Skip to content

Commit 152d7bd

Browse files
djbwdjbw
committed
dax: fix __dax_pmd_fault crash
Since 4.3 introduced devm_memremap_pages() the pfns handled by DAX may optionally have a struct page backing. When a mapped pfn reaches vmf_insert_pfn_pmd() it fails with a crash signature like the following: kernel BUG at mm/huge_memory.c:905! [..] Call Trace: [<ffffffff812a73ba>] __dax_pmd_fault+0x2ea/0x5b0 [<ffffffffa01a4182>] xfs_filemap_pmd_fault+0x92/0x150 [xfs] [<ffffffff811fbe02>] handle_mm_fault+0x312/0x1b50 Fix this by falling back to 4K mappings in the pfn_valid() case. Longer term, vmf_insert_pfn_pmd() needs to grow support for architectures that can provide a 'pmd_special' capability. Cc: <stable@vger.kernel.org> Cc: Andrew Morton <akpm@linux-foundation.org> Reported-by: Ross Zwisler <ross.zwisler@linux.intel.com> Signed-off-by: Dan Williams <dan.j.williams@intel.com>
1 parent 8de5dff commit 152d7bd

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

fs/dax.c

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -627,6 +627,13 @@ int __dax_pmd_fault(struct vm_area_struct *vma, unsigned long address,
627627
if ((length < PMD_SIZE) || (pfn & PG_PMD_COLOUR))
628628
goto fallback;
629629

630+
/*
631+
* TODO: teach vmf_insert_pfn_pmd() to support
632+
* 'pte_special' for pmds
633+
*/
634+
if (pfn_valid(pfn))
635+
goto fallback;
636+
630637
if (buffer_unwritten(&bh) || buffer_new(&bh)) {
631638
int i;
632639
for (i = 0; i < PTRS_PER_PMD; i++)

0 commit comments

Comments
 (0)