From: Michael Holzheu <[email protected]>
Subject: percpu: Fix rollback in pcpu_embed_first_chunk()
The "out_free_areas" rollback in pcpu_embed_first_chunk calls the
free_fn() function for all elements in area[]. This is not correct
because not all elements have been allocated.
To fix this we call free_fn() only for allocated elements.
Signed-off-by: Michael Holzheu <[email protected]>
---
diff --git a/mm/percpu.c b/mm/percpu.c
index f47af91..5a7f631 100644
--- a/mm/percpu.c
+++ b/mm/percpu.c
@@ -1692,9 +1692,9 @@ int __init pcpu_embed_first_chunk(size_t reserved_size, size_t dyn_size,
goto out_free;
out_free_areas:
- for (group = 0; group < ai->nr_groups; group++)
- free_fn(areas[group],
- ai->groups[group].nr_units * ai->unit_size);
+ for (;group > 0; group--)
+ free_fn(areas[group - 1],
+ ai->groups[group - 1].nr_units * ai->unit_size);
out_free:
pcpu_free_alloc_info(ai);
if (areas)
Hello,
On Wed, May 09, 2012 at 02:39:48PM +0200, Michael Holzheu wrote:
> From: Michael Holzheu <[email protected]>
> Subject: percpu: Fix rollback in pcpu_embed_first_chunk()
>
> The "out_free_areas" rollback in pcpu_embed_first_chunk calls the
> free_fn() function for all elements in area[]. This is not correct
> because not all elements have been allocated.
>
> To fix this we call free_fn() only for allocated elements.
There's already a pending fix which fixes this and another more
serious problem, which I forgot to push. I'll push it out today.
http://article.gmane.org/gmane.linux.kernel/1288808
Thanks.
--
tejun