Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1946262AbXBCCyG (ORCPT ); Fri, 2 Feb 2007 21:54:06 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1946209AbXBCCgg (ORCPT ); Fri, 2 Feb 2007 21:36:36 -0500 Received: from 216-99-217-87.dsl.aracnet.com ([216.99.217.87]:52671 "EHLO sous-sol.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1946238AbXBCCfs (ORCPT ); Fri, 2 Feb 2007 21:35:48 -0500 Message-Id: <20070203023803.713362000@sous-sol.org> References: <20070203023504.435051000@sous-sol.org> User-Agent: quilt/0.45-1 Date: Fri, 02 Feb 2007 18:35:07 -0800 From: Chris Wright To: linux-kernel@vger.kernel.org, stable@kernel.org Cc: Justin Forbes , Zwane Mwaikambo , "Theodore Ts'o" , Randy Dunlap , Dave Jones , Chuck Wolber , Chris Wedgwood , Michael Krufky , torvalds@linux-foundation.org, akpm@linux-foundation.org, alan@lxorguk.ukuu.org.uk, Andrew Morton , Christoph Lameter , Mauro Carvalho Chehab , Christoph Lameter , Linus Torvalds Subject: [patch 03/59] Check for populated zone in __drain_pages Content-Disposition: inline; filename=check-for-populated-zone-in-__drain_pages.patch Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2087 Lines: 54 -stable review patch. If anyone has any objections, please let us know. ------------------ From: Christoph Lameter Both process_zones() and drain_node_pages() check for populated zones before touching pagesets. However, __drain_pages does not do so, This may result in a NULL pointer dereference for pagesets in unpopulated zones if a NUMA setup is combined with cpu hotplug. Initially the unpopulated zone has the pcp pointers pointing to the boot pagesets. Since the zone is not populated the boot pageset pointers will not be changed during page allocator and slab bootstrap. If a cpu is later brought down (first call to __drain_pages()) then the pcp pointers for cpus in unpopulated zones are set to NULL since __drain_pages does not first check for an unpopulated zone. If the cpu is then brought up again then we call process_zones() which will ignore the unpopulated zone. So the pageset pointers will still be NULL. If the cpu is then again brought down then __drain_pages will attempt to drain pages by following the NULL pageset pointer for unpopulated zones. Signed-off-by: Christoph Lameter Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Chris Wright --- http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f2e12bb272f2544d1504f982270e90ae3dcc4ff2 mm/page_alloc.c | 3 +++ 1 file changed, 3 insertions(+) --- linux-2.6.19.2.orig/mm/page_alloc.c +++ linux-2.6.19.2/mm/page_alloc.c @@ -710,6 +710,9 @@ static void __drain_pages(unsigned int c for_each_zone(zone) { struct per_cpu_pageset *pset; + if (!populated_zone(zone)) + continue; + pset = zone_pcp(zone, cpu); for (i = 0; i < ARRAY_SIZE(pset->pcp); i++) { struct per_cpu_pages *pcp; -- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/