diff options
author | Vaibhav Nagarnaik <vnagarnaik@google.com> | 2012-06-22 14:50:05 -0400 |
---|---|---|
committer | Steven Rostedt <rostedt@goodmis.org> | 2012-06-29 16:16:35 -0400 |
commit | 44b99462d9d776522e174d6c531ce5ccef309e26 (patch) | |
tree | 084dba8a82b1d0e6da17063e200d62a07c6a6e76 | |
parent | 662f5cedb38c4b88e1cebfd54a88159f2f7ab7b9 (diff) |
ring-buffer: Fix crash due to uninitialized new_pages list head
The new_pages list head in the cpu_buffer is not initialized. When
adding pages to the ring buffer, if the memory allocation fails in
ring_buffer_resize, the clean up handler tries to free up the allocated
pages from all the cpu buffers. The panic is caused by referencing the
uninitialized new_pages list head.
Initializing the new_pages list head in rb_allocate_cpu_buffer fixes
this.
Link: http://lkml.kernel.org/r/1340391005-10880-1-git-send-email-vnagarnaik@google.com
Cc: Justin Teravest <teravest@google.com>
Cc: David Sharp <dhsharp@google.com>
Signed-off-by: Vaibhav Nagarnaik <vnagarnaik@google.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
-rw-r--r-- | kernel/trace/ring_buffer.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 1d0f6a8a0e5e..ba39cbabdc9f 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c | |||
@@ -1075,6 +1075,7 @@ rb_allocate_cpu_buffer(struct ring_buffer *buffer, int nr_pages, int cpu) | |||
1075 | rb_init_page(bpage->page); | 1075 | rb_init_page(bpage->page); |
1076 | 1076 | ||
1077 | INIT_LIST_HEAD(&cpu_buffer->reader_page->list); | 1077 | INIT_LIST_HEAD(&cpu_buffer->reader_page->list); |
1078 | INIT_LIST_HEAD(&cpu_buffer->new_pages); | ||
1078 | 1079 | ||
1079 | ret = rb_allocate_pages(cpu_buffer, nr_pages); | 1080 | ret = rb_allocate_pages(cpu_buffer, nr_pages); |
1080 | if (ret < 0) | 1081 | if (ret < 0) |