On 05/18/2016 09:51 AM, Vlastimil Babka wrote: > ----8<---- > From f52f5e2a7dd65f2814183d8fd254ace43120b828 Mon Sep 17 00:00:00 2001 > From: Vlastimil Babka <vbabka@xxxxxxx> > Date: Wed, 18 May 2016 09:41:01 +0200 > Subject: [PATCH] mm, page_alloc: prevent infinite loop in buffered_rmqueue() > > In DEBUG_VM kernel, we can hit infinite loop for order == 0 in > buffered_rmqueue() when check_new_pcp() returns 1, because the bad page is > never removed from the pcp list. Fix this by removing the page before retrying. > Also we don't need to check if page is non-NULL, because we simply grab it from > the list which was just tested for being non-empty. > > Fixes: http://www.ozlabs.org/~akpm/mmotm/broken-out/mm-page_alloc-defer-debugging-checks-of-freed-pages-until-a-pcp-drain.patch Wrong. Fixes: http://www.ozlabs.org/~akpm/mmotm/broken-out/mm-page_alloc-defer-debugging-checks-of-pages-allocated-from-the-pcp.patch > Reported-by: Naoya Horiguchi <n-horiguchi@xxxxxxxxxxxxx> > Signed-off-by: Vlastimil Babka <vbabka@xxxxxxx> > --- > mm/page_alloc.c | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-) > > diff --git a/mm/page_alloc.c b/mm/page_alloc.c > index 8c81e2e7b172..d5b93e5dd697 100644 > --- a/mm/page_alloc.c > +++ b/mm/page_alloc.c > @@ -2641,11 +2641,12 @@ struct page *buffered_rmqueue(struct zone *preferred_zone, > page = list_last_entry(list, struct page, lru); > else > page = list_first_entry(list, struct page, lru); > - } while (page && check_new_pcp(page)); > > - __dec_zone_state(zone, NR_ALLOC_BATCH); > - list_del(&page->lru); > - pcp->count--; > + __dec_zone_state(zone, NR_ALLOC_BATCH); > + list_del(&page->lru); > + pcp->count--; > + > + } while (check_new_pcp(page)); > } else { > /* > * We most definitely don't want callers attempting to > -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>