On Mon, Jun 17, 2019 at 02:36:27PM +1000, Alastair D'Silva wrote: > From: Alastair D'Silva <[email protected]> > > If a memory section comes in where the physical address is greater than > that which is managed by the kernel, this function would not trigger the > bug and instead return a bogus section number. > > This patch tracks whether the section was actually found, and triggers the > bug if not. > > Signed-off-by: Alastair D'Silva <[email protected]> > --- > mm/sparse.c | 13 ++++++++----- > 1 file changed, 8 insertions(+), 5 deletions(-) > > diff --git a/mm/sparse.c b/mm/sparse.c > index fd13166949b5..104a79fedd00 100644 > --- a/mm/sparse.c > +++ b/mm/sparse.c > @@ -105,20 +105,23 @@ static inline int sparse_index_init(unsigned long > section_nr, int nid) > int __section_nr(struct mem_section* ms) > { > unsigned long root_nr; > - struct mem_section *root = NULL; > + struct mem_section *found = NULL; > + struct mem_section *root; > > for (root_nr = 0; root_nr < NR_SECTION_ROOTS; root_nr++) { > root = __nr_to_section(root_nr * SECTIONS_PER_ROOT); > if (!root) > continue; > > - if ((ms >= root) && (ms < (root + SECTIONS_PER_ROOT))) > - break; > + if ((ms >= root) && (ms < (root + SECTIONS_PER_ROOT))) { > + found = root; > + break; > + } > } > > - VM_BUG_ON(!root); > + VM_BUG_ON(!found);
Isn't it enough to check for root_nr == NR_SECTION_ROOTS? > > - return (root_nr * SECTIONS_PER_ROOT) + (ms - root); > + return (root_nr * SECTIONS_PER_ROOT) + (ms - found); It'll still return a bogus section number with CONFIG_DEBUG_VM=n > } > #else > int __section_nr(struct mem_section* ms) > -- > 2.21.0 > -- Sincerely yours, Mike.
