Re: mm: slub: invalid memory access in setup_object

From: Christoph Lameter
Date: Tue Jul 01 2014 - 10:59:03 EST


On Mon, 30 Jun 2014, David Rientjes wrote:

> It's not at all clear to me that that patch is correct. Wei?

Looks ok to me. But I do not like the convoluted code in new_slab() which
Wei's patch does not make easier to read. Makes it difficult for the
reader to see whats going on.

Lets drop the use of the variable named "last".


Subject: slub: Only call setup_object once for each object

Modify the logic for object initialization to be less convoluted
and initialize an object only once.

Signed-off-by: Christoph Lameter <cl@xxxxxxxxx>

Index: linux/mm/slub.c
===================================================================
--- linux.orig/mm/slub.c 2014-07-01 09:50:02.486846653 -0500
+++ linux/mm/slub.c 2014-07-01 09:52:07.918802585 -0500
@@ -1409,7 +1409,6 @@ static struct page *new_slab(struct kmem
{
struct page *page;
void *start;
- void *last;
void *p;
int order;

@@ -1432,15 +1431,11 @@ static struct page *new_slab(struct kmem
if (unlikely(s->flags & SLAB_POISON))
memset(start, POISON_INUSE, PAGE_SIZE << order);

- last = start;
for_each_object(p, s, start, page->objects) {
- setup_object(s, page, last);
- set_freepointer(s, last, p);
- last = p;
+ setup_object(s, page, p);
+ set_freepointer(s, p, p + s->size);
}
- setup_object(s, page, last);
- set_freepointer(s, last, NULL);
-
+ set_freepointer(s, start + (page->objects - 1) * s->size, NULL);
page->freelist = start;
page->inuse = page->objects;
page->frozen = 1;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/