From: Ingo Molnar <mingo@kernel.org>
To: gldrk <me@rarity.fan>
Cc: Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
x86@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] x86/mm: Check return value from memblock_phys_alloc_range()
Date: Tue, 19 Nov 2024 12:14:18 +0100 [thread overview]
Message-ID: <ZzxzCk9LIPkFqcqK@gmail.com> (raw)
In-Reply-To: <94b3e98f-96a7-3560-1f76-349eb95ccf7f@rarity.fan>
* gldrk <me@rarity.fan> wrote:
> At least with CONFIG_PHYSICAL_START=0x100000, if there is < 4 MiB of contiguous
> free memory available at this point, the kernel will crash and burn because
> memblock_phys_alloc_range returns 0 on failure, which leads memblock_phys_free
> to throw the first 4 MiB of physical memory to the wolves. At a minimum it
> should fail gracefully with a meaningful diagnostic, but in fact everything
> seems to work fine without the weird reserve allocation.
>
> ---
> arch/x86/mm/init.c | 9 +++++++--
> 1 file changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c
> index eb503f5..3696770 100644
> --- a/arch/x86/mm/init.c
> +++ b/arch/x86/mm/init.c
> @@ -640,8 +640,13 @@ static void __init memory_map_top_down(unsigned long
> map_start,
> */
> addr = memblock_phys_alloc_range(PMD_SIZE, PMD_SIZE, map_start,
> map_end);
> - memblock_phys_free(addr, PMD_SIZE);
> - real_end = addr + PMD_SIZE;
> + if (unlikely(addr < map_start)) {
> + pr_warn("Failed to release memory for alloc_low_pages()");
> + real_end = ALIGN_DOWN(map_end, PMD_SIZE);
> + } else {
> + memblock_phys_free(addr, PMD_SIZE);
> + real_end = addr + PMD_SIZE;
> + }
Makes sense to fix this bug I suppose, but the usual error check
pattern for memblock_phys_alloc_range() failure would not be 'addr <
map_start' but !addr.
( If memblock_phys_alloc_range() succeeds but returns an address below
'map_start', that would be a different failure I guess. )
Also, no need to add the 'unlikely()' I suspect - this is early boot
code, micro-performance of branching is immaterial.
Just curious: what type of system has < 4 MiB of contiguous free memory
available in early boot? Or was it something intentionally constrained
via qemu?
Thanks,
Ingo
next prev parent reply other threads:[~2024-11-19 11:14 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-15 17:36 [PATCH] x86/mm: Check return value from memblock_phys_alloc_range() gldrk
2024-11-19 11:14 ` Ingo Molnar [this message]
2024-11-19 23:56 ` gldrk
2025-02-28 17:14 ` [tip: x86/mm] " tip-bot2 for Philip Redkin
2025-03-19 11:04 ` [tip: x86/core] " tip-bot2 for Philip Redkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZzxzCk9LIPkFqcqK@gmail.com \
--to=mingo@kernel.org \
--cc=dave.hansen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=me@rarity.fan \
--cc=peterz@infradead.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.