Home » Mailing list archives » linux-kernel » 2008 » May » 16

bootmem: Double freeing a PFN on nodes spanning other nodes

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Johannes Weiner <hannes@...>
To: Linux Kernel Mailing List <linux-kernel@...>
Cc: Linux MM Mailing List <linux-mm@...>
Subject: bootmem: Double freeing a PFN on nodes spanning other nodes
Date: Friday, May 16, 2008 - 6:30 pm

Hi,

When memory nodes overlap each other, the bootmem allocator is not aware
of this and might pass the same page twice to __free_pages_bootmem().

As I traced the code, this should result in bad_page() calls on every
boot but noone has yet reported something like this and I am wondering
why.

__free_pages_bootmem() boils down to either free_hot_cold_page() or
__free_one_page().  Either path should lead to setting the page private
or buddy:

free_hot_cold_page() sets ->private to the page block's migratetype (and
sets PG_private).

__free_one_page sets ->private to the page's order (and sets PG_private
and PG_buddy).

If a page is passed in twice, free_pages_check() should now warn (via
bad_page()) on the flags set above.

Am I missing something?  Thanks in advance.

	Hannes
--
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
bootmem: Double freeing a PFN on nodes spanning other nodes, Johannes Weiner, (Fri May 16, 6:30 pm)
Re: bootmem: Double freeing a PFN on nodes spanning other no..., KAMEZAWA Hiroyuki, (Sun May 18, 8:35 pm)
Re: bootmem: Double freeing a PFN on nodes spanning other no..., Johannes Weiner, (Sun May 18, 9:31 pm)