From 10f183f3227cb9c0d49ccc396dc65d86b1aeb0df Mon Sep 17 00:00:00 2001 From: Izik Eidus <ieidus@redhat.com> Date: Thu, 4 Jun 2009 22:09:38 +0300 Subject: [PATCH] KSM: avoid losing (but no mem leak) rmap_items inside ksm data strctures The implication of this should be minor (worst case is to lose visibility on some pages in stable tree, no crash, no memleak, just no merging of pages). The tree_item->rmap_item is the head of the list and as such it must not be overwritten except in the case that the element we removed (rmap_item) was the previous head of the list, in which case it would also have rmap_item->prev set to null. This was only found by reading source while fixing the crash with slab debug enabled. For rhev/master and rhel5/master. Signed-off-by: Andrea Arcangeli <aarcange@redhat.com> Signed-off-by: Izik Eidus <ieidus@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> RH-Upstream-status: not-applicable Message-Id: <1243894307-17932-5-git-send-email-ieidus@redhat.com> Message-Id: <1244142579-3405-4-git-send-email-ieidus@redhat.com> Acked-by: Andrea Arcangeli <aarcange@redhat.com> Acked-by: Marcelo Tosatti <mtosatti@redhat.com> Acked-by: john cooper <john.cooper@redhat.com> Bugzilla: 504237 --- kernel/ksm/ksm_main.c | 7 ++++--- 1 files changed, 4 insertions(+), 3 deletions(-) diff --git a/kernel/ksm/ksm_main.c b/kernel/ksm/ksm_main.c index f9edc4f..494ce3e 100644 --- a/kernel/ksm/ksm_main.c +++ b/kernel/ksm/ksm_main.c @@ -286,10 +286,11 @@ static void remove_rmap_item_from_tree(struct rmap_item *rmap_item) if (!rmap_item->next && !rmap_item->prev) { rb_erase(&tree_item->node, &root_stable_tree); free_tree_item(tree_item); - } else if (!rmap_item->prev) + } else if (!rmap_item->prev) { + BUG_ON(tree_item->rmap_item != rmap_item); tree_item->rmap_item = rmap_item->next; - else - tree_item->rmap_item = rmap_item->prev; + } else + BUG_ON(tree_item->rmap_item == rmap_item); } else if (!rmap_item->stable_tree) free_tree_item(tree_item); } -- 1.6.3.rc4.29.g8146