From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Colin Ian King <colin.king@canonical.com>,
Andrew Morton <akpm@linux-foundation.org>,
Vladimir Davydov <vdavydov.dev@gmail.com>,
Michal Hocko <mhocko@suse.com>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Mel Gorman <mgorman@techsingularity.net>,
Stephen Rothwell <sfr@canb.auug.org.au>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: [PATCH 4.9 047/102] mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
Date: Mon, 8 Jul 2019 17:12:40 +0200 [thread overview]
Message-ID: <20190708150528.868725392@linuxfoundation.org> (raw)
In-Reply-To: <20190708150525.973820964@linuxfoundation.org>
From: Colin Ian King <colin.king@canonical.com>
commit 7298e3b0a149c91323b3205d325e942c3b3b9ef6 upstream.
Currently the calcuation of end_pfn can round up the pfn number to more
than the actual maximum number of pfns, causing an Oops. Fix this by
ensuring end_pfn is never more than max_pfn.
This can be easily triggered when on systems where the end_pfn gets
rounded up to more than max_pfn using the idle-page stress-ng stress test:
sudo stress-ng --idle-page 0
BUG: unable to handle kernel paging request at 00000000000020d8
#PF error: [normal kernel read fault]
PGD 0 P4D 0
Oops: 0000 [#1] SMP PTI
CPU: 1 PID: 11039 Comm: stress-ng-idle- Not tainted 5.0.0-5-generic #6-Ubuntu
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
RIP: 0010:page_idle_get_page+0xc8/0x1a0
Code: 0f b1 0a 75 7d 48 8b 03 48 89 c2 48 c1 e8 33 83 e0 07 48 c1 ea 36 48 8d 0c 40 4c 8d 24 88 49 c1 e4 07 4c 03 24 d5 00 89 c3 be <49> 8b 44 24 58 48 8d b8 80 a1 02 00 e8 07 d5 77 00 48 8b 53 08 48
RSP: 0018:ffffafd7c672fde8 EFLAGS: 00010202
RAX: 0000000000000005 RBX: ffffe36341fff700 RCX: 000000000000000f
RDX: 0000000000000284 RSI: 0000000000000275 RDI: 0000000001fff700
RBP: ffffafd7c672fe00 R08: ffffa0bc34056410 R09: 0000000000000276
R10: ffffa0bc754e9b40 R11: ffffa0bc330f6400 R12: 0000000000002080
R13: ffffe36341fff700 R14: 0000000000080000 R15: ffffa0bc330f6400
FS: 00007f0ec1ea5740(0000) GS:ffffa0bc7db00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000000020d8 CR3: 0000000077d68000 CR4: 00000000000006e0
Call Trace:
page_idle_bitmap_write+0x8c/0x140
sysfs_kf_bin_write+0x5c/0x70
kernfs_fop_write+0x12e/0x1b0
__vfs_write+0x1b/0x40
vfs_write+0xab/0x1b0
ksys_write+0x55/0xc0
__x64_sys_write+0x1a/0x20
do_syscall_64+0x5a/0x110
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Link: http://lkml.kernel.org/r/20190618124352.28307-1-colin.king@canonical.com
Fixes: 33c3fc71c8cf ("mm: introduce idle page tracking")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Acked-by: Vladimir Davydov <vdavydov.dev@gmail.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mike Rapoport <rppt@linux.vnet.ibm.com>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
mm/page_idle.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/mm/page_idle.c
+++ b/mm/page_idle.c
@@ -131,7 +131,7 @@ static ssize_t page_idle_bitmap_read(str
end_pfn = pfn + count * BITS_PER_BYTE;
if (end_pfn > max_pfn)
- end_pfn = ALIGN(max_pfn, BITMAP_CHUNK_BITS);
+ end_pfn = max_pfn;
for (; pfn < end_pfn; pfn++) {
bit = pfn % BITMAP_CHUNK_BITS;
@@ -176,7 +176,7 @@ static ssize_t page_idle_bitmap_write(st
end_pfn = pfn + count * BITS_PER_BYTE;
if (end_pfn > max_pfn)
- end_pfn = ALIGN(max_pfn, BITMAP_CHUNK_BITS);
+ end_pfn = max_pfn;
for (; pfn < end_pfn; pfn++) {
bit = pfn % BITMAP_CHUNK_BITS;
next prev parent reply other threads:[~2019-07-08 15:45 UTC|newest]
Thread overview: 109+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-08 15:11 [PATCH 4.9 000/102] 4.9.185-stable review Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 001/102] tracing: Silence GCC 9 array bounds warning Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 002/102] gcc-9: silence address-of-packed-member warning Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 003/102] scsi: ufs: Avoid runtime suspend possibly being blocked forever Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 004/102] usb: chipidea: udc: workaround for endpoint conflict issue Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 005/102] IB/hfi1: Silence txreq allocation warnings Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 006/102] Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 007/102] apparmor: enforce nullbyte at end of tag string Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 008/102] ARC: fix build warnings with !CONFIG_KPROBES Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 009/102] parport: Fix mem leak in parport_register_dev_model Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 010/102] parisc: Fix compiler warnings in float emulation code Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 011/102] IB/rdmavt: Fix alloc_qpn() WARN_ON() Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 012/102] IB/hfi1: Insure freeze_work work_struct is canceled on shutdown Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 013/102] IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 014/102] MIPS: uprobes: remove set but not used variable epc Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 