[dm-devel] [PATCH] 2.6.12-rc6: fix __rh_alloc()/rh_update_states() race in dm-raid1.c
Jun'ichi Nomura
j-nomura at ce.jp.nec.com
Thu Jun 16 22:11:57 UTC 2005
Hello,
the attached patch fixes the bug in dm-raid1.c that
the region returned by __rh_alloc() may be freed while
it's in use.
__rh_alloc() write-unlocks the hash_lock after inserting the new region.
Though it read-locks the hash-lock just after that, it's possible
that the region was reclaimed by rh_update_states() as the region
was clean at the time.
CPU0 CPU1
-----------------------------------------------------------------------
__rh_alloc()
write_lock(hash_lock)
<insert new region to clean list>
write_unlock(hash_lock)
rh_update_states()
write_lock(hash_lock)
<move clean regions to freeable list>
write_unlock(hash_lock)
<free regions in the freeable list>
read_lock(hash_lock)
<return the region>
Signed-off-by: Jun'ichi Nomura <j-nomura at ce.jp.nec.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dm-raid1-race1.patch
Type: text/x-patch
Size: 370 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/dm-devel/attachments/20050616/207f7dd8/attachment.bin>
More information about the dm-devel
mailing list