From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Colin Ian King <colin.king@canonical.com>,
Andrew Morton <akpm@linux-foundation.org>,
Vladimir Davydov <vdavydov.dev@gmail.com>,
Michal Hocko <mhocko@suse.com>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Mel Gorman <mgorman@techsingularity.net>,
Stephen Rothwell <sfr@canb.auug.org.au>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: [PATCH 4.9 047/102] mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
Date: Mon, 8 Jul 2019 17:12:40 +0200 [thread overview]
Message-ID: <20190708150528.868725392@linuxfoundation.org> (raw)
In-Reply-To: <20190708150525.973820964@linuxfoundation.org>
From: Colin Ian King <colin.king@canonical.com>
commit 7298e3b0a149c91323b3205d325e942c3b3b9ef6 upstream.
Currently the calcuation of end_pfn can round up the pfn number to more
than the actual maximum number of pfns, causing an Oops. Fix this by
ensuring end_pfn is never more than max_pfn.
This can be easily triggered when on systems where the end_pfn gets
rounded up to more than max_pfn using the idle-page stress-ng stress test:
sudo stress-ng --idle-page 0
BUG: unable to handle kernel paging request at 00000000000020d8
#PF error: [normal kernel read fault]
PGD 0 P4D 0
Oops: 0000 [#1] SMP PTI
CPU: 1 PID: 11039 Comm: stress-ng-idle- Not tainted 5.0.0-5-generic #6-Ubuntu
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
RIP: 0010:page_idle_get_page+0xc8/0x1a0
Code: 0f b1 0a 75 7d 48 8b 03 48 89 c2 48 c1 e8 33 83 e0 07 48 c1 ea 36 48 8d 0c 40 4c 8d 24 88 49 c1 e4 07 4c 03 24 d5 00 89 c3 be <49> 8b 44 24 58 48 8d b8 80 a1 02 00 e8 07 d5 77 00 48 8b 53 08 48
RSP: 0018:ffffafd7c672fde8 EFLAGS: 00010202
RAX: 0000000000000005 RBX: ffffe36341fff700 RCX: 000000000000000f
RDX: 0000000000000284 RSI: 0000000000000275 RDI: 0000000001fff700
RBP: ffffafd7c672fe00 R08: ffffa0bc34056410 R09: 0000000000000276
R10: ffffa0bc754e9b40 R11: ffffa0bc330f6400 R12: 0000000000002080
R13: ffffe36341fff700 R14: 0000000000080000 R15: ffffa0bc330f6400
FS: 00007f0ec1ea5740(0000) GS:ffffa0bc7db00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000000020d8 CR3: 0000000077d68000 CR4: 00000000000006e0
Call Trace:
page_idle_bitmap_write+0x8c/0x140
sysfs_kf_bin_write+0x5c/0x70
kernfs_fop_write+0x12e/0x1b0
__vfs_write+0x1b/0x40
vfs_write+0xab/0x1b0
ksys_write+0x55/0xc0
__x64_sys_write+0x1a/0x20
do_syscall_64+0x5a/0x110
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Link: http://lkml.kernel.org/r/20190618124352.28307-1-colin.king@canonical.com
Fixes: 33c3fc71c8cf ("mm: introduce idle page tracking")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Acked-by: Vladimir Davydov <vdavydov.dev@gmail.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mike Rapoport <rppt@linux.vnet.ibm.com>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
mm/page_idle.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/mm/page_idle.c
+++ b/mm/page_idle.c
@@ -131,7 +131,7 @@ static ssize_t page_idle_bitmap_read(str
end_pfn = pfn + count * BITS_PER_BYTE;
if (end_pfn > max_pfn)
- end_pfn = ALIGN(max_pfn, BITMAP_CHUNK_BITS);
+ end_pfn = max_pfn;
for (; pfn < end_pfn; pfn++) {
bit = pfn % BITMAP_CHUNK_BITS;
@@ -176,7 +176,7 @@ static ssize_t page_idle_bitmap_write(st
end_pfn = pfn + count * BITS_PER_BYTE;
if (end_pfn > max_pfn)
- end_pfn = ALIGN(max_pfn, BITMAP_CHUNK_BITS);
+ end_pfn = max_pfn;
for (; pfn < end_pfn; pfn++) {
bit = pfn % BITMAP_CHUNK_BITS;
next prev parent reply other threads:[~2019-07-08 15:45 UTC|newest]
Thread overview: 108+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-08 15:11 [PATCH 4.9 000/102] 4.9.185-stable review Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 001/102] tracing: Silence GCC 9 array bounds warning Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 002/102] gcc-9: silence address-of-packed-member warning Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 003/102] scsi: ufs: Avoid runtime suspend possibly being blocked forever Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 004/102] usb: chipidea: udc: workaround for endpoint conflict issue Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 005/102] IB/hfi1: Silence txreq allocation warnings Greg Kroah-Hartman
2019-07-08 15:11 ` [PATCH 4.9 006/102] Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 007/102] apparmor: enforce nullbyte at end of tag string Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 008/102] ARC: fix build warnings with !CONFIG_KPROBES Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 009/102] parport: Fix mem leak in parport_register_dev_model Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 010/102] parisc: Fix compiler warnings in float emulation code Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 011/102] IB/rdmavt: Fix alloc_qpn() WARN_ON() Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 012/102] IB/hfi1: Insure freeze_work work_struct is canceled on shutdown Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 013/102] IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 014/102] MIPS: uprobes: remove set but not used variable epc Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 