Re: WARNING: at mm/slub.c:3357, kernel BUG at mm/slub.c:3413
From: Markus Trippelsdorf
Date: Mon Nov 21 2011 - 12:35:59 EST
On 2011.11.21 at 18:15 +0100, Eric Dumazet wrote:
> Le lundi 21 novembre 2011 à 17:52 +0100, Eric Dumazet a écrit :
> > Le lundi 21 novembre 2011 à 17:10 +0100, Markus Trippelsdorf a écrit :
> >
> > > Sure. This one happend with CONFIG_DEBUG_PAGEALLOC=y:
> > >
> > > [drm] Initialized radeon 2.11.0 20080528 for 0000:01:05.0 on minor 0
> > > loop: module loaded
> > > ahci 0000:00:11.0: version 3.0
> > > ahci 0000:00:11.0: PCI INT A -> GSI 22 (level, low) -> IRQ 22
> > > ahci 0000:00:11.0: AHCI 0001.0100 32 slots 6 ports 3 Gbps 0x3f impl SATA mode
> > > ahci 0000:00:11.0: flags: 64bit ncq sntf ilck pm led clo pmp pio slum part ccc
> > > scsi0 : ahci
> > > scsi1 : ahci
> > > =============================================================================
> > > BUG task_struct: Poison overwritten
> > > -----------------------------------------------------------------------------
> >
> > Unfortunately thats the same problem, not catched by DEBUG_PAGEALLOC
> > because freed page is immediately reused.
> >
> > We should keep pages in free list longer, to have a bigger window.
> >
> > Hmm...
> >
> > Please try following patch :
> >
> > diff --git a/mm/page_alloc.c b/mm/page_alloc.c
> > index 9dd443d..b8932a6 100644
> > --- a/mm/page_alloc.c
> > +++ b/mm/page_alloc.c
> > @@ -1196,7 +1196,7 @@ void free_hot_cold_page(struct page *page, int cold)
> > }
> >
> > pcp = &this_cpu_ptr(zone->pageset)->pcp;
> > - if (cold)
> > + if (IS_ENABLED(CONFIG_DEBUG_PAGEALLOC) || cold)
> > list_add_tail(&page->lru, &pcp->lists[migratetype]);
> > else
> > list_add(&page->lru, &pcp->lists[migratetype]);
> >
>
>
> Also add "slub_max_order=0" to your boot command, since it will make the
> pool larger...
New one:
=============================================================================
BUG task_xstate: Not a valid slab page
-----------------------------------------------------------------------------
INFO: Slab 0xffffea0000044300 objects=32767 used=65535 fp=0x (null) flags=0x0401
Pid: 9, comm: ksoftirqd/1 Not tainted 3.2.0-rc2-00274-g6fe4c6d-dirty #75
Call Trace:
[<ffffffff81101c1d>] slab_err+0x7d/0x90
[<ffffffff8103e29f>] ? dump_trace+0x16f/0x2e0
[<ffffffff81044764>] ? free_thread_xstate+0x24/0x40
[<ffffffff81044764>] ? free_thread_xstate+0x24/0x40
[<ffffffff81102566>] check_slab+0x96/0xc0
[<ffffffff814c5c29>] free_debug_processing+0x34/0x19c
[<ffffffff81101d9a>] ? set_track+0x5a/0x190
[<ffffffff8110cf2b>] ? sys_open+0x1b/0x20
[<ffffffff814c5e55>] __slab_free+0x33/0x2d0
[<ffffffff8110cf2b>] ? sys_open+0x1b/0x20
[<ffffffff81105134>] kmem_cache_free+0x104/0x120
[<ffffffff81044764>] free_thread_xstate+0x24/0x40
[<ffffffff81044794>] free_thread_info+0x14/0x30
[<ffffffff8106a4ff>] free_task+0x2f/0x50
[<ffffffff8106a5d0>] __put_task_struct+0xb0/0x110
[<ffffffff8106eb4b>] delayed_put_task_struct+0x3b/0xa0
[<ffffffff810aa01a>] __rcu_process_callbacks+0x12a/0x350
[<ffffffff810aa2a2>] rcu_process_callbacks+0x62/0x140
[<ffffffff81072e18>] __do_softirq+0xa8/0x200
[<ffffffff81073077>] run_ksoftirqd+0x107/0x210
[<ffffffff81072f70>] ? __do_softirq+0x200/0x200
[<ffffffff8108bb87>] kthread+0x87/0x90
[<ffffffff814cdcf4>] kernel_thread_helper+0x4/0x10
[<ffffffff8108bb00>] ? kthread_flush_work_fn+0x10/0x10
[<ffffffff814cdcf0>] ? gs_change+0xb/0xb
FIX task_xstate: Object at 0xffffffff8110cf2b not freed
--
Markus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/