[PATCH openEuler-20.03-LTS-SP1] mm/page_alloc: fix managed_pages of zone is incorrect and out of bounds
uniontech inclusion category: bugfix bugzilla: NA CVE: NA Commit eb761d6521c3 ("mm: parallelize deferred struct page initialization within each node") the code "++zone" in follow code: /* Sanity check that the next zone really is unpopulated */ WARN_ON(++zid < MAX_NR_ZONES && populated_zone(++zone)); VM_BUG_ON(nr_init != nr_free); zone->managed_pages += nr_free; makes the managed_pages statistics of the current zone incorrect and the zone may have out-of-bounds memory when CONFIG_DEFERRED_STRUCT_PAGE_INIT=y, causing the Virtual machine system startup to fail when the Virtual machine system current allocated memory is set to half of the Virtual machine maximum memory using virt-manager tool Fix it by putting the code “zone->managed_pages += nr_free;” before “++zone” code Fixes: eb761d6521c3 ("mm: parallelize deferred struct page initialization within each node") Reported-by: Peng Yuanbo <pengyuanbo@uniontech.com> Signed-off-by: Guo Hui <guohui@uniontech.com> --- mm/page_alloc.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mm/page_alloc.c b/mm/page_alloc.c index 0888870e3458..6bf3d4461430 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -1688,12 +1688,13 @@ static int __init deferred_init_memmap(void *data) nr_free += atomic64_read(&args.nr_pages); } - /* Sanity check that the next zone really is unpopulated */ - WARN_ON(++zid < MAX_NR_ZONES && populated_zone(++zone)); VM_BUG_ON(nr_init != nr_free); zone->managed_pages += nr_free; + /* Sanity check that the next zone really is unpopulated */ + WARN_ON(++zid < MAX_NR_ZONES && populated_zone(++zone)); + pr_info("node %d initialised, %lu pages in %ums\n", nid, nr_free, jiffies_to_msecs(jiffies - start)); -- 2.20.1
Hi,Guo Hui 首先非常感谢您参与 openEuler kernel 开发。 您的 PATCH 已经合入 openEuler-20.03,对应 commit 号如下: openEuler-1.0-LTS ce4cce2f893ab555ba8009bc1ba9394582428342 kernel-4.19 66dfb5b15d502a7c5fee251abc5945df4a6ec5cc 该问题已经提交 issue https://gitee.com/openeuler/kernel/issues/I3RFV8 如果您有什么信息要同步的,可以在 issue 里面更新, 或者联系 @成坚(gatieme) 最后 再次感谢您参与 openEuler,社区有您更精彩。 -- 谢谢 成坚(gatieme) On 2021/5/11 19:12, Guo Hui wrote:
uniontech inclusion category: bugfix bugzilla: NA CVE: NA
Commit eb761d6521c3 ("mm: parallelize deferred struct page initialization within each node") the code "++zone" in follow code: /* Sanity check that the next zone really is unpopulated */ WARN_ON(++zid < MAX_NR_ZONES && populated_zone(++zone)); VM_BUG_ON(nr_init != nr_free);
zone->managed_pages += nr_free;
makes the managed_pages statistics of the current zone incorrect and the zone may have out-of-bounds memory when CONFIG_DEFERRED_STRUCT_PAGE_INIT=y, causing the Virtual machine system startup to fail when the Virtual machine system current allocated memory is set to half of the Virtual machine maximum memory using virt-manager tool
Fix it by putting the code “zone->managed_pages += nr_free;” before “++zone” code
Fixes: eb761d6521c3 ("mm: parallelize deferred struct page initialization within each node") Reported-by: Peng Yuanbo <pengyuanbo@uniontech.com>
Signed-off-by: Guo Hui <guohui@uniontech.com> --- mm/page_alloc.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/mm/page_alloc.c b/mm/page_alloc.c index 0888870e3458..6bf3d4461430 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -1688,12 +1688,13 @@ static int __init deferred_init_memmap(void *data) nr_free += atomic64_read(&args.nr_pages); }
- /* Sanity check that the next zone really is unpopulated */ - WARN_ON(++zid < MAX_NR_ZONES && populated_zone(++zone)); VM_BUG_ON(nr_init != nr_free);
zone->managed_pages += nr_free;
+ /* Sanity check that the next zone really is unpopulated */ + WARN_ON(++zid < MAX_NR_ZONES && populated_zone(++zone)); + pr_info("node %d initialised, %lu pages in %ums\n", nid, nr_free, jiffies_to_msecs(jiffies - start));
participants (2)
-
chengjian (D) -
Guo Hui