On 01/03/2017 02:47 PM, Michal Hocko wrote: > On Tue 03-01-17 14:37:09, Anshuman Khandual wrote: >> On 01/03/2017 02:14 PM, Michal Hocko wrote: >>> On Tue 03-01-17 13:57:53, Anshuman Khandual wrote: >>>> node_isset can give incorrect result if the node number is beyond the >>>> bitmask size (MAX_NUMNODES in this case) which is not checked inside >>>> test_bit. Hence check for the bit limits (MAX_NUMNODES) inside the >>>> node_isset function before calling test_bit. >>> Could you be more specific when such a thing might happen? Have you seen >>> any in-kernel user who would give such a bogus node? >> >> Have not seen this through any in-kernel use case. While rebasing the CDM >> zonelist rebuilding series, > > Then fix this particular code path... Yeah I did. > >> I came across this through an error path when >> a bogus node value of 256 (MAX_NUMNODES on POWER) is received when we call >> first_node() on an empty nodemask (which itself seems weird as well). > > Does calling first_node on an empty nodemask make any sense? If there is > a risk then I would expect nodes_empty() check before doing any mask > related operations. Hmm, you are right. All these checks should be done by the caller not these nodemask helper functions. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>