[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20080814.012004.193702132.davem@davemloft.net>
Date: Thu, 14 Aug 2008 01:20:04 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: linuxppc-dev@...abs.org
CC: linux-kernel@...r.kernel.org, michael@...erman.id.au
Subject: bug in lmb_enforce_memory_limit()
I just mentioned this to Ben H. on IRC and promised I would report it
here. :-)
The first loop over lmb.memory in this function interprets the
memory_limit as a raw size limit, and that's fine so far.
But the second loop over lmb.reserved interprets this value
instead as an "address limit."
I haven't cobbled together a fix myself, but probably the way to do
this is, when we're about break out of the first loop over lmb.memory,
walk through the now-trimmed memory blobs and trim those from
lmb.reserved, one by one.
This bug got introduced by:
commit 2babf5c2ec2f2d5de3e38d20f7df7fd815fd10c9
Author: Michael Ellerman <michael@...erman.id.au>
Date: Wed May 17 18:00:46 2006 +1000
[PATCH] powerpc: Unify mem= handling
back when LMB was still a powerpc local item. :-)
This led me to another bug which probably a lot of platforms are
effected by.
If you do this command line memory limiting, and the kernel was placed
by the boot loader into physical ram (say at the end of the available
physical memory) that gets trimmed out by the command line option, we
hang or crash right as we boot into userspace because freeing up
initmem ends up freeing invalid page structs.
I think, on sparc64, instead of adding all kinds of complicated logic
to free_initmem() I'm simply going to only poison the pages and
not free them at all if cmdline_memory_size has been set.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists