Prev: lp_events: an lternitive to suspend blocker user mode and kernel API
Next: module: fix reference to mod->percpu after freeing module.
From: Rusty Russell on 31 May 2010 06:30
Rafael sees a sometimes crash at precpu_modfree from kernel/module.c; it
only occurred with another (since-reverted) patch, but that patch simply
changed timing to uncover this bug, it was otherwise unrelated.

The comment about the mod being freed is self-explanatory, but neither
Tejun nor I read it. This bug was introduced in 259354deaa, after it
had previously been fixed in 6e2b75740b. How embarrassing.

Reported-by: "Rafael J. Wysocki" <rjw(a)sisk.pl>
Signed-off-by: Rusty Russell <rusty(a)rustcorp.com.au>
Cc: Tejun Heo <tj(a)kernel.org>
Cc: Masami Hiramatsu <mhiramat(a)redhat.com>
Tested-by: "Rafael J. Wysocki" <rjw(a)sisk.pl>
---
kernel/module.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/kernel/module.c b/kernel/module.c
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2031,6 +2031,7 @@ static noinline struct module *load_modu
long err = 0;
void *ptr = NULL; /* Stops spurious gcc warning */
unsigned long symoffs, stroffs, *strmap;
+ void __percpu *percpu;

mm_segment_t old_fs;

@@ -2175,6 +2176,8 @@ static noinline struct module *load_modu
goto free_mod;
sechdrs[pcpuindex].sh_flags &= ~(unsigned long)SHF_ALLOC;
}
+ /* Keep this around for failure path. */
+ percpu = mod_percpu(mod);

/* Determine total sizes, and put offsets in sh_entsize. For now
this is done generically; there doesn't appear to be any
@@ -2480,7 +2483,7 @@ static noinline struct module *load_modu
module_free(mod, mod->module_core);
/* mod will be freed with core. Don't access it beyond this line! */
free_percpu:
- percpu_modfree(mod);
+ free_percpu(percpu);
free_mod:
kfree(args);
kfree(strmap);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: lp_events: an lternitive to suspend blocker user mode and kernel API
Next: module: fix reference to mod->percpu after freeing module.