diff for duplicates of <570CABE3.4070404@suse.cz> diff --git a/a/1.txt b/N1/1.txt index aab599e..2f66805 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -11,3 +11,38 @@ Fix for: mm-compaction-wrap-calculating-first-and-last-pfn-of-pageblock.patch ----8<---- +>From 45330dfb350d6b3bc72bcdaccc226bcc286e1236 Mon Sep 17 00:00:00 2001 +From: Vlastimil Babka <vbabka@suse.cz> +Date: Tue, 12 Apr 2016 09:54:33 +0200 +Subject: [PATCH] mm, compaction: fix crash in get_pfnblock_flags_mask() from + isolate_freepages(): + +In isolate_freepages(), low_pfn was mistakenly initialized to +pageblock_start_pfn() instead of pageblock_end_pfn(), creating a possible +underflow, as described by Hugh: + + There's a case when that "block_start_pfn -= pageblock_nr_pages" loop can + pass through 0 and end up trying to access a pageblock before the start of + the mem_map[]. + +Reported-by: Hugh Dickins <hughd@google.com> +Signed-off-by: Vlastimil Babka <vbabka@suse.cz> +--- + mm/compaction.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/mm/compaction.c b/mm/compaction.c +index 315e5d57e7e9..67f886ecd773 100644 +--- a/mm/compaction.c ++++ b/mm/compaction.c +@@ -1012,7 +1012,7 @@ static void isolate_freepages(struct compact_control *cc) + block_start_pfn = pageblock_start_pfn(cc->free_pfn); + block_end_pfn = min(block_start_pfn + pageblock_nr_pages, + zone_end_pfn(zone)); +- low_pfn = pageblock_start_pfn(cc->migrate_pfn); ++ low_pfn = pageblock_end_pfn(cc->migrate_pfn); + + /* + * Isolate free pages until enough are available to migrate the +-- +2.8.1 diff --git a/a/content_digest b/N1/content_digest index 3da6bff..89ab803 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -22,6 +22,41 @@ "Fix for:\n" "mm-compaction-wrap-calculating-first-and-last-pfn-of-pageblock.patch\n" "\n" - ----8<---- + "----8<----\n" + ">From 45330dfb350d6b3bc72bcdaccc226bcc286e1236 Mon Sep 17 00:00:00 2001\n" + "From: Vlastimil Babka <vbabka@suse.cz>\n" + "Date: Tue, 12 Apr 2016 09:54:33 +0200\n" + "Subject: [PATCH] mm, compaction: fix crash in get_pfnblock_flags_mask() from\n" + " isolate_freepages():\n" + "\n" + "In isolate_freepages(), low_pfn was mistakenly initialized to\n" + "pageblock_start_pfn() instead of pageblock_end_pfn(), creating a possible\n" + "underflow, as described by Hugh:\n" + "\n" + " There's a case when that \"block_start_pfn -= pageblock_nr_pages\" loop can\n" + " pass through 0 and end up trying to access a pageblock before the start of\n" + " the mem_map[].\n" + "\n" + "Reported-by: Hugh Dickins <hughd@google.com>\n" + "Signed-off-by: Vlastimil Babka <vbabka@suse.cz>\n" + "---\n" + " mm/compaction.c | 2 +-\n" + " 1 file changed, 1 insertion(+), 1 deletion(-)\n" + "\n" + "diff --git a/mm/compaction.c b/mm/compaction.c\n" + "index 315e5d57e7e9..67f886ecd773 100644\n" + "--- a/mm/compaction.c\n" + "+++ b/mm/compaction.c\n" + "@@ -1012,7 +1012,7 @@ static void isolate_freepages(struct compact_control *cc)\n" + " \tblock_start_pfn = pageblock_start_pfn(cc->free_pfn);\n" + " \tblock_end_pfn = min(block_start_pfn + pageblock_nr_pages,\n" + " \t\t\t\t\t\tzone_end_pfn(zone));\n" + "-\tlow_pfn = pageblock_start_pfn(cc->migrate_pfn);\n" + "+\tlow_pfn = pageblock_end_pfn(cc->migrate_pfn);\n" + " \n" + " \t/*\n" + " \t * Isolate free pages until enough are available to migrate the\n" + "-- \n" + 2.8.1 -d3f1871b210ccdf11eb1b94df2c4dc0fcddae9548050133029184531b0d925e4 +39cf38c11e4029bc8a230f010f29d296a63d4466d736a485aebee346e7a9fe20
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.