[PATCH v3] mm/page_isolation: guard against possible putback unisolated page

[PATCH v3] mm/page_isolation: guard against possible putback unisolated page

[Miaohe Lin]

Isolating a free page in an isolated pageblock is expected to always work
as watermarks don't apply here. But if __isolate_free_page() failed, due
to condition changes, the page will be left on the free list. And the page
will be put back to free list again via __putback_isolated_page(). This may
trigger VM_BUG_ON_PAGE() on page->flags checking in __free_one_page() if
PageReported is set. Or we will corrupt the free list because list_add()
will be called for pages already on another list. Add a VM_WARN_ON() to
complain about this change.

Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>
---
v1->v2:
  Add VM_WARN_ON to catch unexpected isolating failure.
v2->v3:
  Change the patch description+subject and remove Fixes.
---
 mm/page_isolation.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/mm/page_isolation.c b/mm/page_isolation.c
index f93cc63d8fa1..f67c4c70f17f 100644
--- a/mm/page_isolation.c
+++ b/mm/page_isolation.c
@@ -94,8 +94,13 @@ static void unset_migratetype_isolate(struct page *page, unsigned migratetype)
 			buddy = page + (buddy_pfn - pfn);
 
 			if (!is_migrate_isolate_page(buddy)) {
-				__isolate_free_page(page, order);
-				isolated_page = true;
+				isolated_page = !!__isolate_free_page(page, order);
+				/*
+				 * Isolating a free page in an isolated pageblock
+				 * is expected to always work as watermarks don't
+				 * apply here.
+				 */
+				VM_WARN_ON(!isolated_page);
 			}
 		}
 	}
-- 
2.23.0

Re: [PATCH v3] mm/page_isolation: guard against possible putback unisolated page

[David Hildenbrand]

On 14.09.21 13:45, Miaohe Lin wrote:
> Isolating a free page in an isolated pageblock is expected to always work
> as watermarks don't apply here. But if __isolate_free_page() failed, due
> to condition changes, the page will be left on the free list. And the page
> will be put back to free list again via __putback_isolated_page(). This may
> trigger VM_BUG_ON_PAGE() on page->flags checking in __free_one_page() if
> PageReported is set. Or we will corrupt the free list because list_add()
> will be called for pages already on another list. Add a VM_WARN_ON() to
> complain about this change.
> 
> Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>
> ---
> v1->v2:
>    Add VM_WARN_ON to catch unexpected isolating failure.
> v2->v3:
>    Change the patch description+subject and remove Fixes.
> ---
>   mm/page_isolation.c | 9 +++++++--
>   1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/mm/page_isolation.c b/mm/page_isolation.c
> index f93cc63d8fa1..f67c4c70f17f 100644
> --- a/mm/page_isolation.c
> +++ b/mm/page_isolation.c
> @@ -94,8 +94,13 @@ static void unset_migratetype_isolate(struct page *page, unsigned migratetype)
>   			buddy = page + (buddy_pfn - pfn);
>   
>   			if (!is_migrate_isolate_page(buddy)) {
> -				__isolate_free_page(page, order);
> -				isolated_page = true;
> +				isolated_page = !!__isolate_free_page(page, order);
> +				/*
> +				 * Isolating a free page in an isolated pageblock
> +				 * is expected to always work as watermarks don't
> +				 * apply here.
> +				 */
> +				VM_WARN_ON(!isolated_page);
>   			}
>   		}
>   	}
> 

Reviewed-by: David Hildenbrand <david@redhat.com>

-- 
Thanks,

David / dhildenb

Re: [PATCH v3] mm/page_isolation: guard against possible putback unisolated page

[Vlastimil Babka]

