> -----Original Message----- > From: owner-linux-mm@xxxxxxxxx [mailto:owner-linux-mm@xxxxxxxxx] On > Behalf Of Dexuan Cui > Sent: Tuesday, October 28, 2014 16:51 PM > To: dave.hansen@xxxxxxxxx; Rik van Riel; H. Peter Anvin > Cc: linux-kernel@xxxxxxxxxxxxxxx; linux-mm@xxxxxxxxx > Subject: RE: Does slow_virt_to_phys() work with vmalloc() in the case of > 32bit-PAE and 2MB page? > > > -----Original Message----- > > From: owner-linux-mm@xxxxxxxxx [mailto:owner-linux-mm@xxxxxxxxx] On > > Behalf Of Dexuan Cui > > Sent: Tuesday, October 28, 2014 15:08 PM > > To: Dave Hansen; Rik van Riel; H. Peter Anvin > > Cc: linux-kernel@xxxxxxxxxxxxxxx; linux-mm@xxxxxxxxx > > Subject: Does slow_virt_to_phys() work with vmalloc() in the case of 32bit- > > PAE and 2MB page? > > > > Hi all, > > I suspect slow_virt_to_phys() may not work with vmalloc() in > > the 32-bit PAE case(when the pa > 4GB), probably due to 2MB page(?) > > > > Is there any known issue with slow_virt_to_phys() + vmalloc() + > > 32-bit PAE + 2MB page? > > > > From what I read the code of slow_virt_to_phys(), the variable 'psize' is > > assigned with a value but not used at all -- is this a bug? > After reading through the code, I think there is no issue here, though the > assignment of 'psize' should be unnecessary, I think. Hi all, Finally it turns out there is a left-shift-overflow bug for 32-PAE here! pte_pfn() returns a PFN of long (32bits in 32-PAE), then "long << PAGE_SHIFT" will overflow for PFNs above 4GB. I'm going to post the below fix in another mail: @@ -409,7 +409,7 @@ phys_addr_t slow_virt_to_phys(void *__virt_addr) psize = page_level_size(level); pmask = page_level_mask(level); offset = virt_addr & ~pmask; - phys_addr = pte_pfn(*pte) << PAGE_SHIFT; + phys_addr = (phys_addr_t)pte_pfn(*pte) << PAGE_SHIFT; return (phys_addr | offset); } Thanks, -- Dexuan -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href