[PATCH] Fix for vma merging refcounting bug

Stephen C. Tweedie (sct@redhat.com)
09 May 2003 13:34:21 +0100

When a new vma can be merged simultaneously with its two immediate
neighbours in both directions, vma_merge() extends the predecessor vma
and deletes the successor. However, if the vma maps a file, it fails to
fput() when doing the delete, leaving the file's refcount inconsistent.

# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
# ChangeSet 1.1083 -> 1.1084
# mm/mmap.c 1.79 -> 1.80
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 03/05/09 sct@sisko.scot.redhat.com 1.1084
# Fix vma merging problem leading to file refcount getting out of sync.
# --------------------------------------------
#
diff -Nru a/mm/mmap.c b/mm/mmap.c
--- a/mm/mmap.c Fri May 9 13:26:53 2003
+++ b/mm/mmap.c Fri May 9 13:26:53 2003
@@ -471,6 +471,8 @@
spin_unlock(lock);
if (need_up)
up(&inode->i_mapping->i_shared_sem);
+ if (file)
+ fput(file);

mm->map_count--;
kmem_cache_free(vm_area_cachep, next);

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/