On 9/14/21 13:45, Miaohe Lin wrote:
> Isolating a free page in an isolated pageblock is expected to always work
> as watermarks don't apply here. But if __isolate_free_page() failed, due
> to condition changes, the page will be left on the free list. And the page
> will be put back to free list again via __putback_isolated_page(). This may
> trigger VM_BUG_ON_PAGE() on page->flags checking in __free_one_page() if
> PageReported is set. Or we will corrupt the free list because list_add()
> will be called for pages already on another list. Add a VM_WARN_ON() to
> complain about this change.
> 
> Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>

Acked-by: Vlastimil Babka <vbabka@suse.cz>

> ---
> v1->v2:
>   Add VM_WARN_ON to catch unexpected isolating failure.
> v2->v3:
>   Change the patch description+subject and remove Fixes.
> ---
>  mm/page_isolation.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/mm/page_isolation.c b/mm/page_isolation.c
> index f93cc63d8fa1..f67c4c70f17f 100644
> --- a/mm/page_isolation.c
> +++ b/mm/page_isolation.c
> @@ -94,8 +94,13 @@ static void unset_migratetype_isolate(struct page *page, unsigned migratetype)
>  			buddy = page + (buddy_pfn - pfn);
>  
>  			if (!is_migrate_isolate_page(buddy)) {
> -				__isolate_free_page(page, order);
> -				isolated_page = true;
> +				isolated_page = !!__isolate_free_page(page, order);
> +				/*
> +				 * Isolating a free page in an isolated pageblock
> +				 * is expected to always work as watermarks don't
> +				 * apply here.
> +				 */
> +				VM_WARN_ON(!isolated_page);
>  			}
>  		}
>  	}
> 

Re: [PATCH v3] mm/page_isolation: guard against possible putback unisolated page

[Andrew Morton]

On Tue, 14 Sep 2021 19:45:08 +0800 Miaohe Lin <linmiaohe@huawei.com> wrote:

> Isolating a free page in an isolated pageblock is expected to always work
> as watermarks don't apply here. But if __isolate_free_page() failed, due
> to condition changes, the page will be left on the free list. And the page
> will be put back to free list again via __putback_isolated_page(). This may
> trigger VM_BUG_ON_PAGE() on page->flags checking in __free_one_page() if
> PageReported is set. Or we will corrupt the free list because list_add()
> will be called for pages already on another list. Add a VM_WARN_ON() to
> complain about this change.

Are you able to identify a Fixes: here?

Is a cc:stable justified?

Re: [PATCH v3] mm/page_isolation: guard against possible putback unisolated page

[Miaohe Lin]

On 2021/9/15 10:09, Andrew Morton wrote:
> On Tue, 14 Sep 2021 19:45:08 +0800 Miaohe Lin <linmiaohe@huawei.com> wrote:
> 
>> Isolating a free page in an isolated pageblock is expected to always work
>> as watermarks don't apply here. But if __isolate_free_page() failed, due
>> to condition changes, the page will be left on the free list. And the page
>> will be put back to free list again via __putback_isolated_page(). This may
>> trigger VM_BUG_ON_PAGE() on page->flags checking in __free_one_page() if
>> PageReported is set. Or we will corrupt the free list because list_add()
>> will be called for pages already on another list. Add a VM_WARN_ON() to
>> complain about this change.
> 
> Are you able to identify a Fixes: here?
> 

Sure, this should be "Fixes: 3c605096d315 ("mm/page_alloc: restrict max order of merging on isolated pageblock")."

> Is a cc:stable justified?

I'm afraid not. As David pointed out,
""

In unset_migratetype_isolate() we check that is_migrate_isolate_page(page) holds, otherwise we return.

We call __isolate_free_page() only for such pages.

__isolate_free_page() won't perform watermark checks on is_migrate_isolate().

Consequently, __isolate_free_page() should never fail when called from unset_migratetype_isolate()


""

In a nutshell, __isolate_free_page can not fail here. So it is harmless now and doesn't worth cc:stable.

Please see https://www.spinics.net/lists/linux-mm/msg269434.html for detail.

Many thanks.

> .
>