On 2019/9/19 17:30, Greg KH wrote:
> On Thu, Sep 19, 2019 at 05:18:15PM +0800, Xiaoming Ni wrote:
>> Using kzalloc() to allocate memory in function con_init(), but not
>> checking the return value, there is a risk of null pointer references
>> oops.
>>
>> Signed-off-by: Xiaoming Ni
>
> We keep hav
On Wed, July 10, 2019 1:49 PM Vasily Averin wrote:
>On 7/10/19 6:09 AM, Xiaoming Ni wrote:
>> Registering the same notifier to a hook repeatedly can cause the hook
>> list to form a ring or lose other members of the list.
>
>I think is not enough to _prevent_ 2nd register attempt,
>it's enough to d
On Wed, July 10, 2019 1:56 PM Greg KH wrote:
>On Wed, Jul 10, 2019 at 11:09:07AM +0800, Xiaoming Ni wrote:
>> Registering the same notifier to a hook repeatedly can cause the hook
>> list to form a ring or lose other members of the list.
>
>Then don't do that :)
>
Duplicate registration is checked
On Fri, 14 Jun 2019 03:38 AM Andrew Morton wrote:
>On Thu, 13 Jun 2019 22:07:44 +0800 Xiaoming Ni wrote:
>
>> Registering the same notifier to a hook repeatedly can cause the hook
>> list to form a ring or lose other members of the list.
>> .
>>
>> diff --git a/kernel/notifier.c b/kernel/not
On Wed, Apr 24, 2019 at 7:00 AM Stephen Boyd wrote:
>Quoting nixiaoming (2019-03-30 06:55:42)
>> The _get_div() function has a branch with a return value of 0
>> Add a check on the return value of _get_div() to avoid divide-by-zero
>>
>
>Are you seeing this in practice
On Wed, Apr 24, 2019 at 6:52 AM Stephen Boyd wrote:
>Quoting nixiaoming (2019-03-30 06:54:50)
>> In the function divider_recalc_rate() The judgment of the return value of
>> _get_div() indicates that the return value of _get_div() can be 0.
>
>When does _get_div()
The _get_div() function has a branch with a return value of 0
Add a check on the return value of _get_div() to avoid divide-by-zero
Signed-off-by: nixiaoming
Reviewed-by: Mukesh Ojha
---
drivers/clk/mmp/clk-mix.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/drivers/clk/mmp/clk
In the function divider_recalc_rate() The judgment of the return value of
_get_div() indicates that the return value of _get_div() can be 0.
In order to avoid the divide-by-zero error, add check for return value
of _get_div() in the divider_ro_round_rate_parent()
Signed-off-by: nixiaoming
On 3/30/2019 5:44 PM, Mukesh Ojha wrote:
>On 3/30/2019 8:01 AM, nixiaoming wrote:
>> In the function divider_recalc_rate() The judgment of the return value of
>> _get_div() indicates that the return value of _get_div() may be 0.
>
>s/may be/can be
Thank you for your comment
The _get_div() function has a branch with a return value of 0
Add a check on the return value of _get_div() to avoid divide-by-zero
Signed-off-by: nixiaoming
Reviewed-by: Mukesh Ojha
---
drivers/clk/mmp/clk-mix.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/drivers/clk/mmp/clk
In the function divider_recalc_rate() The judgment of the return value of
_get_div() indicates that the return value of _get_div() may be 0.
In order to avoid the divide-by-zero error, add check the return value
of _get_div() in the divider_ro_round_rate_parent()
Signed-off-by: nixiaoming
On 3/30/2019 6:48 AM Stephen Boyd wrote:
>Quoting nixiaoming (2019-03-29 04:46:00)
>> The _get_div function has a branch with a return value of 0
>> Add a check on the return value of _get_div to avoid divide-by-zero
>>
>> Signed-off-by: nixiaoming
>
>Similar q
On 3/30/2019 6:42 AM Stephen Boyd wrote:
>Quoting nixiaoming (2019-03-29 02:05:24)
>> In the function divider_recalc_rate The judgment of the return value of
>
>Please write divider_recalc_rate() with parenthesis to show it's a
>function.
