releases/3.7.6/slub-assign-refcount-for-kmalloc_caches.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From caiqian@redhat.com  Fri Feb  1 13:47:04 2013
 From: CAI Qian <caiqian@redhat.com>
 Date: Thu, 24 Jan 2013 22:50:09 -0500 (EST)
 Subject: slub: assign refcount for kmalloc_caches
 To: stable@vger.kernel.org
 Cc: Christoph Lameter <cl@linux.com>, Joonsoo Kim <js1304@gmail.com>, Paul Hargrove <phhargrove@lbl.gov>
 Message-ID: <2142250133.9176397.1359085809116.JavaMail.root@redhat.com>

 From: CAI Qian <caiqian@redhat.com>

 This is for stable-3.7.y only and this problem has already been solved
 in mainline through some slab/slub re-work which isn't suitable to
 backport here. See create_kmalloc_cache() in mm/slab_common.c there.

 commit cce89f4f6911286500cf7be0363f46c9b0a12ce0('Move kmem_cache
 refcounting to common code') moves some refcount manipulation code to
 common code. Unfortunately, it also removed refcount assignment for
 kmalloc_caches. So, kmalloc_caches's refcount is initially 0.
 This makes erroneous situation.

 Paul Hargrove report that when he create a 8-byte kmem_cache and
 destory it, he encounter below message.
 'Objects remaining in kmalloc-8 on kmem_cache_close()'

 8-byte kmem_cache merge with 8-byte kmalloc cache and refcount is
 increased by one. So, resulting refcount is 1. When destroy it, it hit
 refcount = 0, then kmem_cache_close() is executed and error message is
 printed.

 This patch assign initial refcount 1 to kmalloc_caches, so fix this
 erroneous situation.

 Reported-by: Paul Hargrove <phhargrove@lbl.gov>
 Cc: Christoph Lameter <cl@linux.com>
 Signed-off-by: Joonsoo Kim <js1304@gmail.com>
 Signed-off-by: CAI Qian <caiqian@redhat.com>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

 ---
  mm/slub.c |    1 +
  1 file changed, 1 insertion(+)

 --- a/mm/slub.c
 +++ b/mm/slub.c
 @@ -3279,6 +3279,7 @@ static struct kmem_cache *__init create_
  	if (kmem_cache_open(s, flags))
  		goto panic;

 +	s->refcount = 1;
  	list_add(&s->list, &slab_caches);
  	return s;
	From caiqian@redhat.com Fri Feb 1 13:47:04 2013
	From: CAI Qian <caiqian@redhat.com>
	Date: Thu, 24 Jan 2013 22:50:09 -0500 (EST)
	Subject: slub: assign refcount for kmalloc_caches
	To: stable@vger.kernel.org
	Cc: Christoph Lameter <cl@linux.com>, Joonsoo Kim <js1304@gmail.com>, Paul Hargrove <phhargrove@lbl.gov>
	Message-ID: <2142250133.9176397.1359085809116.JavaMail.root@redhat.com>

	From: CAI Qian <caiqian@redhat.com>

	This is for stable-3.7.y only and this problem has already been solved
	in mainline through some slab/slub re-work which isn't suitable to
	backport here. See create_kmalloc_cache() in mm/slab_common.c there.

	commit cce89f4f6911286500cf7be0363f46c9b0a12ce0('Move kmem_cache
	refcounting to common code') moves some refcount manipulation code to
	common code. Unfortunately, it also removed refcount assignment for
	kmalloc_caches. So, kmalloc_caches's refcount is initially 0.
	This makes erroneous situation.

	Paul Hargrove report that when he create a 8-byte kmem_cache and
	destory it, he encounter below message.
	'Objects remaining in kmalloc-8 on kmem_cache_close()'

	8-byte kmem_cache merge with 8-byte kmalloc cache and refcount is
	increased by one. So, resulting refcount is 1. When destroy it, it hit
	refcount = 0, then kmem_cache_close() is executed and error message is
	printed.

	This patch assign initial refcount 1 to kmalloc_caches, so fix this
	erroneous situation.

	Reported-by: Paul Hargrove <phhargrove@lbl.gov>
	Cc: Christoph Lameter <cl@linux.com>
	Signed-off-by: Joonsoo Kim <js1304@gmail.com>
	Signed-off-by: CAI Qian <caiqian@redhat.com>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

	---
	mm/slub.c \| 1 +
	1 file changed, 1 insertion(+)

	--- a/mm/slub.c
	+++ b/mm/slub.c
	@@ -3279,6 +3279,7 @@ static struct kmem_cache *__init create_
	if (kmem_cache_open(s, flags))
	goto panic;

	+ s->refcount = 1;
	list_add(&s->list, &slab_caches);
	return s;