On Wed, 27 Nov 2013, Russell King - ARM Linux wrote:
> On Wed, Nov 27, 2013 at 02:29:41PM +0100, Thomas Gleixner wrote:
> > Though the kobject is the only thing which has a delayed work embedded
> > inside struct kmem_cache. And the debug object splat points at the
> > kmem_cache_free() of the struct kmem_cache itself. That's why I
> > assumed the wreckage around that place. And indeed:
> >
> > kmem_cache_destroy(s)
> > __kmem_cache_shutdown(s)
{
> > sysfs_slab_remove(s)
> > ....
> > kobject_put(&s->kobj)
> > kref_put(&kobj->kref, kobject_release);
> > kobject_release(kref)
> > #ifdef CONFIG_DEBUG_KOBJECT_RELEASE
> > schedule_delayed_work(&kobj->release)
> > #else
> > kobject_cleanup(kobj)
> > #endif
}
kmem_cache_free(s);
> >
> > So in the CONFIG_DEBUG_KOBJECT_RELEASE=y case, schedule_delayed_work()
> > _IS_ called which arms the timer. debugobjects catches the attempt to
> > free struct kmem_cache which contains the armed timer.
>
> You fail to show where the free is in the above path.
So, yes. it's the issue you are trying to catch, but that code in
question made already sure, that there are no references held, because
it detached itself from sysfs before calling kobject_put().
Thanks,
tglx
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
