ioops: fix build error by renaming 'len' variable - netsniff-ng.git - A high-performance Linux networking toolkit

summary refs log tree commit diff

path: root/staging/cli_launch.c

diff options

author	Daniel Borkmann <dborkman@redhat.com>	2013-06-04 14:08:46 +0200
committer	Daniel Borkmann <dborkman@redhat.com>	2013-06-04 14:08:46 +0200
commit	214cb42c626cfe5fe5d9ef1e83e7b23cca1cf02b (patch)
tree	d6a9765bb5ebabe664d9cdae6eafe46117618186 /staging/cli_launch.c
parent	f712d7a28192cbfcde5845d0c2e78fefd7386273 (diff)

ioops: fix build error by renaming 'len' variable

Argh, forgot to rename variables in read_blob_or_die/write_blob_or_die. ioops.c: In function ‘read_blob_or_die’: ioops.c:105:30: error: ‘len’ undeclared (first use in this function) ioops.c:105:30: note: each undeclared identifier is reported only once for each function it appears in ioops.c: In function ‘write_blob_or_die’: ioops.c:116:31: error: ‘len’ undeclared (first use in this function) make: *** [netsniff-ng/ioops.o] Error 1 Signed-off-by: Daniel Borkmann <dborkman@redhat.com>

Diffstat (limited to 'staging/cli_launch.c')

0 files changed, 0 insertions, 0 deletions

th+0x12/0x76 Code: 5d c3 66 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 48 83 ec 20 65 48 8b 04 25 28 00 00 00 48 89 45 f8 31 c0 48 8d 47 48 <48> 39 47 48 48 c7 45 e8 00 00 00 00 48 c7 45 f0 00 00 00 00 48 RIP [<ffffffff810dff80>] __wake_up_bit+0x20/0x70 RSP <ffff880017b97be8> CR2: ffffc90008963690 Reproduce method (re-add a node):: Hot-add nodeA --> remove nodeA --> hot-add nodeA (panic) This seems an use-after-free problem, and the root cause is zone->wait_table was not set to *NULL* after free it in try_offline_node. When hot re-add a node, we will reuse the pgdat of it, so does the zone struct, and when add pages to the target zone, it will init the zone first (including the wait_table) if the zone is not initialized. The judgement of zone initialized is based on zone->wait_table: static inline bool zone_is_initialized(struct zone *zone) { return !!zone->wait_table; } so if we do not set the zone->wait_table to *NULL* after free it, the memory hotplug routine will skip the init of new zone when hot re-add the node, and the wait_table still points to the freed memory, then we will access the invalid address when trying to wake up the waiting people after the i/o operation with the page is done, such as mentioned above. Signed-off-by: Gu Zheng <guz.fnst@cn.fujitsu.com> Reported-by: Taku Izumi <izumi.taku@jp.fujitsu.com> Reviewed by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com> Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Cc: Tang Chen <tangchen@cn.fujitsu.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Diffstat (limited to 'drivers/block')