Re: [PATCH] list_add corruption in slab.c
From: Pekka Enberg
Date: Tue Mar 25 2008 - 14:45:45 EST
Hi Daniel,
On Tue, Mar 25, 2008 at 6:57 PM, Daniel Yeisley <dan.yeisley@xxxxxxxxxx> wrote:
> I've been seeing list_add corruption in slab.c on the ES7000 since the
> 2.6.24.1 kernel. There are several places where the initkmem_list3
> array is access by [somevalue + node]. This also needs to be done in
> kmem_cache_init().
>
> Signed-off-by: Dan Yeisley <dan.yeisley@xxxxxxxxxx>
>
> ---
> diff -Naur linux-2.6.25-rc5/mm/slab.c linux-2.6.25-rc5-new/mm/slab.c
> --- linux-2.6.25-rc5/mm/slab.c 2008-03-10 01:22:27.000000000 -0400
> +++ linux-2.6.25-rc5-new/mm/slab.c 2008-03-20 13:59:24.000000000 -0400
> @@ -1481,7 +1481,7 @@
> list_add(&cache_cache.next, &cache_chain);
> cache_cache.colour_off = cache_line_size();
> cache_cache.array[smp_processor_id()] = &initarray_cache.cache;
> - cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE];
> + cache_cache.nodelists[node] = &initkmem_list3[CACHE_CACHE + node];
Good catch! You'd need to fix up the use of initkmem_list3 farther
down in kmem_init_cache():
> /* 5) Replace the bootstrap kmem_list3's */
> {
> int nid;
>
> for_each_online_node(nid) {
> init_list(&cache_cache, &initkmem_list3[CACHE_CACHE], nid);
Care to send a tested patch that fixes that as well?
Pekka
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/