[RFC 1/2] mm, slub: prevent kmalloc_node crashes and memory leaks

Fri Mar 20 19:44:47 AEDT 2020

On Fri, Mar 20, 2020 at 09:37:18AM +0100, Vlastimil Babka wrote:
> On 3/20/20 4:42 AM, Bharata B Rao wrote:
> > On Thu, Mar 19, 2020 at 02:47:58PM +0100, Vlastimil Babka wrote:
> >> diff --git a/mm/slub.c b/mm/slub.c
> >> index 17dc00e33115..7113b1f9cd77 100644
> >> --- a/mm/slub.c
> >> +++ b/mm/slub.c
> >> @@ -1973,8 +1973,6 @@ static void *get_partial(struct kmem_cache *s, gfp_t flags, int node,
> >>  
> >>  	if (node == NUMA_NO_NODE)
> >>  		searchnode = numa_mem_id();
> >> -	else if (!node_present_pages(node))
> >> -		searchnode = node_to_mem_node(node);
> >>  
> >>  	object = get_partial_node(s, get_node(s, searchnode), c, flags);
> >>  	if (object || node != NUMA_NO_NODE)
> >> @@ -2563,17 +2561,27 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
> >>  	struct page *page;
> >>  
> >>  	page = c->page;
> >> -	if (!page)
> >> +	if (!page) {
> >> +		/*
> >> +		 * if the node is not online or has no normal memory, just
> >> +		 * ignore the node constraint
> >> +		 */
> >> +		if (unlikely(node != NUMA_NO_NODE &&
> >> +			     !node_state(node, N_NORMAL_MEMORY)))
> >> +			node = NUMA_NO_NODE;
> >>  		goto new_slab;
> >> +	}
> >>  redo:
> >>  
> >>  	if (unlikely(!node_match(page, node))) {
> >> -		int searchnode = node;
> >> -
> >> -		if (node != NUMA_NO_NODE && !node_present_pages(node))
> >> -			searchnode = node_to_mem_node(node);
> >> -
> >> -		if (unlikely(!node_match(page, searchnode))) {
> >> +		/*
> >> +		 * same as above but node_match() being false already
> >> +		 * implies node != NUMA_NO_NODE
> >> +		 */
> >> +		if (!node_state(node, N_NORMAL_MEMORY)) {
> >> +			node = NUMA_NO_NODE;
> >> +			goto redo;
> >> +		} else {
> >>  			stat(s, ALLOC_NODE_MISMATCH);
> >>  			deactivate_slab(s, page, c->freelist, c);
> >>  			goto new_slab;
> > 
> > This fixes the problem I reported at
> > https://lore.kernel.org/linux-mm/20200317092624.GB22538@in.ibm.com/
> 
> Thanks, I hope it means I can make it Reported-and-tested-by: you

It was reeported first by PUVICHAKRAVARTHY RAMACHANDRAN <puvichakravarthy at in.ibm.com>
You can add my tested-by.

Regards,
Bharata.