From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 43D97C6FA86 for ; Fri, 9 Sep 2022 09:25:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E288E8D0009; Fri, 9 Sep 2022 05:25:31 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A8A6094000C; Fri, 9 Sep 2022 05:25:31 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 842658D0008; Fri, 9 Sep 2022 05:25:31 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 581398D0002 for ; Fri, 9 Sep 2022 05:25:31 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 310E814095D for ; Fri, 9 Sep 2022 09:25:31 +0000 (UTC) X-FDA: 79892014062.12.58E0583 Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) by imf24.hostedemail.com (Postfix) with ESMTP id A46DE1800A7 for ; Fri, 9 Sep 2022 09:25:30 +0000 (UTC) Received: from canpemm500002.china.huawei.com (unknown [172.30.72.55]) by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4MP9TN6FrnzZcnt; Fri, 9 Sep 2022 17:20:56 +0800 (CST) Received: from huawei.com (10.175.124.27) by canpemm500002.china.huawei.com (7.192.104.244) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 9 Sep 2022 17:25:27 +0800 From: Miaohe Lin To: CC: , , , , Subject: [PATCH 06/16] mm/page_alloc: fix freeing static percpu memory Date: Fri, 9 Sep 2022 17:24:41 +0800 Message-ID: <20220909092451.24883-7-linmiaohe@huawei.com> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20220909092451.24883-1-linmiaohe@huawei.com> References: <20220909092451.24883-1-linmiaohe@huawei.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.175.124.27] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To canpemm500002.china.huawei.com (7.192.104.244) X-CFilter-Loop: Reflected ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=none; spf=pass (imf24.hostedemail.com: domain of linmiaohe@huawei.com designates 45.249.212.188 as permitted sender) smtp.mailfrom=linmiaohe@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662715530; a=rsa-sha256; cv=none; b=WCFcFUJcWW5/zMB+X9etjfDnY2R2z0G/UiRIvO5i+saNCxpMrcrDrC5v3yJ4z6IiKdAQKk yESVtVSHKgnzzb03le3UBoIzgAQv30LH3QTp/VGONKrIv+GdOug26Eh/dxcLORuKIpFHk2 MGgOVimWQrU/mYZ3GQz9Ek8ocL0lZ1s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1662715530; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9HYcUGaGK/rNI8r2JbsD0klLxs3ZEExzxOON574yzO4=; b=A5v3/PCtcOtiM8vxSHxvaeX8+5b9836ugMmcK/mihJYanq4w4qpvw2clbu2uhZsWgPhuSU FfMfgK1+woRhiV2h9rOo9cl2J8YJDJgThK1dHnicXHTo5w6ggu7Fh8QO2Ftp3jovrJf2tb 8yI8CDJLtEL9FUo2ZenVBgxQJhRPlFU= Authentication-Results: imf24.hostedemail.com; dkim=none; spf=pass (imf24.hostedemail.com: domain of linmiaohe@huawei.com designates 45.249.212.188 as permitted sender) smtp.mailfrom=linmiaohe@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com X-Stat-Signature: tq5eqcor5d6cukkks5zqbtfoe8qhxxdr X-Rspamd-Queue-Id: A46DE1800A7 X-Rspam-User: X-Rspamd-Server: rspam04 X-HE-Tag: 1662715530-229680 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The size of struct per_cpu_zonestat can be 0 on !SMP && !NUMA. In that case, zone->per_cpu_zonestats will always equal to boot_zonestats. But in zone_pcp_reset(), zone->per_cpu_zonestats is freed via free_percpu() directly without checking against boot_zonestats first. boot_zonestats will be released by free_percpu() unexpectedly. Fixes: 28f836b6777b ("mm/page_alloc: split per cpu page lists and zone stats") Signed-off-by: Miaohe Lin --- mm/page_alloc.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mm/page_alloc.c b/mm/page_alloc.c index 3497919f4ef5..a35ef385d906 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -9510,9 +9510,11 @@ void zone_pcp_reset(struct zone *zone) drain_zonestat(zone, pzstats); } free_percpu(zone->per_cpu_pageset); - free_percpu(zone->per_cpu_zonestats); zone->per_cpu_pageset = &boot_pageset; - zone->per_cpu_zonestats = &boot_zonestats; + if (zone->per_cpu_zonestats != &boot_zonestats) { + free_percpu(zone->per_cpu_zonestats); + zone->per_cpu_zonestats = &boot_zonestats; + } } } -- 2.23.0