From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Vlastimil Babka <vbabka@suse.cz>,
Mel Gorman <mgorman@techsingularity.net>,
Xishi Qiu <qiuxishi@huawei.com>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Sasha Levin <alexander.levin@verizon.com>
Subject: [PATCH 4.9 24/51] mm/memory_hotplug: set magic number to page->freelist instead of page->lru.next
Date: Thu, 19 Oct 2017 15:48:45 +0200 [thread overview]
Message-ID: <20171019134842.858821447@linuxfoundation.org> (raw)
In-Reply-To: <20171019134841.383925150@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Yasuaki Ishimatsu <yasu.isimatu@gmail.com>
[ Upstream commit ddffe98d166f4a93d996d5aa628fd745311fc1e7 ]
To identify that pages of page table are allocated from bootmem
allocator, magic number sets to page->lru.next.
But page->lru list is initialized in reserve_bootmem_region(). So when
calling free_pagetable(), the function cannot find the magic number of
pages. And free_pagetable() frees the pages by free_reserved_page() not
put_page_bootmem().
But if the pages are allocated from bootmem allocator and used as page
table, the pages have private flag. So before freeing the pages, we
should clear the private flag by put_page_bootmem().
Before applying the commit 7bfec6f47bb0 ("mm, page_alloc: check multiple
page fields with a single branch"), we could find the following visible
issue:
BUG: Bad page state in process kworker/u1024:1
page:ffffea103cfd8040 count:0 mapcount:0 mappi
flags: 0x6fffff80000800(private)
page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
bad because of flags: 0x800(private)
<snip>
Call Trace:
[...] dump_stack+0x63/0x87
[...] bad_page+0x114/0x130
[...] free_pages_prepare+0x299/0x2d0
[...] free_hot_cold_page+0x31/0x150
[...] __free_pages+0x25/0x30
[...] free_pagetable+0x6f/0xb4
[...] remove_pagetable+0x379/0x7ff
[...] vmemmap_free+0x10/0x20
[...] sparse_remove_one_section+0x149/0x180
[...] __remove_pages+0x2e9/0x4f0
[...] arch_remove_memory+0x63/0xc0
[...] remove_memory+0x8c/0xc0
[...] acpi_memory_device_remove+0x79/0xa5
[...] acpi_bus_trim+0x5a/0x8d
[...] acpi_bus_trim+0x38/0x8d
[...] acpi_device_hotplug+0x1b7/0x418
[...] acpi_hotplug_work_fn+0x1e/0x29
[...] process_one_work+0x152/0x400
[...] worker_thread+0x125/0x4b0
[...] kthread+0xd8/0xf0
[...] ret_from_fork+0x22/0x40
And the issue still silently occurs.
Until freeing the pages of page table allocated from bootmem allocator,
the page->freelist is never used. So the patch sets magic number to
page->freelist instead of page->lru.next.
[isimatu.yasuaki@jp.fujitsu.com: fix merge issue]
Link: http://lkml.kernel.org/r/722b1cc4-93ac-dd8b-2be2-7a7e313b3b0b@gmail.com
Link: http://lkml.kernel.org/r/2c29bd9f-5b67-02d0-18a3-8828e78bbb6f@gmail.com
Signed-off-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Xishi Qiu <qiuxishi@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/x86/mm/init_64.c | 2 +-
mm/memory_hotplug.c | 5 +++--
mm/sparse.c | 2 +-
3 files changed, 5 insertions(+), 4 deletions(-)
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -689,7 +689,7 @@ static void __meminit free_pagetable(str
if (PageReserved(page)) {
__ClearPageReserved(page);
- magic = (unsigned long)page->lru.next;
+ magic = (unsigned long)page->freelist;
if (magic == SECTION_INFO || magic == MIX_SECTION_INFO) {
while (nr_pages--)
put_page_bootmem(page++);
--- a/mm/memory_hotplug.c
+++ b/mm/memory_hotplug.c
@@ -179,7 +179,7 @@ static void release_memory_resource(stru
void get_page_bootmem(unsigned long info, struct page *page,
unsigned long type)
{
- page->lru.next = (struct list_head *) type;
+ page->freelist = (void *)type;
SetPagePrivate(page);
set_page_private(page, info);
page_ref_inc(page);
@@ -189,11 +189,12 @@ void put_page_bootmem(struct page *page)
{
unsigned long type;
- type = (unsigned long) page->lru.next;
+ type = (unsigned long) page->freelist;
BUG_ON(type < MEMORY_HOTPLUG_MIN_BOOTMEM_TYPE ||
type > MEMORY_HOTPLUG_MAX_BOOTMEM_TYPE);
if (page_ref_dec_return(page) == 1) {
+ page->freelist = NULL;
ClearPagePrivate(page);
set_page_private(page, 0);
INIT_LIST_HEAD(&page->lru);
--- a/mm/sparse.c
+++ b/mm/sparse.c
@@ -662,7 +662,7 @@ static void free_map_bootmem(struct page
>> PAGE_SHIFT;
for (i = 0; i < nr_pages; i++, page++) {
- magic = (unsigned long) page->lru.next;
+ magic = (unsigned long) page->freelist;
BUG_ON(magic == NODE_INFO);
next prev parent reply other threads:[~2017-10-19 13:50 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-19 13:48 [PATCH 4.9 00/51] 4.9.58-stable review Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 01/51] MIPS: Fix minimum alignment requirement of IRQ stack Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 02/51] Revert "bsg-lib: dont free job in bsg_prepare_job" Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 03/51] xen-netback: Use GFP_ATOMIC to allocate hash Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 05/51] watchdog: kempld: fix gcc-4.3 build Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 06/51] irqchip/crossbar: Fix incorrect type of local variables Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 07/51] initramfs: finish fput() before accessing any binary from