The patch titled
slab: ensure cache_alloc_refill terminates
has been added to the -mm tree. Its filename is
slab-ensure-cache_alloc_refill-terminates.patch
*** Remember to use Documentation/SubmitChecklist when testing your code ***
See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this
------------------------------------------------------
Subject: slab: ensure cache_alloc_refill terminates
From: Pekka Enberg <penberg@xxxxxxxxxxxxxx>
If slab->inuse is corrupted, cache_alloc_refill can enter an infinite
loop as detailed by Michael Richardson in the following post:
<http://lkml.org/lkml/2007/2/16/292>. This adds a BUG_ON to catch
those cases.
Cc: Michael Richardson <mcr@xxxxxxxxxxxx>
Acked-by: Christoph Lameter <clameter@xxxxxxx>
Signed-off-by: Pekka Enberg <penberg@xxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
mm/slab.c | 8 ++++++++
1 files changed, 8 insertions(+)
diff -puN mm/slab.c~slab-ensure-cache_alloc_refill-terminates mm/slab.c
--- a/mm/slab.c~slab-ensure-cache_alloc_refill-terminates
+++ a/mm/slab.c
@@ -2987,6 +2987,14 @@ retry:
slabp = list_entry(entry, struct slab, list);
check_slabp(cachep, slabp);
check_spinlock_acquired(cachep);
+
+ /*
+ * The slab was either on partial or free list so
+ * there must be at least one object available for
+ * allocation.
+ */
+ BUG_ON(slabp->inuse < 0 || slabp->inuse >= cachep->num);
+
while (slabp->inuse < cachep->num && batchcount--) {
STATS_INC_ALLOCED(cachep);
STATS_INC_ACTIVE(cachep);
_
Patches currently in -mm which might be from penberg@xxxxxxxxxxxxxx are
slab-ensure-cache_alloc_refill-terminates.patch
slab-use-cpu_lock_.patch
slab-leaks3-default-y.patch
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
