Revision 10f1d5d111e8aed46a0f1179faf9a3cf422f689e authored by Joe Thornber on 27 June 2014, 19:29:04 UTC, committed by Mike Snitzer on 10 July 2014, 20:44:14 UTC
There's a race condition between the atomic_dec_and_test(&io->count) in dec_count() and the waking of the sync_io() thread. If the thread is spuriously woken immediately after the decrement it may exit, making the on stack io struct invalid, yet the dec_count could still be using it. Fix this race by using a completion in sync_io() and dec_count(). Reported-by: Minfei Huang <huangminfei@ucloud.cn> Signed-off-by: Joe Thornber <thornber@redhat.com> Signed-off-by: Mike Snitzer <snitzer@redhat.com> Acked-by: Mikulas Patocka <mpatocka@redhat.com> Cc: stable@vger.kernel.org
1 parent bf14299
makelst
#!/bin/sh
# A script to dump mixed source code & assembly
# with correct relocations from System.map
# Requires the following lines in makefile:
#%.lst: %.c
# $(CC) $(c_flags) -g -c -o $*.o $< &&
# $(srctree)/scripts/makelst $*.o System.map $(OBJDUMP) > $@
#
# Copyright (C) 2000 IBM Corporation
# Author(s): DJ Barrow (djbarrow@de.ibm.com,barrow_dj@yahoo.com)
# William Stearns <wstearns@pobox.com>
#
# awk style field access
field() {
shift $1 ; echo $1
}
t1=`$3 --syms $1 | grep .text | grep -m1 " F "`
if [ -n "$t1" ]; then
t2=`field 6 $t1`
if [ ! -r $2 ]; then
echo "No System.map" >&2
else
t3=`grep $t2 $2`
t4=`field 1 $t3`
t5=`field 1 $t1`
t6=`printf "%lu" $((0x$t4 - 0x$t5))`
fi
fi
$3 -r --source --adjust-vma=${t6:-0} $1
Computing file changes ...