initramfs Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 08/51] mac80211_hwsim: check HWSIM_ATTR_RADIO_NAME length Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 09/51] ALSA: hda: Add Geminilake HDMI codec ID Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 10/51] qed: Dont use attention PTT for configuring BW Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 11/51] mac80211: fix power saving clients handling in iwlwifi Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 12/51] net/mlx4_en: fix overflow in mlx4_en_init_timestamp() Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 13/51] staging: vchiq_2835_arm: Make cache-line-size a required DT property Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 14/51] netfilter: nf_ct_expect: Change __nf_ct_expect_check() return value Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 15/51] iio: adc: xilinx: Fix error handling Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 16/51] f2fs: do SSR for data when there is enough free space Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 17/51] sched/fair: Update rq clock before changing a tasks CPU affinity Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 18/51] Btrfs: send, fix failure to rename top level inode due to name collision Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 19/51] f2fs: do not wait for writeback in write_begin Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 20/51] md/linear: shutup lockdep warnning Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 21/51] sparc64: Migrate hvcons irq to panicked cpu Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 22/51] net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 23/51] crypto: xts - Add ECB dependency Greg Kroah-Hartman
2017-10-19 13:48 ` Greg Kroah-Hartman [this message]
2017-10-19 13:48 ` [PATCH 4.9 25/51] ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 26/51] slub: do not merge cache if slub_debug contains a never-merge flag Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 27/51] scsi: scsi_dh_emc: return success in clariion_std_inquiry() Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 28/51] ASoC: mediatek: add I2C dependency for CS42XX8 Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 30/51] net: mvpp2: release reference to txq_cpu[] entry after unmapping Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 31/51] qede: Prevent index problems in loopback test Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 32/51] qed: Reserve doorbell BAR space for present CPUs Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 33/51] qed: Read queue state before releasing buffer Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 34/51] i2c: at91: ensure state is restored after suspending Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 35/51] ceph: dont update_dentry_lease unless we actually got one Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 36/51] ceph: fix bogus endianness change in ceph_ioctl_set_layout Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 37/51] ceph: clean up unsafe d_parent accesses in build_dentry_path Greg Kroah-Hartman
2017-10-19 13:48 ` [PATCH 4.9 38/51] uapi: fix linux/rds.h userspace compilation errors Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 39/51] uapi: fix linux/mroute6.h " Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 40/51] IB/hfi1: Use static CTLE with Preset 6 for integrated HFIs Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 41/51] IB/hfi1: Allocate context data on memory node Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 42/51] target/iscsi: Fix unsolicited data seq_end_offset calculation Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 43/51] hrtimer: Catch invalid clockids again Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 44/51] nfsd/callback: Cleanup callback cred on shutdown Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 45/51] powerpc/perf: Add restrictions to PMC5 in power9 DD1 Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 46/51] drm/nouveau/gr/gf100-: fix ccache error logging Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 47/51] regulator: core: Resolve supplies before disabling unused regulators Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 48/51] btmrvl: avoid double-disable_irq() race Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 49/51] EDAC, mce_amd: Print IPID and Syndrome on a separate line Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 50/51] cpufreq: CPPC: add ACPI_PROCESSOR dependency Greg Kroah-Hartman
2017-10-19 13:49 ` [PATCH 4.9 51/51] usb: dwc3: gadget: Correct ISOC DATA PIDs for short packets Greg Kroah-Hartman
2017-10-19 22:18 ` [PATCH 4.9 00/51] 4.9.58-stable review Tom Gall
2017-10-20 6:28 ` Greg Kroah-Hartman
2017-10-20 13:12 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171019134842.858821447@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=alexander.levin@verizon.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=isimatu.yasuaki@jp.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mgorman@techsingularity.net \
--cc=mingo@redhat.com \
--cc=qiuxishi@huawei.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).