On Thu, Jan 05, 2023 at 01:21:43PM -0700, Keith Busch wrote:
> On Thu, Jan 05, 2023 at 04:06:11PM -0400, Jason Gunthorpe wrote:
> > On Thu, Jan 05, 2023 at 01:23:39PM +0200, Yishai Hadas wrote:
> > > When sg_alloc_append_table_from_pages() calls to pages_are_mergeable()
> > > in its 'sgt_append->prv' flow to check whether it can merge contiguous
> > > pages into the last SG, it passes the page arguments in the wrong order.
> > >
> > > The first parameter should be the next candidate page to be merged to
> > > the last page and not the opposite.
> > >
> > > The current code leads to a corrupted SG which resulted in OOPs and
> > > unexpected errors when non-contiguous pages are merged wrongly.
> > >
> > > Fix to pass the page parameters in the right order.
> > >
> > > Fixes: 1567b49d1a40 ("lib/scatterlist: add check when merging zone device pages")
> > > Signed-off-by: Yishai Hadas <yishaih@xxxxxxxxxx>
> > > ---
> > > lib/scatterlist.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > rdma is pretty much the only user of this API and this bug is causing
> > bad data corruption, so I'm going to take it to the rdma tree and send
> > it tomorrow.
> >
> > Which raises the question why the original patch was done at all,
> > nothing ever inputs pgmap pages into this function?
>
> This just takes any arbitrary user addresses, right? The user could
> provide addresses from mmap'ing pci resource files that resolve to pgmap
> pages.
No, it passes FOLL_LONGTERM and pin_user_pages will not return any pgmaps
in that case.
Jason
