From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755295Ab2IRUs0 (ORCPT ); Tue, 18 Sep 2012 16:48:26 -0400 Received: from acsinet15.oracle.com ([141.146.126.227]:29955 "EHLO acsinet15.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755173Ab2IRUsZ (ORCPT ); Tue, 18 Sep 2012 16:48:25 -0400 Date: Tue, 18 Sep 2012 16:37:13 -0400 From: Konrad Rzeszutek Wilk To: Linus Torvalds Cc: Dave Jones , Linux Kernel , Greg Kroah-Hartman , Srivatsa Vaddagiri , Suzuki Poulose , Raghavendra K T Subject: Re: 3.6rc6 slab corruption. Message-ID: <20120918203713.GB19300@phenom.dumpdata.com> References: <20120918143504.GA30585@redhat.com> <20120918192338.GA25845@phenom.dumpdata.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Source-IP: ucsinet21.oracle.com [156.151.31.93] Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > >> It should be easyish to fix by just adding a lock around those things. > > > > Like this: > > Not quite. .. new patch in another email... .. snip.. > > Yikes. The fix could be to allocate a buffer large enough for the maximum > > that %u could take * array_size and not bother with the first pass. > > That's the simple approach. An alternative approach would be to start > with a reasonable guess as to the size, and use krealloc() if needed > to expand. > > What are the realistic array sizes? If we're talking about arrays of > just 16 words or something, just do the maximum (what, 12 bytes per > 32-bit word? 11 bytes for the number, and then space/NUL after that). 30 words. ~360 + 29 spaces + NULL = 390? > > If we're talking about potentially much bigger arrays, maybe we need > to use krealloc() to handle it without wasting tons of memory for the > common case.. > > Linus