mm/page_alloc: protect pcp->batch accesses with ACCESS_ONCE pcp->batch could change at any point, avoid relying on it being a stable value. Signed-off-by: Cody P Schafer <[email protected]> Cc: Gilad Ben-Yossef <[email protected]> Cc: KOSAKI Motohiro <[email protected]> Cc: Mel Gorman <[email protected]> Cc: Pekka Enberg <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>

commit: 998d39cb236fe464af86a3492a24d2f67ee1efc2 [log] [tgz]
author: Cody P Schafer <[email protected]> Wed Jul 03 15:01:32 2013 -0700
committer: Linus Torvalds <[email protected]> Wed Jul 03 16:07:27 2013 -0700
tree: c093fb89e8d4a4b62e656f5becf92876ce13f958
parent: 8d7a8fa97abeb4fd6b3975d32c9f859875157770 [diff] [blame]
diff --git a/mm/page_alloc.c b/mm/page_alloc.c
index eaaef2a..97b8f86 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c

@@ -1182,10 +1182,12 @@
 {
 	unsigned long flags;
 	int to_drain;
+	unsigned long batch;
 
 	local_irq_save(flags);
-	if (pcp->count >= pcp->batch)
-		to_drain = pcp->batch;
+	batch = ACCESS_ONCE(pcp->batch);
+	if (pcp->count >= batch)
+		to_drain = batch;
 	else
 		to_drain = pcp->count;
 	if (to_drain > 0) {
@@ -1353,8 +1355,9 @@
 		list_add(&page->lru, &pcp->lists[migratetype]);
 	pcp->count++;
 	if (pcp->count >= pcp->high) {
-		free_pcppages_bulk(zone, pcp->batch, pcp);
-		pcp->count -= pcp->batch;
+		unsigned long batch = ACCESS_ONCE(pcp->batch);
+		free_pcppages_bulk(zone, batch, pcp);
+		pcp->count -= batch;
 	}
 
 out:
commit	998d39cb236fe464af86a3492a24d2f67ee1efc2	[log] [tgz]
author	Cody P Schafer <[email protected]>	Wed Jul 03 15:01:32 2013 -0700
committer	Linus Torvalds <[email protected]>	Wed Jul 03 16:07:27 2013 -0700
tree	c093fb89e8d4a4b62e656f5becf92876ce13f958
parent	8d7a8fa97abeb4fd6b3975d32c9f859875157770 [diff] [blame]