This fixes a issue in the current locking logic of the function,
__delete_object where we are trying to attempt to lock the passed
object structure's spinlock again after being previously held
elsewhere by the kmemleak code. Fix this by instead of assuming
we are the only one contending for the object's lock their are
possible other users and create two branches, one where we get
the lock when calling spin_trylock_irqsave on the object's lock
and the other when the lock is held else where by kmemleak.
Signed-off-by: Nicholas Krause <xerofoify@xxxxxxxxx>
---
mm/kmemleak.c | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/mm/kmemleak.c b/mm/kmemleak.c
index 086292f..ad4828f 100644
--- a/mm/kmemleak.c
+++ b/mm/kmemleak.c
@@ -631,12 +631,19 @@ static void __delete_object(struct kmemleak_object *object)
/*
* Locking here also ensures that the corresponding memory block
- * cannot be freed when it is being scanned.
+ * cannot be freed when it is being scanned. Further more the
+ * object's lock may have been previously holded by another holder
+ * in the kmemleak code, therefore attempt to lock the object's lock
+ * before holding it and unlocking it.
*/
- spin_lock_irqsave(&object->lock, flags);
- object->flags &= ~OBJECT_ALLOCATED;
- spin_unlock_irqrestore(&object->lock, flags);
- put_object(object);
+ if (spin_trylock_irqsave(&object->lock, flags)) {
+ object->flags &= ~OBJECT_ALLOCATED;
+ spin_unlock_irqrestore(&object->lock, flags);
+ put_object(object);
+ } else {
+ object->flags &= ~OBJECT_ALLOCATED;
+ put_object(object);
+ }
}
/*
--
2.7.4
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>