From 75c1c91cb92806f960fcd6e53d2a0c21f343081c Mon Sep 17 00:00:00 2001 From: Dimitri Sivanich Date: Tue, 28 Dec 2010 13:34:42 -0600 Subject: [PATCH] [IA64] eliminate race condition in smp_flush_tlb_mm A race condition exists within smp_call_function_many() when called from smp_flush_tlb_mm(). On rare occasions the cpu_vm_mask can be cleared while smp_call_function_many is executing, occasionally resulting in a hung process. Make a copy of the mask prior to calling smp_call_function_many(). Signed-off-by: Dimitri Sivanich Signed-off-by: Tony Luck --- arch/ia64/kernel/smp.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/arch/ia64/kernel/smp.c b/arch/ia64/kernel/smp.c index dabeefe2113..be450a3e987 100644 --- a/arch/ia64/kernel/smp.c +++ b/arch/ia64/kernel/smp.c @@ -293,6 +293,7 @@ smp_flush_tlb_all (void) void smp_flush_tlb_mm (struct mm_struct *mm) { + cpumask_var_t cpus; preempt_disable(); /* this happens for the common case of a single-threaded fork(): */ if (likely(mm == current->active_mm && atomic_read(&mm->mm_users) == 1)) @@ -301,9 +302,15 @@ smp_flush_tlb_mm (struct mm_struct *mm) preempt_enable(); return; } - - smp_call_function_many(mm_cpumask(mm), - (void (*)(void *))local_finish_flush_tlb_mm, mm, 1); + if (!alloc_cpumask_var(&cpus, GFP_ATOMIC)) { + smp_call_function((void (*)(void *))local_finish_flush_tlb_mm, + mm, 1); + } else { + cpumask_copy(cpus, mm_cpumask(mm)); + smp_call_function_many(cpus, + (void (*)(void *))local_finish_flush_tlb_mm, mm, 1); + free_cpumask_var(cpus); + } local_irq_disable(); local_finish_flush_tlb_mm(mm); local_irq_enable(); -- 2.39.5