>
>> _get_div indicates t
The _get_div function has a branch with a return value of 0
Add a check on the return value of _get_div to avoid divide-by-zero
Signed-off-by: nixiaoming
Reviewed-by: Mukesh Ojha
---
drivers/clk/mmp/clk-mix.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/drivers/clk/mmp/clk-mix.c b
The _get_div function has a branch with a return value of 0
Add a check on the return value of _get_div to avoid divide-by-zero
Signed-off-by: nixiaoming
---
drivers/clk/mmp/clk-mix.c | 4
1 file changed, 4 insertions(+)
diff --git a/drivers/clk/mmp/clk-mix.c b/drivers/clk/mmp/clk-mix.c
In the function divider_recalc_rate The judgment of the return value of
_get_div indicates that the return value of _get_div may be 0.
In order to avoid the divide-by-zero error, add check the return value
of _get_div in the divider_ro_round_rate_parent
Signed-off-by: nixiaoming
---
drivers/clk
On Tue, Sep 18, 2018 3:07 PM Amir Goldstein
>On Tue, Sep 18, 2018 at 6:01 AM Nixiaoming wrote:
>>
>> On Mon, Sep 17, 2018 11:51 PM Amir Goldstein wrote:
>> >On Mon, Sep 17, 2018 at 6:05 PM nixiaoming wrote:
>...
>> >> diff --git a/include/linux/fs
On Mon, Sep 17, 2018 11:51 PM Amir Goldstein wrote:
>On Mon, Sep 17, 2018 at 6:05 PM nixiaoming wrote:
>>
>> In order to identify which thread triggered the event in the
>> multi-threaded program, add the FAN_EVENT_INFO_TID tag in fanotify_init
>
>According to code a
In order to identify which thread triggered the event in the
multi-threaded program, add the FAN_EVENT_INFO_TID tag in fanotify_init
to select whether to report the event creator's thread id information.
Signed-off-by: nixiaoming
---
fs/notify/fanotify/fanotify.c | 5 -
fs/n
On Mon, Sep 17, 2018 6:54 PM Amir Goldstein wrote:
>On Mon, Sep 17, 2018 at 1:02 PM nixiaoming wrote:
>>
>> Added FAN_EVENT_INFO_TID to select the thread id of the event trigger
>>
>
>Maybe "to report the thread id of the task that caused the event".
>
I am very sorry, I sent the wrong email, please ignore the patch just now.
-Original Message-
From: Nixiaoming
Sent: Monday, September 17, 2018 5:16 PM
To: j...@suse.cz; amir7...@gmail.com
Cc: Nixiaoming ; linux-fsde...@vger.kernel.org;
linux-kernel@vger.kernel.org
Subject: [PATCH] fix
Added FAN_EVENT_INFO_TID to select the thread id of the event trigger
Signed-off-by: nixiaoming
---
fs/notify/fanotify/fanotify.c | 66 +-
fs/notify/fanotify/fanotify.h | 2 +-
fs/notify/fanotify/fanotify_user.c | 4 +--
include/uapi/linux
NULL) in ramoops_exit
so, add return val for ramoops_register_dummy, and check it in ramoops_init
3, memory leak in ramoops_init.
miss platform_device_unregister(dummy) and kfree(dummy_data)
when platform_driver_register(&ramoops_driver) return fail
Signed-off-by: nixiaoming
---
fs/psto
on Thu, Sep 13, 2018 at 8:32 PM Amir Goldstein wrote:
>On Thu, Sep 13, 2018 at 2:25 PM Nixiaoming wrote:
>>
>> On Tue, Sep 11, 2018 at 11:12 PM Amir Goldstein wrote:
>> >On Tue, Sep 11, 2018 at 9:51 AM Nixiaoming wrote:
>> >>
>> >> Inotif
On Tue, Sep 11, 2018 at 11:12 PM Amir Goldstein wrote:
>On Tue, Sep 11, 2018 at 9:51 AM Nixiaoming wrote:
>>
>> Inotify api cannot display information about users and processes.
>> That is, you can only know that the file event is generated, but you don't
>> kno
Inotify api cannot display information about users and processes.
That is, you can only know that the file event is generated, but you don't know
who triggered the event, which is not conducive to fault location.
Is it possible to add pid and comm members to the event structure to increase
the di
assignment statements
Signed-off-by: nixiaoming
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust
Signed-off-by: J. Bruce Fields
---
fs/nfsd/nfs4xdr.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index a96843c..e669e20 100644
---
On Wednesday, August 01, 2018 11:18 PM , J. Bruce Fields wrote:
>On Mon, Jul 23, 2018 at 09:57:11AM +0800, nixiaoming wrote:
>> READ_BUF(8);
>> dummy = be32_to_cpup(p++);
>> dummy = be32_to_cpup(p++);
>> ...
>> READ_BUF(4);
>> dummy = be32_to_cpup(p++);
advisory:
1 After creating dentry in d_alloc_name, should I call dput to release
resources before the exception exit?
2 After calling the new_inode to create an inode, should the inode resource be
released before the exception exit?
If the dentry and inode resources need to be actively released,
assignment statements
Signed-off-by: nixiaoming
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust
---
fs/nfsd/nfs4xdr.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index a96843c..375ad4b 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
ever wrote:
>> > > > On Jul 22, 2018, at 4:50 AM, nixiaoming
>> > > > wrote:
>> > > >
>> > > > dummy = be32_to_cpup(p++);
>> > > > dummy = be32_to_cpup(p++);
>> > > > Assigning value to "
dummy = be32_to_cpup(p++);
dummy = be32_to_cpup(p++);
Assigning value to "dummy" here, but that stored value
is overwritten before it can be used.
delete invalid assignment statements in nfsd4_decode_exchange_id
Signed-off-by: n00202754
---
fs/nfsd/nfs4xdr.c | 4 ++--
1 file changed, 2 insertio
Assigning value -EINVAL to "retval" here, but that stored value is
overwritten before it can be used.
retval = -EINVAL;
retval = rw_verify_area(WRITE, out.file, &out_pos, count);
value_overwrite: Overwriting previous write to "retval" with value
from rw_verify_area
delete invalid assignment
I'm very sorry. It was my mistake.
it won't cross the border here.
Thanks
-Original Message-
From: Michal Hocko [mailto:mho...@kernel.org]
Sent: Monday, June 04, 2018 7:20 PM
To: Nixiaoming
Cc: a...@linux-foundation.org; vdavydov@gmail.com; han...@cmpxchg.o
In the function memcg_init_list_lru
if call goto fail when i == 0, will cause out-of-bounds at lru->node[i]
The same out-of-bounds access scenario exists in the functions
memcg_update_list_lru and __memcg_init_list_lru_node
Signed-off-by: nixiaoming
---
mm/list_lru.c | 7 +++
1 f
if (!namelen) /*The condition "!namelen"" cannot be true*/
namelen = strnlen(name, 256); /*deadcode*/
Modify parameter checking to avoid dead code
Signed-off-by: nixiaoming
---
net/dns_resolver/dns_query.c | 8 +++-
1 file changed, 3 insertions(+
Hello
I have trouble reading the code, I hope you can help guide
The function sata_print_link_status in the file drivers/ata/libata-core.c
checks the return value when the function sata_scr_read is called on line 3009,
but does not check the return value when calling sata_scr_read on line 3011.
: Wednesday, May 30, 2018 4:08 PM
To: Nixiaoming
Cc: Will Deacon ; catalin.mari...@arm.com;
ard.biesheu...@linaro.org; marc.zyng...@arm.com; james.mo...@arm.com;
kristina.martse...@arm.com; steve.cap...@arm.com; t...@linutronix.de;
mi...@redhat.com; h...@zytor.com; a...@linux-foundation.org; vba
On 30 May 2018 at 2:07PM Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
wrote:
>On 30 May 2018 at 07:58, Ingo Molnar wrote:
>>
>> * nixiaoming wrote:
>>
>>> mark_rodata_ro is only called by the function mark_readonly
>>> when CONFIG_STRICT_KERNEL_RWX=y
Unable to set CONFIG_STRICT_KERNEL_RWX=n by make menuconfig ARCH=arm64
When reading the code, I feel it is more appropriate to add macro control here.
-Original Message-
From: Will Deacon [mailto:will.dea...@arm.com]
Sent: Tuesday, May 29, 2018 11:45 PM
To: Nixiaoming
Cc: catalin.mari
mark_rodata_ro is only called by the function mark_readonly
when CONFIG_STRICT_KERNEL_RWX=y
if CONFIG_STRICT_KERNEL_RWX is not set
a compile warning may be triggered: unused function
Signed-off-by: nixiaoming
---
arch/x86/mm/init_32.c | 2 ++
arch/x86/mm/init_64.c | 2 ++
2 files changed, 4
mark_rodata_ro is only called by the function mark_readonly
when CONFIG_STRICT_KERNEL_RWX=y
if CONFIG_STRICT_KERNEL_RWX is not set
a compile warning may be triggered: unused function
Signed-off-by: nixiaoming
---
arch/s390/mm/init.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch
mark_rodata_ro is only called by the function mark_readonly when
CONFIG_STRICT_KERNEL_RWX=y,
if CONFIG_STRICT_KERNEL_RWX is not set
a compile warning may be triggered: unused function
Signed-off-by: nixiaoming
---
arch/arm64/mm/mmu.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch
Signed-off-by: nixiaoming
---
arch/arm64/mm/mmu.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index 2dbb2c9..849f326 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -491,6 +491,7 @@ static void __init map_mem(pgd_t *pgdp)
#endif
Signed-off-by: nixiaoming
---
arch/x86/mm/init_32.c | 2 ++
arch/x86/mm/init_64.c | 2 ++
2 files changed, 4 insertions(+)
diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c
index c893c6a..121c567 100644
--- a/arch/x86/mm/init_32.c
+++ b/arch/x86/mm/init_32.c
@@ -920,6 +920,7 @@ static
Signed-off-by: nixiaoming
---
arch/s390/mm/init.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
index 3fa3e53..a96fc3f 100644
--- a/arch/s390/mm/init.c
+++ b/arch/s390/mm/init.c
@@ -116,6 +116,7 @@ void __init paging_init(void
r "d" need arg type "int",
but the according arg "(*w2)(ehdr->e_machine)" has type "unsigned int"
scripts/recordmcount.h: function find_secsym_ndx:
"fprintf", the #1 format specifier "d" need arg type "int",
but the acco
format specifier "d" need arg type "int" , but the according arg
"fdt32_to_cpu(xxx)" has type "unsigned int"
Signed-off-by: nixiaoming
---
scripts/dtc/fdtdump.c | 6 +++---
scripts/dtc/flattree.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(
NULL) in ramoops_exit
so, add return val for ramoops_register_dummy, and check it in ramoops_init
3, memory leak in ramoops_init.
miss platform_device_unregister(dummy) and kfree(dummy_data)
when platform_driver_register(&ramoops_driver) return fail
Signed-off-by: nixiaoming
---
fs/psto
NULL) in ramoops_exit
so, add return val for ramoops_register_dummy, and check it in ramoops_init
3, memory leak in ramoops_init.