015/102] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 016/102] net: hns: Fix loopback test failed at copper ports Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 017/102] sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 018/102] net: ethernet: mediatek: Use hw_feature to judge if HWLRO is supported Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 019/102] net: ethernet: mediatek: Use NET_IP_ALIGN to judge if HW RX_2BYTE_OFFSET is enabled Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 020/102] drm/arm/hdlcd: Allow a bit of clock tolerance Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 021/102] scripts/checkstack.pl: Fix arm64 wrong or unknown architecture Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 022/102] scsi: ufs: Check that space was properly alloced in copy_query_response Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 023/102] s390/qeth: fix VLAN attribute in bridge_hostnotify udev event Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 024/102] hwmon: (pmbus/core) Treat parameters as paged if on multiple pages Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 025/102] nvme: Fix u32 overflow in the number of namespace list calculation Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 026/102] btrfs: start readahead also in seed devices Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 027/102] can: flexcan: fix timeout when set small bitrate Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 028/102] can: purge socket error queue on sock destruct Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 029/102] powerpc/bpf: use unsigned division instruction for 64-bit operations Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 030/102] ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 031/102] Bluetooth: Align minimum encryption key size for LE and BR/EDR connections Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 032/102] Bluetooth: Fix regression with minimum encryption key size alignment Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 033/102] cfg80211: fix memory leak of wiphy device name Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 034/102] mac80211: drop robust management frames from unknown TA Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 035/102] mac80211: Do not use stack memory with scatterlist for GMAC Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 036/102] IB/hfi1: Avoid hardlockup with flushlist_lock Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 037/102] perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 038/102] perf help: Remove needless use of strncpy() Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 039/102] perf header: Fix unchecked usage " Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 040/102] 9p/rdma: do not disconnect on down_interruptible EAGAIN Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 041/102] 9p: acl: fix uninitialized iattr access Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 042/102] 9p/rdma: remove useless check in cm_event_handler Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 043/102] 9p: p9dirent_read: check network-provided name length Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 044/102] net/9p: include trans_common.h to fix missing prototype warning Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 045/102] fs/proc/array.c: allow reporting eip/esp for all coredumping threads Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 046/102] fs/binfmt_flat.c: make load_flat_shared_library() work Greg Kroah-Hartman
2019-07-08 15:12 ` Greg Kroah-Hartman [this message]
2019-07-08 15:12 ` [PATCH 4.9 048/102] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 049/102] x86/speculation: Allow guests to use SSBD even if host does not Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 050/102] NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 051/102] cpu/speculation: Warn on unsupported mitigations= parameter Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 052/102] af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 053/102] net: stmmac: fixed new system time seconds value calculation Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 054/102] sctp: change to hold sk after auth shkey is created successfully Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 055/102] tipc: change to use register_pernet_device Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 056/102] tipc: check msg->req data len in tipc_nl_compat_bearer_disable Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 057/102] tun: wake up waitqueues after IFF_UP is set Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 058/102] team: Always enable vlan tx offload Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 059/102] bonding: " Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 060/102] ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 061/102] net: check before dereferencing netdev_ops during busy poll Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 062/102] bpf: udp: Avoid calling reuseports bpf_prog from