From: Ritesh Harjani (IBM) <ritesh.list@gmail.com>
To: Muchun Song <songmuchun@bytedance.com>,
Oscar Salvador <osalvador@suse.de>,
David Hildenbrand <david@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Madhavan Srinivasan <maddy@linux.ibm.com>,
Michael Ellerman <mpe@ellerman.id.au>
Cc: Muchun Song <muchun.song@linux.dev>,
Mike Rapoport <rppt@kernel.org>, Lorenzo Stoakes <ljs@kernel.org>,
"Liam R. Howlett" <liam@infradead.org>,
Vlastimil Babka <vbabka@kernel.org>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
Nicholas Piggin <npiggin@gmail.com>,
"Christophe Leroy (CS GROUP)" <chleroy@kernel.org>,
"Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org,
Mike Kravetz <mike.kravetz@oracle.com>,
Muchun Song <songmuchun@bytedance.com>
Subject: Re: [PATCH v3 03/19] powerpc/mm: Fix wrong addr_pfn tracking in compound vmemmap population
Date: Wed, 03 Jun 2026 20:06:35 +0530 [thread overview]
Message-ID: <a4tbwv0s.ritesh.list@gmail.com> (raw)
In-Reply-To: <20260602101039.1867613-4-songmuchun@bytedance.com>
Muchun Song <songmuchun@bytedance.com> writes:
> vmemmap_populate_compound_pages() uses addr_pfn to determine the PFN
> offset within a compound page and to decide whether the current
> vmemmap slot should be populated as a head page mapping or should reuse
> a tail page mapping.
>
> However, addr_pfn is advanced manually in parallel with addr. The loop
> itself progresses in vmemmap address space, so each PAGE_SIZE step in
> addr covers PAGE_SIZE / sizeof(struct page) struct page slots. Since
> addr_pfn is compared against nr_pages in data-PFN units, it should
> advance by the same number of PFNs. The existing manual increments do
> not match that and therefore do not reliably track the PFN
> corresponding to the current addr.
>
> As a result, pfn_offset can be computed from the wrong PFN and the code
> can make the head/tail decision for the wrong compound-page position.
>
> Fix this by deriving addr_pfn directly from the current vmemmap address
> instead of carrying it as loop state.
>
> Fixes: f2b79c0d7968 ("powerpc/book3s64/radix: add support for vmemmap optimization for radix")
> Signed-off-by: Muchun Song <songmuchun@bytedance.com>
> Acked-by: Oscar Salvador <osalvador@suse.de>
Thanks for fixing it. I guess this was not caught because section size
on powerpc is 16MB and with 64K pagesize we have 256 pfns to map. The
vmemmap size required for this is 256*sizeof(struct page) = 16KB which
is < 64K (pagesize). So basically we never loop in
vmemmap_populate_compound_page(), because
next = addr+PAGE_SIZE will be > end after the 1st iteration itself.
But I agree this is a bug which needs fixing and it can be easily caught
with 4K pagesize, where we have 4096 pfns to map within a 16MB section.
The change looks good to me. Can we please add stable tag too?
