[patch 01/10] mm: bootmem: fix checking the bitmap when finally freeing bootmem

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

From: Johannes Weiner <hannes@cmpxchg.org>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Gavin Shan <shangw@linux.vnet.ibm.com>,
	David Miller <davem@davemloft.net>,
	Yinghai Lu <yinghai@kernel.org>, Tejun Heo <tj@kernel.org>,
	linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: [patch 01/10] mm: bootmem: fix checking the bitmap when finally freeing bootmem
Date: Mon,  7 May 2012 13:37:43 +0200	[thread overview]
Message-ID: <1336390672-14421-2-git-send-email-hannes@cmpxchg.org> (raw)
In-Reply-To: <1336390672-14421-1-git-send-email-hannes@cmpxchg.org>

From: Gavin Shan <shangw@linux.vnet.ibm.com>

When bootmem releases an unaligned chunk of memory at the beginning of
a node to the page allocator, it iterates from that unaligned PFN but
checks an aligned word of the page bitmap.  The checked bits do not
correspond to the PFNs and, as a result, reserved pages can be freed.

Properly shift the bitmap word so that the lowest bit corresponds to
the starting PFN before entering the freeing loop.

This bug has been around since 41546c1 "bootmem: clean up
free_all_bootmem_core" (2.6.27) without known reports.

Signed-off-by: Gavin Shan <shangw@linux.vnet.ibm.com>
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
---
 mm/bootmem.c |    1 +
 1 file changed, 1 insertion(+)

diff --git a/mm/bootmem.c b/mm/bootmem.c
index 0131170..67872fc 100644
--- a/mm/bootmem.c
+++ b/mm/bootmem.c
@@ -203,6 +203,7 @@ static unsigned long __init free_all_bootmem_core(bootmem_data_t *bdata)
 		} else {
 			unsigned long off = 0;
 
+			vec >>= start & (BITS_PER_LONG - 1);
 			while (vec && off < BITS_PER_LONG) {
 				if (vec & 1) {
 					page = pfn_to_page(start + off);
-- 
1.7.10

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

next prev parent reply	other threads:[~2012-05-07 11:38 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-05-07 11:37 [patch 00/10] (no)bootmem bits for 3.5 Johannes Weiner
2012-05-07 11:37 ` Johannes Weiner [this message]
2012-05-07 18:07   ` [patch 01/10] mm: bootmem: fix checking the bitmap when finally freeing bootmem Tejun Heo
2012-05-07 11:37 ` [patch 02/10] mm: bootmem: remove redundant offset check " Johannes Weiner
2012-05-07 18:08   ` Tejun Heo
2012-05-07 11:37 ` [patch 03/10] mm: bootmem: rename alloc_bootmem_core to alloc_bootmem_bdata Johannes Weiner
2012-05-07 11:37 ` [patch 04/10] mm: bootmem: split out goal-to-node mapping from goal dropping Johannes Weiner
2012-05-07 11:37 ` [patch 05/10] mm: bootmem: allocate in order node+goal, goal, node, anywhere Johannes Weiner
2012-05-07 11:37 ` [patch 06/10] mm: bootmem: unify allocation policy of (non-)panicking node allocations Johannes Weiner
2012-05-07 11:37 ` [patch 07/10] mm: nobootmem: panic on node-specific allocation failure Johannes Weiner
2012-05-07 19:17   ` Yinghai Lu
2012-05-07 11:37 ` [patch 08/10] mm: nobootmem: unify allocation policy of (non-)panicking node allocations Johannes Weiner
2012-05-07 19:23   ` Yinghai Lu
2012-05-07 11:37 ` [patch 09/10] mm: bootmem: pass pgdat instead of pgdat->bdata down the stack Johannes Weiner
2012-05-07 11:37 ` [patch 10/10] mm: remove sparsemem allocation details from the bootmem allocator Johannes Weiner
2012-05-07 18:19   ` Tejun Heo
2012-05-07 18:21     ` David Miller
2012-05-10 21:44   ` Andrew Morton
2012-05-15 11:47     ` Johannes Weiner
2012-05-07 20:41 ` [patch 00/10] (no)bootmem bits for 3.5 Sam Ravnborg
2012-05-07 22:01   ` Johannes Weiner
2012-05-08 17:57     ` Sam Ravnborg
2012-05-09 17:35       ` Tejun Heo
2012-05-09 17:54         ` Christoph Lameter
2012-05-09 18:08           ` Tejun Heo

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1336390672-14421-2-git-send-email-hannes@cmpxchg.org \
    --to=hannes@cmpxchg.org \
    --cc=akpm@linux-foundation.org \
    --cc=davem@davemloft.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=shangw@linux.vnet.ibm.com \
    --cc=tj@kernel.org \
    --cc=yinghai@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox