, Tomi P" <tomi.p.sarvela@intel.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
stable@vger.kernel.org, x86@kernel.org
Subject: Re: [PATCH v5 1/1] mm: refactor initialization of struct page for holes in memory layout
Date: Tue, 16 Feb 2021 17:39:12 +0100 [thread overview]
Message-ID: <caeebbcc-b6c9-624b-3eeb-591bf59f28a6@suse.cz> (raw)
In-Reply-To: <YCvEeWuU2tBUUNBG@dhcp22.suse.cz>
On 2/16/21 2:11 PM, Michal Hocko wrote:
> On Tue 16-02-21 13:34:56, Vlastimil Babka wrote:
>> On 2/16/21 12:01 PM, Mike Rapoport wrote:
>> >>
>> >> I do understand that. And I am not objecting to the patch. I have to
>> >> confess I haven't digested it yet. Any changes to early memory
>> >> intialization have turned out to be subtle and corner cases only pop up
>> >> later. This is almost impossible to review just by reading the code.
>> >> That's why I am asking whether we want to address the specific VM_BUG_ON
>> >> first with something much less tricky and actually reviewable. And
>> >> that's why I am asking whether dropping the bug_on itself is safe to do
>> >> and use as a hot fix which should be easier to backport.
>> >
>> > I can't say I'm familiar enough with migration and compaction code to say
>> > if it's ok to remove that bug_on. It does point to inconsistency in the
>> > memmap, but probably it's not important.
>>
>> On closer look, removing the VM_BUG_ON_PAGE() in set_pfnblock_flags_mask() is
>> not safe. If we violate the zone_spans_pfn condition, it means we will write
>> outside of the pageblock bitmap for the zone, and corrupt something.
>
> Isn't it enough that at least some pfn from the pageblock belongs to the
> zone in order to have the bitmap allocated for the whole page block
> (even if it partially belongs to a different zone)?
>
>> Actually
>> similar thing can happen in __get_pfnblock_flags_mask() where there's no
>> VM_BUG_ON, but there we can't corrupt memory. But we could theoretically fault
>> to do accessing some unmapped range?
>>
>> So the checks would have to become unconditional !DEBUG_VM and return instead of
>> causing a BUG. Or we could go back one level and add some checks to
>> fast_isolate_around() to detect a page from zone that doesn't match cc->zone.
>
> Thanks for looking deeper into that. This sounds like a much more
> targeted fix to me.
So, Andrea could you please check if this fixes the original
fast_isolate_around() issue for you? With the VM_BUG_ON not removed, DEBUG_VM
enabled, no changes to struct page initialization...
It relies on pageblock_pfn_to_page as the rest of the compaction code.
Thanks!
----8<----
From f5c8d7bc77d2ec0b4cfec44820ce6f602fdb3a86 Mon Sep 17 00:00:00 2001
From: Vlastimil Babka <vbabka@suse.cz>
Date: Tue, 16 Feb 2021 17:32:34 +0100
Subject: [PATCH] mm, compaction: make fast_isolate_around() robust against
pfns from a wrong zone
TBD
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
---
mm/compaction.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/mm/compaction.c b/mm/compaction.c
index 190ccdaa6c19..b75645e4678d 100644
--- a/mm/compaction.c
+++ b/mm/compaction.c
@@ -1288,7 +1288,7 @@ static void
fast_isolate_around(struct compact_control *cc, unsigned long pfn, unsigned long nr_isolated)
{
unsigned long start_pfn, end_pfn;
- struct page *page = pfn_to_page(pfn);
+ struct page *page;
/* Do not search around if there are enough pages already */
if (cc->nr_freepages >= cc->nr_migratepages)
@@ -1300,7 +1300,11 @@ fast_isolate_around(struct compact_control *cc, unsigned long pfn, unsigned long
/* Pageblock boundaries */
start_pfn = pageblock_start_pfn(pfn);
- end_pfn = min(pageblock_end_pfn(pfn), zone_end_pfn(cc->zone)) - 1;
+ end_pfn = min(pageblock_end_pfn(pfn), zone_end_pfn(cc->zone));
+
+ page = pageblock_pfn_to_page(start_pfn, end_pfn, cc->zone);
+ if (!page)
+ return;
/* Scan before */
if (start_pfn != pfn) {
@@ -1486,7 +1490,7 @@ fast_isolate_freepages(struct compact_control *cc)
}
cc->total_free_scanned += nr_scanned;
- if (!page)
+ if (!page || page_zone(page) != cc->zone)
return cc->free_pfn;
low_pfn = page_to_pfn(page);
--
2.30.0
next prev parent reply other threads:[~2021-02-16 16:40 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-08 11:08 [PATCH v5 1/1] mm: refactor initialization of struct page for holes in memory layout Mike Rapoport
2021-02-08 21:11 ` Andrew Morton
2021-02-08 21:25 ` Mike Rapoport
2021-02-12 9:55 ` David Hildenbrand
2021-02-12 9:56 ` David Hildenbrand
2021-02-12 10:11 ` Michal Hocko
2021-02-12 10:16 ` David Hildenbrand
2021-02-12 10:37 ` Michal Hocko
2021-02-14 17:29 ` Mike Rapoport
2021-02-15 8:45 ` David Hildenbrand
2021-02-16 11:13 ` Mike Rapoport
2021-02-12 10:33 ` Michal Hocko
2021-02-12 10:42 ` David Hildenbrand
2021-02-12 13:18 ` Michal Hocko
2021-02-14 18:00 ` Mike Rapoport
2021-02-15 9:00 ` Michal Hocko
2021-02-15 9:05 ` David Hildenbrand
2021-02-15 21:24 ` Mike Rapoport
2021-02-16 8:33 ` Michal Hocko
2021-02-16 11:01 ` Mike Rapoport
2021-02-16 11:39 ` Michal Hocko
2021-02-16 12:34 ` Vlastimil Babka
2021-02-16 12:59 ` Vlastimil Babka
2021-02-16 13:11 ` Michal Hocko
2021-02-16 16:39 ` Vlastimil Babka [this message]
2021-02-16 17:49 ` Mike Rapoport
2021-02-17 12:27 ` Vlastimil Babka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=caeebbcc-b6c9-624b-3eeb-591bf59f28a6@suse.cz \
--to=vbabka@suse.cz \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=cai@lca.pw \
--cc=chris@chris-wilson.co.uk \
--cc=david@redhat.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lma@semihalf.com \
--cc=mgorman@suse.de \
--cc=mhocko@suse.com \
--cc=mingo@redhat.com \
--cc=rppt@kernel.org \
--cc=rppt@linux.ibm.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=tomi.p.sarvela@intel.com \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).