From mboxrd@z Thu Jan  1 00:00:00 1970
From: Sasha Levin <sasha.levin@oracle.com>
Subject: Re: fs: dcookie: freeing active timer
Date: Thu, 24 Apr 2014 13:34:14 -0400
Message-ID: <53594B16.4000901@oracle.com>
References: <53594244.6070305@oracle.com> <20140424172708.GY18016@ZenIV.linux.org.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: linux-fsdevel <linux-fsdevel@vger.kernel.org>,
	Jan Kara <jack@suse.cz>, Dave Jones <davej@redhat.com>,
	LKML <linux-kernel@vger.kernel.org>,
	Thomas Gleixner <tglx@linutronix.de>
To: Al Viro <viro@ZenIV.linux.org.uk>
Return-path: <linux-kernel-owner@vger.kernel.org>
In-Reply-To: <20140424172708.GY18016@ZenIV.linux.org.uk>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On 04/24/2014 01:27 PM, Al Viro wrote:
> On Thu, Apr 24, 2014 at 12:56:36PM -0400, Sasha Levin wrote:
>> > Hi all,
>> > 
>> > While fuzzing with trinity inside a KVM tools guest running the latest -next
>> > kernel I've stumbled on the following:
>> > [  191.871535] kmem_cache_destroy (mm/slab_common.c:363)
>> > [  191.871535] dcookie_unregister (fs/dcookies.c:302 fs/dcookies.c:343)
> So it's dcookie_exit() doing kmem_cache_destroy(dcookie_cache) while
> some timer is active?
> 
> Why does that code bother with destroying/creating that sucker dynamically?
> Is there any point at all?

I'm not sure about the dynamic allocation part, but I fear that if we just
switch to using static allocations it'll hide the underlying issue that
triggered this bug instead of fixing it.


Thanks,
Sasha