udp_gro Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 063/102] bpf: udp: ipv6: Avoid running reuseports bpf_prog from __udp6_lib_err Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 064/102] tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 065/102] Bluetooth: Fix faulty expression for minimum encryption key size check Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 066/102] ASoC : cs4265 : readable register too low Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 067/102] ASoC: soc-pcm: BE dai needs prepare when pause release after resume Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 068/102] spi: bitbang: Fix NULL pointer dereference in spi_unregister_master Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 069/102] drm/mediatek: fix unbind functions Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 070/102] ASoC: max98090: remove 24-bit format support if RJ is 0 Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 071/102] usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i] Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 072/102] usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 073/102] scsi: hpsa: correct ioaccel2 chaining Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 074/102] scripts/decode_stacktrace.sh: prefix addr2line with $CROSS_COMPILE Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 075/102] mm/mlock.c: change count_mm_mlocked_page_nr return type Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 076/102] MIPS: math-emu: do not use bools for arithmetic Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 077/102] MIPS: netlogic: xlr: Remove erroneous check in nlm_fmn_send() Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 078/102] mfd: omap-usb-tll: Fix register offsets Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 079/102] ARC: fix allnoconfig build warning Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 080/102] bug.h: work around GCC PR82365 in BUG() Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 081/102] ARC: handle gcc generated __builtin_trap for older compiler Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 082/102] clk: sunxi: fix uninitialized access Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 083/102] KVM: x86: degrade WARN to pr_warn_ratelimited Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 084/102] drm/i915/dmc: protect against reading random memory Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 085/102] MIPS: Workaround GCC __builtin_unreachable reordering bug Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 086/102] ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 087/102] crypto: user - prevent operating on larval algorithms Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 088/102] ALSA: seq: fix incorrect order of dest_client/dest_ports arguments Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 089/102] ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 090/102] ALSA: line6: Fix write on zero-sized buffer Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 091/102] ALSA: usb-audio: fix sign unintended sign extension on left shifts Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 092/102] lib/mpi: Fix karactx leak in mpi_powm Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 093/102] drm/imx: notify drm core before sending event during crtc disable Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 094/102] drm/imx: only send event on crtc disable if kept disabled Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 095/102] btrfs: Ensure replaced device doesnt have pending chunk allocation Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 096/102] tty: rocket: fix incorrect forward declaration of rp_init() Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 097/102] arm64, vdso: Define vdso_{start,end} as array Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 098/102] KVM: LAPIC: Fix pending interrupt in IRR blocked by software disable LAPIC Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 099/102] IB/hfi1: Close PSM sdma_progress sleep window Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 100/102] MIPS: Add missing EHB in mtc0 -> mfc0 sequence Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 101/102] dmaengine: imx-sdma: remove BD_INTR for channel0 Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 102/102] arm64: kaslr: keep modules inside module region when KASAN is enabled Greg Kroah-Hartman
2019-07-08 19:12 ` [PATCH 4.9 000/102] 4.9.185-stable review kernelci.org bot
2019-07-09 2:10 ` Naresh Kamboju
2019-07-09 2:27 ` shuah
2019-07-09 18:47 ` Guenter Roeck
2019-07-10 6:11 ` Jon Hunter
2019-07-10 6:11 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190708150528.868725392@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=aryabinin@virtuozzo.com \
--cc=colin.king@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mgorman@techsingularity.net \
--cc=mhocko@suse.com \
--cc=rppt@linux.vnet.ibm.com \
--cc=sfr@canb.auug.org.au \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=vdavydov.dev@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.