Re: [PATCH] mm/vmstat: fix overflow in mod_zone_page_state()

[Vlastimil Babka]

On 12/29/2015 01:07 PM, Heiko Carstens wrote:
> mod_zone_page_state() takes a "delta" integer argument. delta contains
> the number of pages that should be added or subtracted from a struct
> zone's vm_stat field.
>
> If a zone is larger than 8TB this will cause overflows. E.g. for a
> zone with a size slightly larger than 8TB the line
>
> 	mod_zone_page_state(zone, NR_ALLOC_BATCH, zone->managed_pages);
>
> in mm/page_alloc.c:free_area_init_core() will result in a negative
> result for the NR_ALLOC_BATCH entry within the zone's vm_stat, since
> 8TB contain 0x8xxxxxxx pages which will be sign extended to a negative
> value.
>
> Fix this by changing the delta argument to long type.
>
> This could fix an early boot problem seen on s390, where we have a 9TB
> system with only one node. ZONE_DMA contains 2GB and ZONE_NORMAL the
> rest. The system is trying to allocate a GFP_DMA page but ZONE_DMA is
> completely empty, so it tries to reclaim pages in an endless loop.
>
> This was seen on a heavily patched 3.10 kernel. One possible
> explaination seem to be the overflows caused by mod_zone_page_state().
> Unfortunately I did not have the chance to verify that this patch
> actually fixes the problem, since I don't have access to the system
> right now. However the overflow problem does exist anyway.
>
> Given the description that a system with slightly less than 8TB does
> work, this seems to be a candidate for the observed problem.
>
> Signed-off-by: Heiko Carstens <heiko.carstens@xxxxxxxxxx>

Acked-by: Vlastimil Babka <vbabka@xxxxxxx>

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/