From: Peter Zijlstra <a.p.zijlstra@chello.nl>
To: Jens Axboe <jens.axboe@oracle.com>
Cc: Pekka Enberg <penberg@cs.helsinki.fi>,
paulmck@linux.vnet.ibm.com, Ingo Molnar <mingo@elte.hu>,
Vegard Nossum <vegard.nossum@gmail.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Randy Dunlap <randy.dunlap@oracle.com>
Subject: Re: kmemcheck caught read from freed memory (cfq_free_io_context)
Date: Wed, 02 Apr 2008 14:13:42 +0200 [thread overview]
Message-ID: <1207138422.8514.799.camel@twins> (raw)
In-Reply-To: <20080402115337.GD12774@kernel.dk>
On Wed, 2008-04-02 at 13:53 +0200, Jens Axboe wrote:
> > Yeah, SLAB_DESTROY_BY_RCU should have a _HUGE_ comment explaining it,
> > I'm sure this is not the first (nor the last) time people get that
> > wrong.
>
> It should, SLAB_DESTROY_BY_RCU is definitely useful, but it is expected
> to be an 'easier' way of doing the call_rcu() manually. So it definitely
> needs more documentation.
>
Ok I gave it a go, how bad is this text?
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
---
diff --git a/include/linux/slab.h b/include/linux/slab.h
index f950a89..e049ddc 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -25,6 +25,32 @@
#define SLAB_CACHE_DMA 0x00004000UL /* Use GFP_DMA memory */
#define SLAB_STORE_USER 0x00010000UL /* DEBUG: Store the last owner for bug hunting */
#define SLAB_PANIC 0x00040000UL /* Panic if kmem_cache_create() fails */
+/*
+ * SLAB_DESTROY_BY_RCU - **WARNING** READ THIS!
+ *
+ * This delays freeing the SLAB page by a grace period, it does _NOT_
+ * delay object freeing. This means that if you do kmem_cache_free()
+ * that memory location is free to be reused at any time. Thus it may
+ * be possible to see another object there in the same RCU grace period.
+ *
+ * This feature only ensures the memory location backing the object
+ * stays valid, the trick to using this is relying on an independent
+ * object validation pass. Something like:
+ *
+ * rcu_read_lock()
+ * again:
+ * obj = lockless_lookup(key);
+ * if (obj) {
+ * if (!try_get_ref(obj)) // might fail for free objects
+ * goto again;
+ *
+ * if (obj->key != key) { // not the object we expected
+ * put_ref(obj);
+ * goto again;
+ * }
+ * }
+ * rcu_read_unlock();
+ */
#define SLAB_DESTROY_BY_RCU 0x00080000UL /* Defer freeing slabs to RCU */
#define SLAB_MEM_SPREAD 0x00100000UL /* Spread some memory over cpuset */
#define SLAB_TRACE 0x00200000UL /* Trace allocations and frees */
next prev parent reply other threads:[~2008-04-02 12:14 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-01 21:08 kmemcheck caught read from freed memory (cfq_free_io_context) Vegard Nossum
2008-04-01 21:36 ` Peter Zijlstra
2008-04-01 22:51 ` Paul E. McKenney
2008-04-02 6:15 ` Peter Zijlstra
2008-04-02 7:19 ` Jens Axboe
2008-04-02 10:24 ` Paul E. McKenney
2008-04-02 7:17 ` Jens Axboe
2008-04-02 7:20 ` Pekka J Enberg
2008-04-02 7:24 ` Jens Axboe
2008-04-02 7:28 ` Ingo Molnar
2008-04-02 7:31 ` Jens Axboe
2008-04-02 10:55 ` Paul E. McKenney
2008-04-02 10:59 ` Peter Zijlstra
2008-04-02 11:33 ` Fabio Checconi
2008-04-02 11:43 ` Jens Axboe
2008-04-02 12:36 ` Jens Axboe
2008-04-02 12:36 ` Jens Axboe
2008-04-02 12:55 ` Fabio Checconi
2008-04-02 12:58 ` Jens Axboe
2008-04-02 12:58 ` Jens Axboe
2008-04-02 13:16 ` Fabio Checconi
2008-04-02 16:14 ` Paul E. McKenney
2008-04-02 13:37 ` Paul E. McKenney
2008-04-02 13:41 ` Jens Axboe
2008-04-02 15:33 ` Paul E. McKenney
2008-04-02 16:31 ` Jens Axboe
2008-04-02 17:00 ` Paul E. McKenney
2008-04-02 13:32 ` Paul E. McKenney
2008-04-02 13:40 ` Jens Axboe
2008-04-02 16:15 ` Paul E. McKenney
2008-04-02 11:01 ` Pekka Enberg
2008-04-02 11:07 ` Jens Axboe
2008-04-02 11:08 ` Peter Zijlstra
2008-04-02 11:11 ` Pekka Enberg
2008-04-02 11:14 ` Peter Zijlstra
2008-04-02 11:18 ` Pekka Enberg
2008-04-02 17:36 ` Christoph Lameter
2008-04-02 11:14 ` Jens Axboe
2008-04-02 11:20 ` Peter Zijlstra
2008-04-02 11:25 ` Peter Zijlstra
2008-04-02 11:32 ` Jens Axboe
2008-04-02 11:37 ` Peter Zijlstra
2008-04-02 11:42 ` Jens Axboe
2008-04-02 11:47 ` Peter Zijlstra
2008-04-02 11:53 ` Jens Axboe
2008-04-02 12:13 ` Peter Zijlstra [this message]
2008-04-02 12:28 ` Jens Axboe
2008-04-02 13:26 ` Paul E. McKenney
2008-04-02 13:43 ` Andi Kleen
2008-04-02 12:26 ` Peter Zijlstra
2008-04-02 12:34 ` Jens Axboe
2008-04-02 16:08 ` Paul E. McKenney
2008-04-02 16:15 ` Vegard Nossum
2008-04-02 16:32 ` Pekka J Enberg
2008-04-02 18:23 ` Paul E. McKenney
2008-04-02 19:53 ` Pekka Enberg
2008-04-02 20:15 ` Paul E. McKenney
2008-04-03 15:18 ` Paul E. McKenney
2008-04-03 19:49 ` Pekka J Enberg
2008-04-03 21:27 ` Paul E. McKenney
2008-04-02 16:59 ` Paul E. McKenney
2008-04-02 17:31 ` Vegard Nossum
2008-04-02 10:40 ` Paul E. McKenney
2008-04-02 10:46 ` Pekka Enberg
2008-04-02 10:49 ` Peter Zijlstra
2008-04-02 10:54 ` Pekka J Enberg
2008-04-02 17:35 ` Christoph Lameter
2008-04-02 10:53 ` Peter Zijlstra
2008-04-02 11:13 ` Jens Axboe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1207138422.8514.799.camel@twins \
--to=a.p.zijlstra@chello.nl \
--cc=akpm@linux-foundation.org \
--cc=jens.axboe@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=paulmck@linux.vnet.ibm.com \
--cc=penberg@cs.helsinki.fi \
--cc=randy.dunlap@oracle.com \
--cc=vegard.nossum@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox