From: "Kirill A. Shutemov" <kirill@shutemov.name>
To: Matthew Wilcox <willy@infradead.org>
Cc: John Hubbard <jhubbard@nvidia.com>,
Andrew Morton <akpm@linux-foundation.org>,
LKML <linux-kernel@vger.kernel.org>,
linux-mm@kvack.org, cai@lca.pw, rppt@linux.ibm.com,
vbabka@suse.cz, william.kucharski@oracle.com,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>
Subject: Re: [PATCH v2] mm, dump_page: do not crash with bad compound_mapcount()
Date: Fri, 7 Aug 2020 19:48:05 +0300 [thread overview]
Message-ID: <20200807164805.xm4ingj4crdiemol@box> (raw)
In-Reply-To: <20200807151029.GE17456@casper.infradead.org>
On Fri, Aug 07, 2020 at 04:10:29PM +0100, Matthew Wilcox wrote:
> On Fri, Aug 07, 2020 at 05:35:04PM +0300, Kirill A. Shutemov wrote:
> > On Tue, Aug 04, 2020 at 02:48:07PM -0700, John Hubbard wrote:
> > > If a compound page is being split while dump_page() is being run on that
> > > page, we can end up calling compound_mapcount() on a page that is no
> > > longer compound. This leads to a crash (already seen at least once in
> > > the field), due to the VM_BUG_ON_PAGE() assertion inside
> > > compound_mapcount().
>
> [...]
> > > +static inline int head_mapcount(struct page *head)
> > > +{
> >
> > Do we want VM_BUG_ON_PAGE(!PageHead(head), head) here?
>
> Well, no. That was the point of the bug report -- by the time we called
> compound_mapcount, the page was no longer a head page.
Right. VM_BUG_ON_PAGE(PageTail(head), head)?
> > > A similar problem is possible, via compound_pincount() instead of
> > > compound_mapcount().
> > >
> > > In order to avoid this kind of crash, make dump_page() slightly more
> > > robust, by providing a pair of simpler routines that don't contain
> > > assertions: head_mapcount() and head_pincount().
> >
> > I find naming misleading. head_mapcount() and head_pincount() sounds like
> > a mapcount/pincount of the head page, but it's not. It's mapcount and
> > pincount of the compound page.
>
> OK, point taken. I might go for head_compound_mapcount()? Or as I
> originally suggested, just opencoding it like we do in __page_mapcount().
I'm fine either way.
--
Kirill A. Shutemov
next prev parent reply other threads:[~2020-08-07 16:48 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-04 21:48 [PATCH v2] mm, dump_page: do not crash with bad compound_mapcount() John Hubbard
2020-08-06 11:45 ` Vlastimil Babka
2020-08-06 13:48 ` Matthew Wilcox
2020-08-06 15:13 ` Vlastimil Babka
2020-08-06 15:39 ` Matthew Wilcox
2020-08-06 15:53 ` Vlastimil Babka
2020-08-06 17:15 ` Matthew Wilcox
2020-08-07 14:53 ` Kirill A. Shutemov
2020-08-07 14:35 ` Kirill A. Shutemov
2020-08-07 15:10 ` Matthew Wilcox
2020-08-07 16:48 ` Kirill A. Shutemov [this message]
2020-08-07 18:33 ` [PATCH] mm, dump_page: rename head_mapcount() --> head_compound_mapcount() John Hubbard
2020-08-07 22:40 ` [PATCH v2] mm, dump_page: do not crash with bad compound_mapcount() John Hubbard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200807164805.xm4ingj4crdiemol@box \
--to=kirill@shutemov.name \
--cc=akpm@linux-foundation.org \
--cc=cai@lca.pw \
--cc=jhubbard@nvidia.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=rppt@linux.ibm.com \
--cc=vbabka@suse.cz \
--cc=william.kucharski@oracle.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.