If doms_new is NULL, partition_sched_domains() will reset ndoms_cur
to 0, and free old sched domains with free_sched_domains(doms_cur, ndoms_cur).
As ndoms_cur is 0, the cpumask will not be freed.
Signed-off-by: Xiaotian Feng <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: [email protected]
---
kernel/sched/core.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index b7c32cb..3d6c57b 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6184,8 +6184,9 @@ match1:
;
}
+ n= ndoms_cur;
if (doms_new == NULL) {
- ndoms_cur = 0;
+ n = 0;
doms_new = &fallback_doms;
cpumask_andnot(doms_new[0], cpu_active_mask, cpu_isolated_map);
WARN_ON_ONCE(dattr_new);
@@ -6193,7 +6194,7 @@ match1:
/* Build new domains */
for (i = 0; i < ndoms_new; i++) {
- for (j = 0; j < ndoms_cur && !new_topology; j++) {
+ for (j = 0; j < n && !new_topology; j++) {
if (cpumask_equal(doms_new[i], doms_cur[j])
&& dattrs_equal(dattr_new, i, dattr_cur, j))
goto match2;
--
1.7.9.6 (Apple Git-31.1)
On Sat, Jul 27, 2013 at 3:26 PM, Xiaotian Feng <[email protected]> wrote:
> If doms_new is NULL, partition_sched_domains() will reset ndoms_cur
> to 0, and free old sched domains with free_sched_domains(doms_cur, ndoms_cur).
> As ndoms_cur is 0, the cpumask will not be freed.
>
> Signed-off-by: Xiaotian Feng <[email protected]>
> Cc: Ingo Molnar <[email protected]>
> Cc: Peter Zijlstra <[email protected]>
> Cc: [email protected]
Any comments? Cc'ed Rusty.
> ---
> kernel/sched/core.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index b7c32cb..3d6c57b 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -6184,8 +6184,9 @@ match1:
> ;
> }
>
> + n= ndoms_cur;
> if (doms_new == NULL) {
> - ndoms_cur = 0;
> + n = 0;
> doms_new = &fallback_doms;
> cpumask_andnot(doms_new[0], cpu_active_mask, cpu_isolated_map);
> WARN_ON_ONCE(dattr_new);
> @@ -6193,7 +6194,7 @@ match1:
>
> /* Build new domains */
> for (i = 0; i < ndoms_new; i++) {
> - for (j = 0; j < ndoms_cur && !new_topology; j++) {
> + for (j = 0; j < n && !new_topology; j++) {
> if (cpumask_equal(doms_new[i], doms_cur[j])
> && dattrs_equal(dattr_new, i, dattr_cur, j))
> goto match2;
> --
> 1.7.9.6 (Apple Git-31.1)
>
Xiaotian Feng <[email protected]> writes:
> On Sat, Jul 27, 2013 at 3:26 PM, Xiaotian Feng <[email protected]> wrote:
>> If doms_new is NULL, partition_sched_domains() will reset ndoms_cur
>> to 0, and free old sched domains with free_sched_domains(doms_cur, ndoms_cur).
>> As ndoms_cur is 0, the cpumask will not be freed.
>>
>> Signed-off-by: Xiaotian Feng <[email protected]>
>> Cc: Ingo Molnar <[email protected]>
>> Cc: Peter Zijlstra <[email protected]>
>> Cc: [email protected]
>
> Any comments? Cc'ed Rusty.
The code is a little convoluted, but your fix is logical.
>> ---
>> kernel/sched/core.c | 5 +++--
>> 1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
>> index b7c32cb..3d6c57b 100644
>> --- a/kernel/sched/core.c
>> +++ b/kernel/sched/core.c
>> @@ -6184,8 +6184,9 @@ match1:
>> ;
>> }
>>
>> + n= ndoms_cur;
You're missing a ' ' here:
n = ndoms_cur;
>> if (doms_new == NULL) {
>> - ndoms_cur = 0;
>> + n = 0;
>> doms_new = &fallback_doms;
>> cpumask_andnot(doms_new[0], cpu_active_mask, cpu_isolated_map);
>> WARN_ON_ONCE(dattr_new);
>> @@ -6193,7 +6194,7 @@ match1:
>>
>> /* Build new domains */
>> for (i = 0; i < ndoms_new; i++) {
>> - for (j = 0; j < ndoms_cur && !new_topology; j++) {
>> + for (j = 0; j < n && !new_topology; j++) {
>> if (cpumask_equal(doms_new[i], doms_cur[j])
>> && dattrs_equal(dattr_new, i, dattr_cur, j))
>> goto match2;
>> --
>> 1.7.9.6 (Apple Git-31.1)
>>
Cheers,
Rusty.
