[patch 06/24] lmb: add lmb_alloc_nid()
David Miller
davem at davemloft.net
Tue Apr 1 16:21:21 EST 2008
From: Paul Mackerras <paulus at samba.org>
Date: Tue, 1 Apr 2008 15:15:46 +1100
> akpm at linux-foundation.org writes:
>
> > From: David Miller <davem at davemloft.net>
> >
> > A variant of lmb_alloc() that tries to allocate memory on a specified NUMA
> > node 'nid' but falls back to normal lmb_alloc() if that fails.
>
> ...
>
> > +static u64 __init lmb_alloc_nid_unreserved(u64 start, u64 end,
> > + u64 size, u64 align)
> > +{
> > + u64 base;
> > + long j;
> > +
> > + base = lmb_align_down((end - size), align);
> > + while (start <= base &&
> > + ((j = lmb_overlaps_region(&lmb.reserved, base, size)) >= 0))
> > + base = lmb_align_down(lmb.reserved.region[j].base - size,
> > + align);
>
> How do we know that lmb.reserved.region[j].base is >= size at this
> point? If it isn't, then base could end up as some extremely large
> unsigned value, which would be a Bad Thing.
The same exact issue exists in the existing code, from which this is
derived, in __lmb_alloc_base().
This situation can occur any time a region is smaller than the 'size'
argument, in both functions.
More information about the Linuxppc-dev
mailing list