miss platform_device_unregister(dummy) and kfree(dummy_data)
when platform_driver_register(&ramoops_driver) return fail
Signed-off-by: nixiaoming
---
fs/psto
Test on 4.14.0-rc4:
CPU: 7 PID: 449 Comm: rmmod Tainted: G O4.14.0-rc4+ #1
Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
Call Trace:
dump_stack+0x50/0x80
jtty_kref_put+0x5a/0x5c [jprobe_tty_kref_put]
uart_remove_one_port+0xe8/0x220 [serial_core]
? __might_sleep+0x4a/0x90
ser
On Fri, Sep 15, 2017 at 10:46 AM, Willem de Bruijn
wrote:
>
> In case of failure we also need to unlink and free match. I
> sent the following:
>
> http://patchwork.ozlabs.org/patch/813945/
+ spin_lock(&po->bind_lock);
+ if (po->running &&
+ match->type == type &&
xec/0x110
[] ? tg_rt_schedulable+0x210/0x220
[] ? kthread_freezable_should_stop+0x80/0x80
[] ret_from_fork+0x42/0x70
[] ? kthread_freezable_should_stop+0x80/0x80
Signed-off-by: nixiaoming
---
fs/proc/proc_tty.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/proc/proc_tty.c
xec/0x110
[] ? tg_rt_schedulable+0x210/0x220
[] ? kthread_freezable_should_stop+0x80/0x80
[] ret_from_fork+0x42/0x70
[] ? kthread_freezable_should_stop+0x80/0x80
Signed-off-by: nixiaoming
---
fs/proc/proc_tty.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/proc/proc_tty.c
0xa4/0xd4
Signed-off-by: nixiaoming
Tested-by: wudesheng
---
net/packet/af_packet.c | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 54a18a8..7a52a3b 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packe
ce:
[] dump_backtrace+0x0/0xf8
[] show_stack+0x20/0x28
[] dump_stack+0xac/0xe4
[] panic+0xf8/0x268
[] __unregister_prot_hook+0xa0/0x144
[] packet_set_ring+0x280/0x5b4
[] packet_setsockopt+0x320/0x950
[] SyS_setsockopt+0xa4/0xd4
Signed-off-by: nixiaoming
Tested-by: wudesheng
---
net/packet/af_pa
ce:
[] dump_backtrace+0x0/0xf8
[] show_stack+0x20/0x28
[] dump_stack+0xac/0xe4
[] panic+0xf8/0x268
[] __unregister_prot_hook+0xa0/0x144
[] packet_set_ring+0x280/0x5b4
[] packet_setsockopt+0x320/0x950
[] SyS_setsockopt+0xa4/0xd4
Signed-off-by: nixiaoming
Tested-by: wudesheng
---
net/packet/af_pa
ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
but no free when anon_inode_getfd return fail
so, add kfree(ctx) to fix memory leak
Signed-off-by: nixiaoming
Reviewed-by: Paolo Bonzini
---
arch/powerpc/kvm/book3s_64_mmu_hv.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/powerpc/kvm
>On 23.08.2017 08:06, Paul Mackerras wrote:
>> On Wed, Aug 23, 2017 at 01:43:08AM +, Nixiaoming wrote:
>>>> On 22.08.2017 17:15, David Hildenbrand wrote:
>>>>> On 22.08.2017 16:28, nixiaoming wrote:
>>>>>> miss kfree(stt) when anon_inode_g
>On 23.08.2017 08:06, Paul Mackerras wrote:
>> On Wed, Aug 23, 2017 at 01:43:08AM +, Nixiaoming wrote:
>>>> On 22.08.2017 17:15, David Hildenbrand wrote:
>>>>> On 22.08.2017 16:28, nixiaoming wrote:
>>>>>> miss kfree(stt) when anon_inode_g
>On 22.08.2017 17:15, David Hildenbrand wrote:
>> On 22.08.2017 16:28, nixiaoming wrote:
>>> miss kfree(stt) when anon_inode_getfd return fail so add check
>>> anon_inode_getfd return val, and kfree stt
>>>
>>> Signed-off-by: nixiaoming
>
miss kfree(stt) when anon_inode_getfd return fail
so add check anon_inode_getfd return val, and kfree stt
Signed-off-by: nixiaoming
---
arch/powerpc/kvm/book3s_64_vio.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/kvm/book3s_64_vio.c b/arch/powerpc/kvm
ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
but no free when anon_inode_getfd return fail
so, add kfree(ctx) to fix memory leak
Signed-off-by: nixiaoming
---
arch/powerpc/kvm/book3s_64_mmu_hv.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/powerpc/kvm/book3s_64_mmu_hv.c
b/arch/powerpc
BOL_GPL(kvm_get_kvm);
Signed-off-by: nixiaoming
---
virt/kvm/eventfd.c | 2 ++
virt/kvm/kvm_main.c | 52 +---
2 files changed, 51 insertions(+), 3 deletions(-)
diff --git a/virt/kvm/eventfd.c b/virt/kvm/eventfd.c
index f2ac53a..250200b 100644
---
cer == null */
return -einval;
}
EXPORT_SYMBOL_GPL(irq_bypass_register_producer);
Signed-off-by: nixiaoming
---
virt/lib/irqbypass.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/virt/lib/irqbypass.c b/virt/lib/irqbypass.c
index 6d2fcd6..2bb99e8 100
65 matches
Mail list logo
