Re: [PATCH] numa: fix slab_node(MPOL_BIND)

From: Linus Torvalds
Date: Thu Oct 28 2010 - 12:00:18 EST

Next message: Ingo Molnar: "Re: [PATCH -v3 0/8] ACPI, APEI patches for 2.6.37"
Previous message: Russell King - ARM Linux: "Re: [PATCH 1/8] staging: tidspbridge - remove req_addr fromproc_map"
In reply to: Eric Dumazet: "[PATCH] numa: fix slab_node(MPOL_BIND)"
Next in thread: Eric Dumazet: "Re: [PATCH] numa: fix slab_node(MPOL_BIND)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hmm. More people added to the discussion..

This code seems to go back all the way to commit 19770b32609b: "mm:
filter based on a nodemask as well as a gfp_mask". Which was back in
April 2008. and got merged into 2.6.26.

And I'd be happy to commit it (in fact, I was going to), but when
looking for other uses of first_zones_zonelist(), I found
local_memory_node() which does the exact same thing: ignore the return
value, and unconditionally dereference the resulting 'zone' variable.

And so does - although less obviously - mm/vmscan.c for the
wait_iff_confgested() thing.

So are those buggy too, since first_zones_zonelist() can apparently return NULL?

Please advise...

Linus

On Wed, Oct 27, 2010 at 10:33 AM, Eric Dumazet <eric.dumazet@xxxxxxxxx> wrote:
> Le mercredi 27 octobre 2010 à 18:07 +0200, Eric Dumazet a écrit :
>
>> So I tried following experiment :
>>
>> # swapoff
>> # numactl --membind=0 swapon -a
>> # grep swap /proc/vmallocinfo
>> 0xf9bf3000-0xf9cf4000 1052672 sys_swapon+0x4aa/0xb24 pages=256 vmalloc N0=256
>> # swapoff -a
>> # numactl --membind=1 swapon -a
>>
>> <<FREEZE>>
>>
>
> Crash in fact, not freeze, in slab_node()
>
> Problem is : we dereference a NULL zone pointer.
>
> (node 1 has HighMem only)
>
> Following patch seems to solve the problem for me
>
> # swapoff -a
> # numactl --membind=1 swapon -a
> # grep swap /proc/vmallocinfo
> 0xf9da5000-0xf9ea6000 1052672 sys_swapon+0x3f9/0xa34 pages=256 vmalloc N1=256
>
>
> Thanks
>
>
> [PATCH] numa: fix slab_node(MPOL_BIND)
>
> When a node contains only HighMem memory, slab_node(MPOL_BIND)
> dereferences a NULL pointer.
>
> Signed-off-by: Eric Dumazet <eric.dumazet@xxxxxxxxx>
> ---
> mm/mempolicy.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/mempolicy.c b/mm/mempolicy.c
> index 81a1276..4a57f13 100644
> --- a/mm/mempolicy.c
> +++ b/mm/mempolicy.c
> @@ -1597,7 +1597,7 @@ unsigned slab_node(struct mempolicy *policy)
> (void)first_zones_zonelist(zonelist, highest_zoneidx,
> &policy->v.nodes,
> &zone);
> - return zone->node;
> + return zone ? zone->node : numa_node_id();
> }
>
> default:
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [PATCH -v3 0/8] ACPI, APEI patches for 2.6.37"
Previous message: Russell King - ARM Linux: "Re: [PATCH 1/8] staging: tidspbridge - remove req_addr fromproc_map"
In reply to: Eric Dumazet: "[PATCH] numa: fix slab_node(MPOL_BIND)"
Next in thread: Eric Dumazet: "Re: [PATCH] numa: fix slab_node(MPOL_BIND)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]