percpu: fix pcpu_reclaim() locking
Tejun Heo [Fri, 14 Aug 2009 06:00:49 +0000 (15:00 +0900)]
pcpu_reclaim() calls pcpu_depopulate_chunk() which makes use of pages
array and bitmap returned by pcpu_get_pages_and_bitmap() and thus
should be called under pcpu_alloc_mutex.  pcpu_reclaim() released the
mutex before calling depopulate leading to double free and other
strange problems caused by the unexpected concurrent usages of pages
array and bitmap.  Fix it.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Christoph Lameter <cl@linux-foundation.org>

mm/percpu.c

index 3f9f182..42ab002 100644 (file)
@@ -1181,12 +1181,13 @@ static void pcpu_reclaim(struct work_struct *work)
        }
 
        spin_unlock_irq(&pcpu_lock);
-       mutex_unlock(&pcpu_alloc_mutex);
 
        list_for_each_entry_safe(chunk, next, &todo, list) {
                pcpu_depopulate_chunk(chunk, 0, pcpu_unit_size);
                free_pcpu_chunk(chunk);
        }
+
+       mutex_unlock(&pcpu_alloc_mutex);
 }
 
 /**