Re: [Bug #10815] 2.6.26-rc4: RIP find_pid_ns+0x6b/0xa0

From: Nick Piggin
Date: Mon Jun 23 2008 - 21:51:32 EST

Next message: Li Zefan: "Re: [PATCH] CONNECTOR: add a proc entry to list connectors"
Previous message: Nick Piggin: "Re: [PATCH 3/3] sched: terminate newidle balancing once at least one task has moved over"
In reply to: Linus Torvalds: "Re: [Bug #10815] 2.6.26-rc4: RIP find_pid_ns+0x6b/0xa0"
Next in thread: Vegard Nossum: "Re: [Bug #10815] 2.6.26-rc4: RIP find_pid_ns+0x6b/0xa0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tuesday 24 June 2008 11:31, Linus Torvalds wrote:
> On Tue, 24 Jun 2008, Alexey Dobriyan wrote:
> > Status update:
> > * bug is reproduced on another box with the very same symptoms:
> > SMP=y, maxcpus=1 kernel occasionally fails, SMP=n is fine.
> > Also Core 2 Duo, x86_64 [1]
> >
> > Race is wide -- 60 seconds of rcutorture is enough.
>
> Very odd how you can reproduce it - now on two machines - but it doesn't
> seem to happen for others. You've tried different compilers, you've tried
> different config options, what the heck is left?

The PREEMPT_RCU thing? I've reproduced it. It hits lockless pagecache,
but I've also reproduced the same problem in dentry cache shrinking.
I'm sure it is a free-before-grace bug.

I've been using DEBUG_PAGEALLOC to make it easier to spot.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Li Zefan: "Re: [PATCH] CONNECTOR: add a proc entry to list connectors"
Previous message: Nick Piggin: "Re: [PATCH 3/3] sched: terminate newidle balancing once at least one task has moved over"
In reply to: Linus Torvalds: "Re: [Bug #10815] 2.6.26-rc4: RIP find_pid_ns+0x6b/0xa0"
Next in thread: Vegard Nossum: "Re: [Bug #10815] 2.6.26-rc4: RIP find_pid_ns+0x6b/0xa0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]