On Tue, Aug 6, 2013 at 12:37 PM, Rusty Russell <[email protected]> wrote:
> Xiaotian Feng <[email protected]> writes:
>> On Sat, Jul 27, 2013 at 3:26 PM, Xiaotian Feng <[email protected]> wrote:
>>> If doms_new is NULL, partition_sched_domains() will reset ndoms_cur
>>> to 0, and free old sched domains with free_sched_domains(doms_cur, ndoms_cur).
>>> As ndoms_cur is 0, the cpumask will not be freed.
>>>
>>> Signed-off-by: Xiaotian Feng <[email protected]>
>>> Cc: Ingo Molnar <[email protected]>
>>> Cc: Peter Zijlstra <[email protected]>
>>> Cc: [email protected]
>>
>> Any comments? Cc'ed Rusty.
>
> The code is a little convoluted, but your fix is logical.
>
Yes, it's quite convoluted :(
>>> ---
>>> kernel/sched/core.c | 5 +++--
>>> 1 file changed, 3 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
>>> index b7c32cb..3d6c57b 100644
>>> --- a/kernel/sched/core.c
>>> +++ b/kernel/sched/core.c
>>> @@ -6184,8 +6184,9 @@ match1:
>>> ;
>>> }
>>>
>>> + n= ndoms_cur;
>
> You're missing a ' ' here:
> n = ndoms_cur;
>
I'll update this, thanks :)
>>> if (doms_new == NULL) {
>>> - ndoms_cur = 0;
>>> + n = 0;
>>> doms_new = &fallback_doms;
>>> cpumask_andnot(doms_new[0], cpu_active_mask, cpu_isolated_map);
>>> WARN_ON_ONCE(dattr_new);
>>> @@ -6193,7 +6194,7 @@ match1:
>>>
>>> /* Build new domains */
>>> for (i = 0; i < ndoms_new; i++) {
>>> - for (j = 0; j < ndoms_cur && !new_topology; j++) {
>>> + for (j = 0; j < n && !new_topology; j++) {
>>> if (cpumask_equal(doms_new[i], doms_cur[j])
>>> && dattrs_equal(dattr_new, i, dattr_cur, j))
>>> goto match2;
>>> --
>>> 1.7.9.6 (Apple Git-31.1)
>>>
>
> Cheers,
> Rusty.
If doms_new is NULL, partition_sched_domains() will reset ndoms_cur
to 0, and free old sched domains with free_sched_domains(doms_cur, ndoms_cur).
As ndoms_cur is 0, the cpumask will not be freed.
Signed-off-by: Xiaotian Feng <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: Rusty Russell <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: [email protected]
---
kernel/sched/core.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index b7c32cb..3d6c57b 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6184,8 +6184,9 @@ match1:
;
}
+ n = ndoms_cur;
if (doms_new == NULL) {
- ndoms_cur = 0;
+ n = 0;
doms_new = &fallback_doms;
cpumask_andnot(doms_new[0], cpu_active_mask, cpu_isolated_map);
WARN_ON_ONCE(dattr_new);
@@ -6193,7 +6194,7 @@ match1:
/* Build new domains */
for (i = 0; i < ndoms_new; i++) {
- for (j = 0; j < ndoms_cur && !new_topology; j++) {
+ for (j = 0; j < n && !new_topology; j++) {
if (cpumask_equal(doms_new[i], doms_cur[j])
&& dattrs_equal(dattr_new, i, dattr_cur, j))
goto match2;
--
1.7.9.6 (Apple Git-31.1)
On Tue, Aug 6, 2013 at 8:06 PM, Xiaotian Feng <[email protected]> wrote:
> If doms_new is NULL, partition_sched_domains() will reset ndoms_cur
> to 0, and free old sched domains with free_sched_domains(doms_cur, ndoms_cur).
> As ndoms_cur is 0, the cpumask will not be freed.
>
> Signed-off-by: Xiaotian Feng <[email protected]>
> Cc: Ingo Molnar <[email protected]>
> Cc: Peter Zijlstra <[email protected]>
> Cc: Rusty Russell <[email protected]>
> Cc: Thomas Gleixner <[email protected]>
> Cc: [email protected]
Any comments on this patch? Without this patch, I can see following
with kmemleak.
unreferenced object 0xffff880118d26aa8 (size 512):
comm "swapper/0", pid 1, jiffies 4294892366 (age 287.736s)
hex dump (first 32 bytes):
0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff817350e6>] kmemleak_alloc+0x26/0x50
[<ffffffff811b92c6>] kmem_cache_alloc_node_trace+0x116/0x2d0
[<ffffffff8139e66f>] alloc_cpumask_var_node+0x1f/0x90
[<ffffffff8139e6ee>] alloc_cpumask_var+0xe/0x10
[<ffffffff810a328c>] alloc_sched_domains+0x5c/0x80
[<ffffffff81daf8c6>] sched_init_smp+0x365/0x47d
[<ffffffff81d8f01e>] kernel_init_freeable+0xe3/0x1ef
[<ffffffff81731b1e>] kernel_init+0xe/0xf0
[<ffffffff817543ac>] ret_from_fork+0x7c/0xb0
[<ffffffffffffffff>] 0xffffffffffffffff
> ---
> kernel/sched/core.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index b7c32cb..3d6c57b 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -6184,8 +6184,9 @@ match1:
> ;
> }
>
> + n = ndoms_cur;
> if (doms_new == NULL) {
> - ndoms_cur = 0;
> + n = 0;
> doms_new = &fallback_doms;
> cpumask_andnot(doms_new[0], cpu_active_mask, cpu_isolated_map);
> WARN_ON_ONCE(dattr_new);
> @@ -6193,7 +6194,7 @@ match1:
>
> /* Build new domains */
> for (i = 0; i < ndoms_new; i++) {
> - for (j = 0; j < ndoms_cur && !new_topology; j++) {
> + for (j = 0; j < n && !new_topology; j++) {
> if (cpumask_equal(doms_new[i], doms_cur[j])
> && dattrs_equal(dattr_new, i, dattr_cur, j))
> goto match2;
> --
> 1.7.9.6 (Apple Git-31.1)
>
On Tue, Aug 06, 2013 at 08:06:42PM +0800, Xiaotian Feng wrote:
> If doms_new is NULL, partition_sched_domains() will reset ndoms_cur
> to 0, and free old sched domains with free_sched_domains(doms_cur, ndoms_cur).
> As ndoms_cur is 0, the cpumask will not be freed.
>
> Signed-off-by: Xiaotian Feng <[email protected]>
> Cc: Ingo Molnar <[email protected]>
> Cc: Peter Zijlstra <[email protected]>
> Cc: Rusty Russell <[email protected]>
> Cc: Thomas Gleixner <[email protected]>
> Cc: [email protected]
Thanks!
Commit-ID: c8d2d47a9cbb4222ae4e993aa0e3703430c8193c
Gitweb: http://git.kernel.org/tip/c8d2d47a9cbb4222ae4e993aa0e3703430c8193c
Author: Xiaotian Feng <[email protected]>
AuthorDate: Tue, 6 Aug 2013 20:06:42 +0800
Committer: Ingo Molnar <[email protected]>
CommitDate: Fri, 16 Aug 2013 17:44:27 +0200
cpumask: Fix cpumask leak in partition_sched_domains()
If doms_new is NULL, partition_sched_domains() will reset ndoms_cur
to 0, and free old sched domains with free_sched_domains(doms_cur, ndoms_cur).
As ndoms_cur is 0, the cpumask will not be freed.
Signed-off-by: Xiaotian Feng <[email protected]>
Cc: Rusty Russell <[email protected]>
Cc: [email protected]
Signed-off-by: Peter Zijlstra <[email protected]>
Link: http://lkml.kernel.org/r/[email protected]
Signed-off-by: Ingo Molnar <[email protected]>
---
kernel/sched/core.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index b7415cf..cf8f100 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6184,8 +6184,9 @@ match1:
;
}
+ n = ndoms_cur;
if (doms_new == NULL) {
- ndoms_cur = 0;
+ n = 0;
doms_new = &fallback_doms;
cpumask_andnot(doms_new[0], cpu_active_mask, cpu_isolated_map);
WARN_ON_ONCE(dattr_new);
@@ -6193,7 +6194,7 @@ match1:
/* Build new domains */
for (i = 0; i < ndoms_new; i++) {
- for (j = 0; j < ndoms_cur && !new_topology; j++) {
+ for (j = 0; j < n && !new_topology; j++) {
if (cpumask_equal(doms_new[i], doms_cur[j])
&& dattrs_equal(dattr_new, i, dattr_cur, j))
goto match2;