[Bug 204371] BUG kmalloc-4k (Tainted: G W ): Object padding overwritten

bugzilla-daemon at bugzilla.kernel.org bugzilla-daemon at bugzilla.kernel.org
Fri Aug 16 03:07:59 AEST 2019 

https://bugzilla.kernel.org/show_bug.cgi?id=204371

--- Comment #28 from Erhard F. (erhard_f at mailbox.org) ---
On Thu, 15 Aug 2019 16:45:11 +0000
bugzilla-daemon at bugzilla.kernel.org wrote:

> https://bugzilla.kernel.org/show_bug.cgi?id=204371
> 
> --- Comment #27 from Christophe Leroy (christophe.leroy at c-s.fr) ---
> Can you post the changes you did ?
> 
> Did you replace the two kzalloc() by get_zeroed_page()  as suggested ?
> If so, it looks like you missed one kfree() (in free_bitmap()) to be replaced
> by free_page().

Ah yes, I added the (unsigned long) part but forgot to replace kfree() with
free_page(). Now looks like this:

diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c
index 062be9dde4c6..c3eed8c3d3fe 100644
--- a/fs/btrfs/free-space-cache.c
+++ b/fs/btrfs/free-space-cache.c
@@ -764,7 +764,7 @@ static int __load_free_space_cache(struct btrfs_root *root,
struct inode *inode,
                } else {
                        ASSERT(num_bitmaps);
                        num_bitmaps--;
-                       e->bitmap = kzalloc(PAGE_SIZE, GFP_NOFS);
+                       e->bitmap = (void *)get_zeroed_page(GFP_NOFS);
                        if (!e->bitmap) {
                                kmem_cache_free(
                                        btrfs_free_space_cachep, e);
@@ -1881,7 +1881,7 @@ static void free_bitmap(struct btrfs_free_space_ctl *ctl,
                        struct btrfs_free_space *bitmap_info)
 {
        unlink_free_space(ctl, bitmap_info);
-       kfree(bitmap_info->bitmap);
+       free_page((unsigned long)bitmap_info->bitmap);
        kmem_cache_free(btrfs_free_space_cachep, bitmap_info);
        ctl->total_bitmaps--;
        ctl->op->recalc_thresholds(ctl);
@@ -2135,7 +2135,7 @@ static int insert_into_bitmap(struct btrfs_free_space_ctl
*ctl,
                }

                /* allocate the bitmap */
-               info->bitmap = kzalloc(PAGE_SIZE, GFP_NOFS);
+               info->bitmap = (void *)get_zeroed_page(GFP_NOFS);
                spin_lock(&ctl->tree_lock);
                if (!info->bitmap) {
                        ret = -ENOMEM;
@@ -2146,7 +2146,7 @@ static int insert_into_bitmap(struct btrfs_free_space_ctl
*ctl,

 out:
        if (info) {
-               kfree(info->bitmap);
+               free_page((unsigned long)info->bitmap);
                kmem_cache_free(btrfs_free_space_cachep, info);
        }

@@ -2802,7 +2802,7 @@ u64 btrfs_alloc_from_cluster(struct
btrfs_block_group_cache *block_group,
        if (entry->bytes == 0) {
                ctl->free_extents--;
                if (entry->bitmap) {
-                       kfree(entry->bitmap);
+                       free_page((unsigned long)entry->bitmap);
                        ctl->total_bitmaps--;
                        ctl->op->recalc_thresholds(ctl);
                }

-- 
You are receiving this mail because:
You are on the CC list for the bug.

More information about the Linuxppc-dev mailing list