[PATCH] list_add corruption in slab.c - Kernel

This is a discussion on [PATCH] list_add corruption in slab.c - Kernel ; I've been seeing list_add corruption in slab.c on the ES7000 since the 2.6.24.1 kernel. There are several places where the initkmem_list3 array is access by [somevalue + node]. This also needs to be done in kmem_cache_init(). Signed-off-by: Dan Yeisley --- ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: [PATCH] list_add corruption in slab.c

  1. [PATCH] list_add corruption in slab.c

    I've been seeing list_add corruption in slab.c on the ES7000 since the
    2.6.24.1 kernel. There are several places where the initkmem_list3
    array is access by [somevalue + node]. This also needs to be done in
    kmem_cache_init().

    Signed-off-by: Dan Yeisley

    ---
    diff -Naur linux-2.6.25-rc5/mm/slab.c linux-2.6.25-rc5-new/mm/slab.c
    --- linux-2.6.25-rc5/mm/slab.c 2008-03-10 01:22:27.000000000 -0400
    +++ linux-2.6.25-rc5-new/mm/slab.c 2008-03-20 13:59:24.000000000 -0400
    @@ -1481,7 +1481,7 @@
    list_add(&cache_cache.next, &cache_chain);
    cache_cache.colour_off = cache_line_size();
    cache_cache.array[smp_processor_id()] = &initarray_cache.cache;
    - cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE];
    + cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE + node];

    /*
    * struct kmem_cache size depends on nr_node_ids, which

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  2. Re: [PATCH] list_add corruption in slab.c

    Hi Daniel,

    On Tue, Mar 25, 2008 at 6:57 PM, Daniel Yeisley wrote:
    > I've been seeing list_add corruption in slab.c on the ES7000 since the
    > 2.6.24.1 kernel. There are several places where the initkmem_list3
    > array is access by [somevalue + node]. This also needs to be done in
    > kmem_cache_init().
    >
    > Signed-off-by: Dan Yeisley
    >
    > ---
    > diff -Naur linux-2.6.25-rc5/mm/slab.c linux-2.6.25-rc5-new/mm/slab.c
    > --- linux-2.6.25-rc5/mm/slab.c 2008-03-10 01:22:27.000000000 -0400
    > +++ linux-2.6.25-rc5-new/mm/slab.c 2008-03-20 13:59:24.000000000 -0400
    > @@ -1481,7 +1481,7 @@
    > list_add(&cache_cache.next, &cache_chain);
    > cache_cache.colour_off = cache_line_size();
    > cache_cache.array[smp_processor_id()] = &initarray_cache.cache;
    > - cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE];
    > + cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE + node];


    Good catch! You'd need to fix up the use of initkmem_list3 farther
    down in kmem_init_cache():

    > /* 5) Replace the bootstrap kmem_list3's */
    > {
    > int nid;
    >
    > for_each_online_node(nid) {
    > init_list(&cache_cache, &initkmem_list3[CACHE_CACHE], nid);


    Care to send a tested patch that fixes that as well?

    Pekka
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  3. Re: [PATCH] list_add corruption in slab.c

    On Tue, 2008-03-25 at 20:45 +0200, Pekka Enberg wrote:
    > Hi Daniel,
    >
    > On Tue, Mar 25, 2008 at 6:57 PM, Daniel Yeisley wrote:
    > > I've been seeing list_add corruption in slab.c on the ES7000 since the
    > > 2.6.24.1 kernel. There are several places where the initkmem_list3
    > > array is access by [somevalue + node]. This also needs to be done in
    > > kmem_cache_init().
    > >
    > > Signed-off-by: Dan Yeisley
    > >
    > > ---
    > > diff -Naur linux-2.6.25-rc5/mm/slab.c linux-2.6.25-rc5-new/mm/slab.c
    > > --- linux-2.6.25-rc5/mm/slab.c 2008-03-10 01:22:27.000000000 -0400
    > > +++ linux-2.6.25-rc5-new/mm/slab.c 2008-03-20 13:59:24.000000000 -0400
    > > @@ -1481,7 +1481,7 @@
    > > list_add(&cache_cache.next, &cache_chain);
    > > cache_cache.colour_off = cache_line_size();
    > > cache_cache.array[smp_processor_id()] = &initarray_cache.cache;
    > > - cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE];
    > > + cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE + node];

    >
    > Good catch! You'd need to fix up the use of initkmem_list3 farther
    > down in kmem_init_cache():
    >
    > > /* 5) Replace the bootstrap kmem_list3's */
    > > {
    > > int nid;
    > >
    > > for_each_online_node(nid) {
    > > init_list(&cache_cache, &initkmem_list3[CACHE_CACHE], nid);

    >
    > Care to send a tested patch that fixes that as well?
    >
    > Pekka


    I actually saw that initkmem_list reference, but didn't change it since
    my original patch fixed my list corruption. Anyway, I made the changed
    and tested it. The system booted fine.