Cc: stable@kernel.org
Also, feel free to add:
Reviewed-by: Ritesh Harjani (IBM) <ritesh.list@gmail.com>
next prev parent reply other threads:[~2026-06-03 15:09 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-02 10:10 [PATCH v3 00/19] mm: Refactor bootmem gigantic hugepage allocation Muchun Song
2026-06-02 10:10 ` [PATCH v3 01/19] mm/hugetlb: Fix boot panic with CONFIG_DEBUG_VM and HVO bootmem pages Muchun Song
2026-06-02 10:10 ` [PATCH v3 02/19] mm/hugetlb_vmemmap: Fix __hugetlb_vmemmap_optimize_folios() Muchun Song
2026-06-02 10:10 ` [PATCH v3 03/19] powerpc/mm: Fix wrong addr_pfn tracking in compound vmemmap population Muchun Song
2026-06-03 14:36 ` Ritesh Harjani [this message]
2026-06-02 10:10 ` [PATCH v3 04/19] mm/hugetlb: Initialize gigantic bootmem hugepage struct pages earlier Muchun Song
2026-06-02 10:10 ` [PATCH v3 05/19] mm/mm_init: Simplify deferred_free_pages() migratetype init Muchun Song
2026-06-02 10:10 ` [PATCH v3 06/19] mm/sparse: Panic on memmap and usemap allocation failure Muchun Song
2026-06-02 10:10 ` [PATCH v3 07/19] mm/sparse: Move subsection_map_init() into sparse_init() Muchun Song
2026-06-02 10:10 ` [PATCH v3 08/19] mm/mm_init: Defer sparse_init() until after zone initialization Muchun Song
2026-06-02 10:10 ` [PATCH v3 09/19] mm/mm_init: Defer hugetlb reservation " Muchun Song
2026-06-02 10:10 ` [PATCH v3 10/19] mm/mm_init: Remove set_pageblock_order() call from sparse_init() Muchun Song
2026-06-02 10:10 ` [PATCH v3 11/19] mm/sparse: Move sparse_vmemmap_init_nid_late() into sparse_init_nid() Muchun Song
2026-06-02 10:10 ` [PATCH v3 12/19] mm/hugetlb_cma: Validate hugetlb CMA range by zone at reserve time Muchun Song
2026-06-02 10:10 ` [PATCH v3 13/19] mm/hugetlb: Refactor early boot gigantic hugepage allocation Muchun Song
2026-06-02 10:10 ` [PATCH v3 14/19] mm/hugetlb: Free cross-zone bootmem gigantic pages after allocation Muchun Song
2026-06-02 15:41 ` Mike Rapoport
2026-06-03 2:53 ` Muchun Song
2026-06-02 10:10 ` [PATCH v3 15/19] mm/hugetlb_vmemmap: Move bootmem HVO setup to early init Muchun Song
2026-06-02 15:41 ` Mike Rapoport
2026-06-03 2:42 ` Muchun Song
2026-06-03 12:02 ` Usama Arif
2026-06-03 12:24 ` Muchun Song
2026-06-03 12:35 ` Usama Arif
2026-06-02 10:10 ` [PATCH v3 16/19] mm/hugetlb: Remove obsolete bootmem cross-zone checks Muchun Song
2026-06-02 15:41 ` Mike Rapoport
2026-06-02 10:10 ` [PATCH v3 17/19] mm/sparse-vmemmap: Remove sparse_vmemmap_init_nid_late() Muchun Song
2026-06-02 15:41 ` Mike Rapoport
2026-06-02 10:10 ` [PATCH v3 18/19] mm/hugetlb: Remove unused bootmem cma field Muchun Song
2026-06-02 15:41 ` Mike Rapoport
2026-06-03 2:41 ` Muchun Song
2026-06-02 10:10 ` [PATCH v3 19/19] mm/mm_init: Fold __init_page_from_nid() into __init_deferred_page() Muchun Song
2026-06-02 14:46 ` Mike Rapoport
2026-06-02 15:41 ` Mike Rapoport
2026-06-03 2:39 ` Muchun Song
2026-06-02 10:34 ` [PATCH v3 00/19] mm: Refactor bootmem gigantic hugepage allocation Oscar Salvador (SUSE)
2026-06-02 12:01 ` Muchun Song
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a4tbwv0s.ritesh.list@gmail.com \
--to=ritesh.list@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=aneesh.kumar@linux.ibm.com \
--cc=chleroy@kernel.org \
--cc=david@kernel.org \
--cc=liam@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=ljs@kernel.org \
--cc=maddy@linux.ibm.com \
--cc=mike.kravetz@oracle.com \
--cc=mpe@ellerman.id.au \
--cc=muchun.song@linux.dev \
--cc=npiggin@gmail.com \
--cc=osalvador@suse.de \
--cc=rppt@kernel.org \
--cc=songmuchun@bytedance.com \
--cc=vbabka@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox