On Tue 04-02-14 16:22:53, David Rientjes wrote:
> Commit bf6bddf1924e ("mm: introduce compaction and migration for ballooned
> pages") introduces page_count(page) into memory compaction which
> dereferences page->first_page if PageTail(page).
>
> Introduce a store memory barrier to ensure page->first_page is properly
> initialized so that code that does page_count(page) on pages off the lru
> always have a valid p->first_page.
>
> Reported-by: Holger Kiehl <Holger.Kiehl@xxxxxx>
> Signed-off-by: David Rientjes <rientjes@xxxxxxxxxx>
> ---
> v2: with commentary, per checkpatch
>
> mm/page_alloc.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
> --- a/mm/page_alloc.c
> +++ b/mm/page_alloc.c
> @@ -369,9 +369,11 @@ void prep_compound_page(struct page *page, unsigned long order)
> __SetPageHead(page);
> for (i = 1; i < nr_pages; i++) {
> struct page *p = page + i;
> - __SetPageTail(p);
> set_page_count(p, 0);
> p->first_page = page;
> + /* Make sure p->first_page is always valid for PageTail() */
> + smp_wmb();
> + __SetPageTail(p);
Where is the pairing smp_rmb? I would expect it in comound_head.
> }
> }
>
--
Michal Hocko
SUSE Labs
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>