From: Jerome Glisse <jglisse@redhat.com>
To: Reza Arbab <arbab@linux.vnet.ibm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] mm/device-public-memory: Fix edge case in _vm_normal_page()
Date: Fri, 22 Sep 2017 09:27:14 -0700 [thread overview]
Message-ID: <20170922162713.GA4144@redhat.com> (raw)
In-Reply-To: <1506092178-20351-1-git-send-email-arbab@linux.vnet.ibm.com>
On Fri, Sep 22, 2017 at 09:56:18AM -0500, Reza Arbab wrote:
> With device public pages at the end of my memory space, I'm getting
> output from _vm_normal_page():
>
> BUG: Bad page map in process migrate_pages pte:c0800001ffff0d06 pmd:f95d3000
> addr:00007fff89330000 vm_flags:00100073 anon_vma:c0000000fa899320 mapping: (null) index:7fff8933
> file: (null) fault: (null) mmap: (null) readpage: (null)
> CPU: 0 PID: 13963 Comm: migrate_pages Tainted: P B OE 4.14.0-rc1-wip #155
> Call Trace:
> [c0000000f965f910] [c00000000094d55c] dump_stack+0xb0/0xf4 (unreliable)
> [c0000000f965f950] [c0000000002b269c] print_bad_pte+0x28c/0x340
> [c0000000f965fa00] [c0000000002b59c0] _vm_normal_page+0xc0/0x140
> [c0000000f965fa20] [c0000000002b6e64] zap_pte_range+0x664/0xc10
> [c0000000f965fb00] [c0000000002b7858] unmap_page_range+0x318/0x670
> [c0000000f965fbd0] [c0000000002b8074] unmap_vmas+0x74/0xe0
> [c0000000f965fc20] [c0000000002c4a18] exit_mmap+0xe8/0x1f0
> [c0000000f965fce0] [c0000000000ecbdc] mmput+0xac/0x1f0
> [c0000000f965fd10] [c0000000000f62e8] do_exit+0x348/0xcd0
> [c0000000f965fdd0] [c0000000000f6d2c] do_group_exit+0x5c/0xf0
> [c0000000f965fe10] [c0000000000f6ddc] SyS_exit_group+0x1c/0x20
> [c0000000f965fe30] [c00000000000b184] system_call+0x58/0x6c
>
> The pfn causing this is the very last one. Correct the bounds check
> accordingly.
>
> Fixes: df6ad69838fc ("mm/device-public-memory: device memory cache coherent with CPU")
Reviewed-by: Jérôme Glisse <jglisse@redhat.com>
> Signed-off-by: Reza Arbab <arbab@linux.vnet.ibm.com>
> ---
> mm/memory.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/memory.c b/mm/memory.c
> index ec4e154..a728bed 100644
> --- a/mm/memory.c
> +++ b/mm/memory.c
> @@ -845,7 +845,7 @@ struct page *_vm_normal_page(struct vm_area_struct *vma, unsigned long addr,
> * vm_normal_page() so that we do not have to special case all
> * call site of vm_normal_page().
> */
> - if (likely(pfn < highest_memmap_pfn)) {
> + if (likely(pfn <= highest_memmap_pfn)) {
> struct page *page = pfn_to_page(pfn);
>
> if (is_device_public_page(page)) {
> --
> 1.8.3.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Jerome Glisse <jglisse@redhat.com>
To: Reza Arbab <arbab@linux.vnet.ibm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] mm/device-public-memory: Fix edge case in _vm_normal_page()
Date: Fri, 22 Sep 2017 09:27:14 -0700 [thread overview]
Message-ID: <20170922162713.GA4144@redhat.com> (raw)
In-Reply-To: <1506092178-20351-1-git-send-email-arbab@linux.vnet.ibm.com>
On Fri, Sep 22, 2017 at 09:56:18AM -0500, Reza Arbab wrote:
> With device public pages at the end of my memory space, I'm getting
> output from _vm_normal_page():
>
> BUG: Bad page map in process migrate_pages pte:c0800001ffff0d06 pmd:f95d3000
> addr:00007fff89330000 vm_flags:00100073 anon_vma:c0000000fa899320 mapping: (null) index:7fff8933
> file: (null) fault: (null) mmap: (null) readpage: (null)
> CPU: 0 PID: 13963 Comm: migrate_pages Tainted: P B OE 4.14.0-rc1-wip #155
> Call Trace:
> [c0000000f965f910] [c00000000094d55c] dump_stack+0xb0/0xf4 (unreliable)
> [c0000000f965f950] [c0000000002b269c] print_bad_pte+0x28c/0x340
> [c0000000f965fa00] [c0000000002b59c0] _vm_normal_page+0xc0/0x140
> [c0000000f965fa20] [c0000000002b6e64] zap_pte_range+0x664/0xc10
> [c0000000f965fb00] [c0000000002b7858] unmap_page_range+0x318/0x670
> [c0000000f965fbd0] [c0000000002b8074] unmap_vmas+0x74/0xe0
> [c0000000f965fc20] [c0000000002c4a18] exit_mmap+0xe8/0x1f0
> [c0000000f965fce0] [c0000000000ecbdc] mmput+0xac/0x1f0
> [c0000000f965fd10] [c0000000000f62e8] do_exit+0x348/0xcd0
> [c0000000f965fdd0] [c0000000000f6d2c] do_group_exit+0x5c/0xf0
> [c0000000f965fe10] [c0000000000f6ddc] SyS_exit_group+0x1c/0x20
> [c0000000f965fe30] [c00000000000b184] system_call+0x58/0x6c
>
> The pfn causing this is the very last one. Correct the bounds check
> accordingly.
>
> Fixes: df6ad69838fc ("mm/device-public-memory: device memory cache coherent with CPU")
Reviewed-by: Jerome Glisse <jglisse@redhat.com>
> Signed-off-by: Reza Arbab <arbab@linux.vnet.ibm.com>
> ---
> mm/memory.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/memory.c b/mm/memory.c
> index ec4e154..a728bed 100644
> --- a/mm/memory.c
> +++ b/mm/memory.c
> @@ -845,7 +845,7 @@ struct page *_vm_normal_page(struct vm_area_struct *vma, unsigned long addr,
> * vm_normal_page() so that we do not have to special case all
> * call site of vm_normal_page().
> */
> - if (likely(pfn < highest_memmap_pfn)) {
> + if (likely(pfn <= highest_memmap_pfn)) {
> struct page *page = pfn_to_page(pfn);
>
> if (is_device_public_page(page)) {
> --
> 1.8.3.1
>
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2017-09-22 16:27 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-22 14:56 [PATCH] mm/device-public-memory: Fix edge case in _vm_normal_page() Reza Arbab
2017-09-22 14:56 ` Reza Arbab
2017-09-22 16:27 ` Jerome Glisse [this message]
2017-09-22 16:27 ` Jerome Glisse
2017-09-23 6:01 ` Balbir Singh
2017-09-23 6:01 ` Balbir Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170922162713.GA4144@redhat.com \
--to=jglisse@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=arbab@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.