From: Oscar Salvador <osalvador@techadventures.net>
To: Michal Hocko <mhocko@kernel.org>
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>,
linux-mm <linux-mm@kvack.org>,
linuxarm@huawei.com, Pavel Tatashin <pasha.tatashin@oracle.com>,
Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [PATCH] mm/memory_hotplug: Fix leftover use of struct page during hotplug
Date: Wed, 23 May 2018 15:54:03 +0200 [thread overview]
Message-ID: <20180523135403.GA30762@techadventures.net> (raw)
In-Reply-To: <20180510120200.GC5325@dhcp22.suse.cz>
On Thu, May 10, 2018 at 02:02:00PM +0200, Michal Hocko wrote:
> On Fri 04-05-18 17:50:51, Jonathan Cameron wrote:
> [...]
> > Exact path to the problem is as follows:
> >
> > mm/memory_hotplug.c : add_memory_resource
> > The node is not online so we enter the
> > if (new_node) twice, on the second such block there is a call to
> > link_mem_sections which calls into
> > drivers/node.c: link_mem_sections which calls
> > drivers/node.c: register_mem_sect_under_node which calls
> > get_nid_for_pfn and keeps trying until the output of that matches
> > the expected node (passed all the way down from add_memory_resource)
>
> I am sorry but I am still confused. Why don't we create sysfs files from
> __add_pages
> __add_section
> hotplug_memory_register
> register_mem_sect_under_node
IIUC the problem is that at the point we are calling register_mem_sect_under_node(),
pages are not initialized yet.
While walking the pfns in register_mem_sect_under_node(),
we might check for the node-id of the pfn if check_nid is true.
if (check_nid) {
page_nid = get_nid_for_pfn(pfn);
if (page_nid < 0)
continue;
if (page_nid != nid)
continue;
}
I think the problem is in:
get_nid_for_pfn()->pfn_to_nid()->page_to_nid()
static inline int page_to_nid(const struct page *page)
{
struct page *p = (struct page *)page;
return (PF_POISONED_CHECK(p)->flags >> NODES_PGSHIFT) & NODES_MASK;
}
We access a field of the page, but these are not initialiazed, so it can
contain anything.
Because of that we can just get a wrong id, making the loop to not pass the
below check.
if (check_nid) {
page_nid = get_nid_for_pfn(pfn);
if (page_nid < 0)
continue;
if (page_nid != nid)
continue;
}
create_sys_fs ...
and we do not carry on creating the sysfs.
Oscar Salvador
next prev parent reply other threads:[~2018-05-23 13:54 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-04 8:53 Jonathan Cameron
2018-05-04 13:00 ` Pavel Tatashin
2018-05-04 16:08 ` Michal Hocko
2018-05-04 16:50 ` Jonathan Cameron
2018-05-10 12:02 ` Michal Hocko
2018-05-22 12:56 ` Michal Hocko
2018-05-23 13:54 ` Oscar Salvador [this message]
2018-05-23 14:16 ` Michal Hocko
2018-05-23 14:31 ` Oscar Salvador
2018-05-23 14:17 ` Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180523135403.GA30762@techadventures.net \
--to=osalvador@techadventures.net \
--cc=Jonathan.Cameron@huawei.com \
--cc=akpm@linux-foundation.org \
--cc=linux-mm@kvack.org \
--cc=linuxarm@huawei.com \
--cc=mhocko@kernel.org \
--cc=pasha.tatashin@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox