From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Paul Hargrove , Christoph Lameter , Joonsoo Kim , CAI Qian Subject: [ 89/89] slub: assign refcount for kmalloc_caches Date: Fri, 1 Feb 2013 14:08:44 +0100 Message-Id: <20130201130213.892451010@linuxfoundation.org> In-Reply-To: <20130201130207.444989281@linuxfoundation.org> References: <20130201130207.444989281@linuxfoundation.org> Sender: linux-kernel-owner@vger.kernel.org List-ID: 3.7-stable review patch. If anyone has any objections, please let me know. ------------------ From: CAI Qian This is for stable-3.7.y only and this problem has already been solved in mainline through some slab/slub re-work which isn't suitable to backport here. See create_kmalloc_cache() in mm/slab_common.c there. commit cce89f4f6911286500cf7be0363f46c9b0a12ce0('Move kmem_cache refcounting to common code') moves some refcount manipulation code to common code. Unfortunately, it also removed refcount assignment for kmalloc_caches. So, kmalloc_caches's refcount is initially 0. This makes erroneous situation. Paul Hargrove report that when he create a 8-byte kmem_cache and destory it, he encounter below message. 'Objects remaining in kmalloc-8 on kmem_cache_close()' 8-byte kmem_cache merge with 8-byte kmalloc cache and refcount is increased by one. So, resulting refcount is 1. When destroy it, it hit refcount = 0, then kmem_cache_close() is executed and error message is printed. This patch assign initial refcount 1 to kmalloc_caches, so fix this erroneous situation. Reported-by: Paul Hargrove Cc: Christoph Lameter Signed-off-by: Joonsoo Kim Signed-off-by: CAI Qian Signed-off-by: Greg Kroah-Hartman --- mm/slub.c | 1 + 1 file changed, 1 insertion(+) --- a/mm/slub.c +++ b/mm/slub.c @@ -3279,6 +3279,7 @@ static struct kmem_cache *__init create_ if (kmem_cache_open(s, flags)) goto panic; + s->refcount = 1; list_add(&s->list, &slab_caches); return s;