Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
lib/idr.c: use kmem_cache_zalloc() for the idr_layer cache
David points out that the idr_remove_all() function returns unused slabs to the kmem cache, but needs to zero them first or else they will be uninitialized upon next use. This causes crashes which have been observed in the firewire subsystem. He fixed this by zeroing the object before freeing it in idr_remove_all(). But we agree that simply removing the constructor and zeroing the object at allocation time is simpler than relying upon slab constructor machinery and might even be faster. This problem was introduced by "idr: make idr_remove rcu-safe" (commit cf481c2), which was first released in 2.6.27. There are no known codesites which trigger this bug in 2.6.27 or 2.6.28. The post-2.6.28 firewire changes are the only known triggerer. There might of course be not-yet-discovered triggerers in 2.6.27 and 2.6.28, and there might be out-of-tree triggerers which are added to those kernel versions. I'll let the -stable guys decide whether they want to backport this fix. Reported-by: David Moore <[email protected]> Cc: Stefan Richter <[email protected]> Cc: Nadia Derbey <[email protected]> Cc: Paul E. McKenney <[email protected]> Cc: Manfred Spraul <[email protected]> Cc: Kristian Hgsberg <[email protected]> Acked-by: Pekka Enberg <[email protected]> Cc: <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
- Loading branch information