    ´╗┐Signed-off-by: Dan Yeisley

    ---
    diff -Nuar linux-2.6.25-rc6/mm/slab.c linux-2.6.25-rc6-new/mm/slab.c
    --- linux-2.6.25-rc6/mm/slab.c 2008-03-25 15:39:07.000000000 -0400
    +++ linux-2.6.25-rc6-new/mm/slab.c 2008-03-25 15:13:01.000000000 -0400
    @@ -1481,7 +1481,7 @@
    list_add(&cache_cache.next, &cache_chain);
    cache_cache.colour_off = cache_line_size();
    cache_cache.array[smp_processor_id()] = &initarray_cache.cache;
    - cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE];
    + cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE + node];

    /*
    * struct kmem_cache size depends on nr_node_ids, which
    @@ -1602,7 +1602,7 @@
    int nid;

    for_each_online_node(nid) {
    - init_list(&cache_cache, &initkmem_list3[CACHE_CACHE], nid);
    + init_list(&cache_cache, &initkmem_list3[CACHE_CACHE + nid], nid);

    init_list(malloc_sizes[INDEX_AC].cs_cachep,
    &initkmem_list3[SIZE_AC + nid], nid);

    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  4. Re: [PATCH] list_add corruption in slab.c

    Hi Daniel,

    Daniel Yeisley wrote:
    > I actually saw that initkmem_list reference, but didn't change it since
    > my original patch fixed my list corruption. Anyway, I made the changed
    > and tested it. The system booted fine.


    Yeah, but the second change is needed; otherwise we forget to fix up
    some of the bootstrap caches.

    > ´╗┐Signed-off-by: Dan Yeisley


    Reviewed-by: Pekka Enberg

    Mel, as this change is related to the memoryless node fix that went in
    2.6.24, any chance you'd give this patch a spin on your machines so we
    can get the fix in 2.6.25 and 2.6.24-stable?

    Pekka
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  5. Re: [PATCH] list_add corruption in slab.c

    thanks for the fast answer

    On 3/25/08, Pekka Enberg wrote:
    > Hi Oliver,
    >
    > On Tue, Mar 25, 2008 at 11:27 PM, Oliver Pinter
    > wrote:
    > > this patch for 2.6.22?

    >
    > No. It fixes the following commit which is not in nor is it required for
    > 2.6.22:
    >
    >
    > http://git.kernel.org/?p=linux/kerne...655dddd3db94c1
    >



    --
    Thanks,
    Oliver
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  6. Re: [PATCH] list_add corruption in slab.c

    Hi Oliver,

    On Tue, Mar 25, 2008 at 11:27 PM, Oliver Pinter wrote:
    > this patch for 2.6.22?


    No. It fixes the following commit which is not in nor is it required for 2.6.22:

    http://git.kernel.org/?p=linux/kerne...655dddd3db94c1
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  7. Re: [PATCH] list_add corruption in slab.c

    On (25/03/08 23:13), Pekka Enberg didst pronounce:
    > Hi Daniel,
    >
    > Daniel Yeisley wrote:
    > >I actually saw that initkmem_list reference, but didn't change it since
    > >my original patch fixed my list corruption. Anyway, I made the changed
    > >and tested it. The system booted fine.

    >
    > Yeah, but the second change is needed; otherwise we forget to fix up
    > some of the bootstrap caches.
    >
    > > ???Signed-off-by: Dan Yeisley

    >
    > Reviewed-by: Pekka Enberg
    >
    > Mel, as this change is related to the memoryless node fix that went in
    > 2.6.24, any chance you'd give this patch a spin on your machines so we
    > can get the fix in 2.6.25 and 2.6.24-stable?
    >


    Of course. Tested against 2.6.25-rc5 on normal and memoryless machines
    running just kernbench. So far, I have seen no problems.

    --
    Mel Gorman
    Part-time Phd Student Linux Technology Center
    University of Limerick IBM Dublin Software Lab
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

+ Reply to Thread