I am seeing a crash in dec_zone_page_state when called from
static void nfs_cancel_commit_list(struct list_head *head)
{
struct nfs_page *req;
while(!list_empty(head)) {
req = nfs_list_entry(head->next);
nfs_list_remove_request(req);
nfs_inode_remove_request(req);
nfs_clear_page_writeback(req);
dec_zone_page_state(req->wb_page, NR_UNSTABLE_NFS);
}
}
I see this was somewhat recently added. It appears that
nfs_clear_page_writeback has resulted in the req being freed. We are
running with CONFIG_SLAB_DEBUG on which poisons memory with repeated
0x6b bytes when freed so the subsequent reference to req results in a
bad wb_page pointer.
Is it the expectation that the request will be freed here? If so, should
the dec_zone_page_state call be re-ordered, the wb_page pointer saved
before calling nfs_clear_page_writeback, or wb_count being incremented
and then adding a call to nfs_release_request?
Frank Filz
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Mon, 2006-09-18 at 23:24 -0400, Trond Myklebust wrote:
> On Mon, 2006-09-18 at 16:55 -0700, Frank Filz wrote:
> > I am seeing a crash in dec_zone_page_state when called from
> >
> > static void nfs_cancel_commit_list(struct list_head *head)
> > {
> > struct nfs_page *req;
> >
> > while(!list_empty(head)) {
> > req = nfs_list_entry(head->next);
> > nfs_list_remove_request(req);
> > nfs_inode_remove_request(req);
> > nfs_clear_page_writeback(req);
> > dec_zone_page_state(req->wb_page, NR_UNSTABLE_NFS);
> > }
> > }
> >
> > I see this was somewhat recently added. It appears that
> > nfs_clear_page_writeback has resulted in the req being freed. We are
> > running with CONFIG_SLAB_DEBUG on which poisons memory with repeated
> > 0x6b bytes when freed so the subsequent reference to req results in a
> > bad wb_page pointer.
>
> Does the attached patch fix it for you?
I've had a chance to do some testing of this. It turns out that
nfs_inode_remove_request() will set wb_page to NULL, so it looks like
the call to dec_zone_page_state needs to be moved up before
nfs_inode_remove_request(). I'm testing that right now, but I start to
wonder exactly what the dec_zone_page_state is doing in this case, I
know that was a recent addition.
Frank Filz
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Mon, 2006-10-09 at 16:25 -0400, Trond Myklebust wrote:
> On Mon, 2006-10-09 at 11:30 -0700, Frank Filz wrote:
> > I've had a chance to do some testing of this. It turns out that
> > nfs_inode_remove_request() will set wb_page to NULL, so it looks like
> > the call to dec_zone_page_state needs to be moved up before
> > nfs_inode_remove_request(). I'm testing that right now, but I start to
> > wonder exactly what the dec_zone_page_state is doing in this case, I
> > know that was a recent addition.
>
> Yup, that makes sense. Furthermore, it looks like the call to
> nfs_clear_page_writeback is redundant, since nfs_inode_remove_request
> will cause the tags to be implicitly cleared.
>
> How does the attached patch work for you?
That did the trick. Thanks.
Frank
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs