[dm-devel] [PATCH] 2.6.12-rc6: fix rh_dec()/rh_inc() race in dm-raid1.c
Jun'ichi Nomura
j-nomura at ce.jp.nec.com
Thu Jun 16 22:51:41 UTC 2005
Hello,
Attached patch fixes the another bug in dm-raid1.c that
the dirty region may stay in or be moved to clean list
and freed while in use.
It happens as follows:
CPU0 CPU1
------------------------------------------------------------------------------
rh_dec()
if (atomic_dec_and_test(pending))
<the region is still marked dirty>
rh_inc()
if the region is clean
mark the region dirty
and remove from clean list
mark the region clean
and move to clean list
atomic_inc(pending)
At this stage, the region is in clean list and
will be mistakenly reclaimed by rh_update_states() later.
Signed-off-by: Jun'ichi Nomura <j-nomura at ce.jp.nec.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dm-raid1-race2.patch
Type: text/x-patch
Size: 1071 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/dm-devel/attachments/20050616/5e203f8a/attachment.bin>
More information about the dm-devel
mailing list