Re: [patch] lockdep: annotate mm/slab.c

From: Andrew Morton
Date: Thu Jul 13 2006 - 19:15:41 EST

Next message: Nigel Cunningham: "[PATCH] Rt-tester makes freezing processes fail."
Previous message: andrea: "Re: [2.6 patch] let CONFIG_SECCOMP default to n"
In reply to: Christoph Lameter: "Re: [patch] lockdep: annotate mm/slab.c"
Next in thread: Christoph Lameter: "Re: [patch] lockdep: annotate mm/slab.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 13 Jul 2006 15:51:09 -0700 (PDT)
Christoph Lameter <clameter@xxxxxxx> wrote:

> On Thu, 13 Jul 2006, Arjan van de Ven wrote:
>
> > [*] Note Note Note
> > there is a corner case in the slab code that I personally don't trust at
> > all. In the NUMA case, if the memory is not originally from your own
> > node, the cache_free_alien() function takes, while having your own local
> > lock, the lock of the remote node as well. (at least on my reading of
> > the code) to free the memory to that node. I have yet to see where in
> > the code it safeguards against that remote node doing the exact same
> > thing in the opposite direction concurrently, and causing a basic ABBA
> > deadlock.
>
> Second look: I cannot find where we take our own local nodes list_lock.
> We only take the lock from the remote node. Or is this related to the
> OFF_SLAB kfree issue?
>
>
> We either have a alien cache structure established then:
>
> We take a lock on the alien structure for node x from our own node
> (without holding our local list_lock!) and then we need take the remote
> list_lock for node x if the alien structure overflows and we then free
> to the remote nodes list.
>
> Or we do not have a alien cache structure established yet. Then:
>
> We simply take the remote list_lock on node x and free directly to the
> foreign nodes list.
>
>
>
> In an OFF_SLAB situation this may differ because then we call
> kmem_cache_free from slab_destroy. Ughhh... This looks extremely bad.

uh-oh.

> Whew! We drop the list lock before calling slab_destroy.

Well we did, up until about ten minutes ago.

free_block()'s droppage of l3->list_lock around the slab_destroy() call was
just reverted, due to Shailabh confirming that it caused corruption.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nigel Cunningham: "[PATCH] Rt-tester makes freezing processes fail."
Previous message: andrea: "Re: [2.6 patch] let CONFIG_SECCOMP default to n"
In reply to: Christoph Lameter: "Re: [patch] lockdep: annotate mm/slab.c"
Next in thread: Christoph Lameter: "Re: [patch] lockdep: annotate mm/slab.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]