From: Doug Ledford <dledford@redhat.com>
To: Andrew Morton <akpm@digeo.com>
Cc: "linux-scsi@vger.kernel.org" <linux-scsi@vger.kernel.org>,
Badari Pulavarty <pbadari@us.ibm.com>,
"Martin J. Bligh" <Martin.Bligh@us.ibm.com>,
Jens Axboe <axboe@suse.de>
Subject: Re: possible use-after-free in 2.5.44 scsi changes
Date: Fri, 25 Oct 2002 00:06:59 -0400 [thread overview]
Message-ID: <20021025040659.GB3556@redhat.com> (raw)
In-Reply-To: <3DB8A0CC.1804DF79@digeo.com>
On Thu, Oct 24, 2002 at 06:39:24PM -0700, Andrew Morton wrote:
>
> Gents,
>
> we have some code in the -mm patchsets which adds a per-cpu
> LIFO pool which frontends the page allocator. To return pages
> which are cache-warm on the calling CPU.
>
> That code has been stable and unchanging since 2.5.40. But in
> 2.5.44, Badari's machines are crashing when those patches are
> applied. Memory corruption deep in the scsi softirq callbacks.
>
> There were no significant memory allocator changes between 2.5.43
> and 2.5.44, but there were a lot of scsi changes.
[ snip ]
Sorry I haven't been able to do anything since Tuesday and won't be able
to again until next week around Wednesday or so (company meeting stuff the
entire time :-(
Anyway, I've got all my current updates pushed to
linux-scsi.bkbits.net/scsi-misc-2.5 and I know James and Patrick have some
fixes in there as well. I also know someone has been changing around the
scsi merge function and the scsi init io function recently, and it hasn't
been me ;-) In any case, the thing appears to be leaking memory and might
be partially related to this problem. If you touch any device on the scsi
bus such that it results in an actual merge between two requests, and a sg
table has to be realloced to a larger size in order to accomodate the
combined sg table size, then it appears that the smaller table(s) are
leaked. Just try hitting the disk with an e2fsck or similar program and
then try unloading the complete scsi stack to see the failure on attempt
to free the sg table caches when unloading scsi_mod. Debugging takes a
bit too since it means you have to reboot the machine to be able to load
the scsi modules again :-/ If someone could look into that specific
problem it might give a clue into this other problem (and sorry I can't do
more about it myself right now, it's what I was just starting to look into
when I ran out of time and into meetings).
--
Doug Ledford <dledford@redhat.com> 919-754-3700 x44233
Red Hat, Inc.
1801 Varsity Dr.
Raleigh, NC 27606
next prev parent reply other threads:[~2002-10-25 4:06 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-25 1:39 possible use-after-free in 2.5.44 scsi changes Andrew Morton
2002-10-25 4:06 ` Doug Ledford [this message]
2002-10-25 4:40 ` Andrew Morton
2002-10-25 14:21 ` James Bottomley
2002-10-25 4:07 ` Patrick Mansfield
2002-10-25 14:16 ` James Bottomley
2002-10-25 18:34 ` James Bottomley
2002-10-25 18:49 ` Mike Anderson
2002-10-25 19:08 ` Patrick Mansfield
2002-10-25 19:41 ` Mike Anderson
2002-10-25 19:47 ` Jens Axboe
2002-10-25 22:14 ` James Bottomley
2002-10-25 22:18 ` Andrew Morton
2002-10-25 22:23 ` Badari Pulavarty
2002-10-26 0:13 ` James Bottomley
2002-10-26 0:18 ` Mike Anderson
2002-10-26 9:29 ` Jens Axboe
2002-10-27 0:50 ` James Bottomley
2002-10-27 21:20 ` Jens Axboe
2002-10-27 21:37 ` James Bottomley
2002-10-27 21:54 ` Jens Axboe
2002-10-30 17:39 ` Badari Pulavarty
2002-10-30 18:16 ` Jens Axboe
2002-10-30 19:31 ` Badari Pulavarty
2002-10-30 21:36 ` merlin hughes
2002-10-30 22:19 ` Badari Pulavarty
2002-10-31 2:17 ` merlin
2002-10-31 13:18 ` Jens Axboe
2002-10-31 14:41 ` merlin
2002-10-31 14:46 ` Jens Axboe
2002-10-31 15:04 ` Jens Axboe
2002-10-31 15:12 ` Jens Axboe
2002-10-31 17:41 ` merlin
2002-10-30 20:35 ` David S. Miller
2002-10-30 22:03 ` Badari Pulavarty
-- strict thread matches above, loose matches on Subject: below --
2002-10-31 17:57 Badari Pulavarty
2002-10-31 18:46 ` Jens Axboe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20021025040659.GB3556@redhat.com \
--to=dledford@redhat.com \
--cc=Martin.Bligh@us.ibm.com \
--cc=akpm@digeo.com \
--cc=axboe@suse.de \
--cc=linux-scsi@vger.kernel.org \
--cc=pbadari@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).