The purge_fragmented_blocks will loop over all vmap_blocks in the
vmap_block_queue to create the purge list.
Currently, the code in the loop does not acquire the &vb->lock before
reading the vb->free and vb->dirty.
Due to this, there might be a possibility of vb->free and vb->dirty being
changed in parallel which could lead to the current vmap_block not being
selected for purging.
Changing the code to acquire this spinlock before the check for vb->free
and vb->dirty.
Signed-off-by: Kautuk Consul <consul.kautuk@xxxxxxxxx>
---
mm/vmalloc.c | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/mm/vmalloc.c b/mm/vmalloc.c
index 3231bf3..2228971 100644
--- a/mm/vmalloc.c
+++ b/mm/vmalloc.c
@@ -855,11 +855,14 @@ static void purge_fragmented_blocks(int cpu)
rcu_read_lock();
list_for_each_entry_rcu(vb, &vbq->free, free_list) {
+ spin_lock(&vb->lock);
- if (!(vb->free + vb->dirty == VMAP_BBMAP_BITS && vb->dirty != VMAP_BBMAP_BITS))
+ if (!(vb->free + vb->dirty == VMAP_BBMAP_BITS &&
+ vb->dirty != VMAP_BBMAP_BITS)) {
+ spin_unlock(&vb->lock);
continue;
+ }
- spin_lock(&vb->lock);
if (vb->free + vb->dirty == VMAP_BBMAP_BITS && vb->dirty != VMAP_BBMAP_BITS) {
vb->free = 0; /* prevent further allocs after releasing lock */
vb->dirty = VMAP_BBMAP_BITS; /* prevent purging it again */
--
1.7.6
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>