015/102] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0 Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 016/102] net: hns: Fix loopback test failed at copper ports Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 017/102] sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 018/102] net: ethernet: mediatek: Use hw_feature to judge if HWLRO is supported Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 019/102] net: ethernet: mediatek: Use NET_IP_ALIGN to judge if HW RX_2BYTE_OFFSET is enabled Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 020/102] drm/arm/hdlcd: Allow a bit of clock tolerance Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 021/102] scripts/checkstack.pl: Fix arm64 wrong or unknown architecture Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 022/102] scsi: ufs: Check that space was properly alloced in copy_query_response Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 023/102] s390/qeth: fix VLAN attribute in bridge_hostnotify udev event Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 024/102] hwmon: (pmbus/core) Treat parameters as paged if on multiple pages Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 025/102] nvme: Fix u32 overflow in the number of namespace list calculation Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 026/102] btrfs: start readahead also in seed devices Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 027/102] can: flexcan: fix timeout when set small bitrate Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 028/102] can: purge socket error queue on sock destruct Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 029/102] powerpc/bpf: use unsigned division instruction for 64-bit operations Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 030/102] ARM: imx: cpuidle-imx6sx: Restrict the SW2ISO increase to i.MX6SX Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 031/102] Bluetooth: Align minimum encryption key size for LE and BR/EDR connections Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 032/102] Bluetooth: Fix regression with minimum encryption key size alignment Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 033/102] cfg80211: fix memory leak of wiphy device name Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 034/102] mac80211: drop robust management frames from unknown TA Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 035/102] mac80211: Do not use stack memory with scatterlist for GMAC Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 036/102] IB/hfi1: Avoid hardlockup with flushlist_lock Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 037/102] perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 038/102] perf help: Remove needless use of strncpy() Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 039/102] perf header: Fix unchecked usage " Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 040/102] 9p/rdma: do not disconnect on down_interruptible EAGAIN Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 041/102] 9p: acl: fix uninitialized iattr access Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 042/102] 9p/rdma: remove useless check in cm_event_handler Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 043/102] 9p: p9dirent_read: check network-provided name length Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 044/102] net/9p: include trans_common.h to fix missing prototype warning Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 045/102] fs/proc/array.c: allow reporting eip/esp for all coredumping threads Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 046/102] fs/binfmt_flat.c: make load_flat_shared_library() work Greg Kroah-Hartman
2019-07-08 15:12 ` Greg Kroah-Hartman [this message]
2019-07-08 15:12 ` [PATCH 4.9 048/102] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 049/102] x86/speculation: Allow guests to use SSBD even if host does not Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 050/102] NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 051/102] cpu/speculation: Warn on unsupported mitigations= parameter Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 052/102] af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 053/102] net: stmmac: fixed new system time seconds value calculation Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 054/102] sctp: change to hold sk after auth shkey is created successfully Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 055/102] tipc: change to use register_pernet_device Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 056/102] tipc: check msg->req data len in tipc_nl_compat_bearer_disable Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 057/102] tun: wake up waitqueues after IFF_UP is set Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 058/102] team: Always enable vlan tx offload Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 059/102] bonding: " Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 060/102] ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 061/102] net: check before dereferencing netdev_ops during busy poll Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 062/102] bpf: udp: Avoid calling reuseports bpf_prog from udp_gro Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 063/102] bpf: udp: ipv6: Avoid running reuseports bpf_prog from __udp6_lib_err Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 064/102] tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 065/102] Bluetooth: Fix faulty expression for minimum encryption key size check Greg Kroah-Hartman
2019-07-08 15:12 ` [PATCH 4.9 066/102] ASoC : cs4265 : readable register too low Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 067/102] ASoC: soc-pcm: BE dai needs prepare when pause release after resume Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 068/102] spi: bitbang: Fix NULL pointer dereference in spi_unregister_master Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 069/102] drm/mediatek: fix unbind functions Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 070/102] ASoC: max98090: remove 24-bit format support if RJ is 0 Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 071/102] usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i] Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 072/102] usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 073/102] scsi: hpsa: correct ioaccel2 chaining Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 074/102] scripts/decode_stacktrace.sh: prefix addr2line with $CROSS_COMPILE Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 075/102] mm/mlock.c: change count_mm_mlocked_page_nr return type Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 076/102] MIPS: math-emu: do not use bools for arithmetic Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 077/102] MIPS: netlogic: xlr: Remove erroneous check in nlm_fmn_send() Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 078/102] mfd: omap-usb-tll: Fix register offsets Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 079/102] ARC: fix allnoconfig build warning Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 080/102] bug.h: work around GCC PR82365 in BUG() Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 081/102] ARC: handle gcc generated __builtin_trap for older compiler Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 082/102] clk: sunxi: fix uninitialized access Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 083/102] KVM: x86: degrade WARN to pr_warn_ratelimited Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 084/102] drm/i915/dmc: protect against reading random memory Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 085/102] MIPS: Workaround GCC __builtin_unreachable reordering bug Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 086/102] ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 087/102] crypto: user - prevent operating on larval algorithms Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 088/102] ALSA: seq: fix incorrect order of dest_client/dest_ports arguments Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 089/102] ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 090/102] ALSA: line6: Fix write on zero-sized buffer Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 091/102] ALSA: usb-audio: fix sign unintended sign extension on left shifts Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 092/102] lib/mpi: Fix karactx leak in mpi_powm Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 093/102] drm/imx: notify drm core before sending event during crtc disable Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 094/102] drm/imx: only send event on crtc disable if kept disabled Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 095/102] btrfs: Ensure replaced device doesnt have pending chunk allocation Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 096/102] tty: rocket: fix incorrect forward declaration of rp_init() Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 097/102] arm64, vdso: Define vdso_{start,end} as array Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 098/102] KVM: LAPIC: Fix pending interrupt in IRR blocked by software disable LAPIC Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 099/102] IB/hfi1: Close PSM sdma_progress sleep window Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 100/102] MIPS: Add missing EHB in mtc0 -> mfc0 sequence Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 101/102] dmaengine: imx-sdma: remove BD_INTR for channel0 Greg Kroah-Hartman
2019-07-08 15:13 ` [PATCH 4.9 102/102] arm64: kaslr: keep modules inside module region when KASAN is enabled Greg Kroah-Hartman
2019-07-08 19:12 ` [PATCH 4.9 000/102] 4.9.185-stable review kernelci.org bot
2019-07-09 2:10 ` Naresh Kamboju
2019-07-09 2:27 ` shuah
2019-07-09 18:47 ` Guenter Roeck
2019-07-10 6:11 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190708150528.868725392@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=aryabinin@virtuozzo.com \
--cc=colin.king@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mgorman@techsingularity.net \
--cc=mhocko@suse.com \
--cc=rppt@linux.vnet.ibm.com \
--cc=sfr@canb.auug.org.au \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=vdavydov.dev@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).