Commit 92d585ef067d ("numa: fix NULL pointer access and memory
leak in unregister_one_node()") added kfree() of node struct in
unregister_one_node(). But node struct is freed by node_device_release()
which is called in unregister_node(). So by adding the kfree(),
node struct is freed two times.
While hot removing memory, the commit leads the following BUG_ON():
kernel BUG at mm/slub.c:3346!
invalid opcode: 0000 [#1] SMP
[...]
Call Trace:
[...] unregister_one_node
[...] try_offline_node
[...] remove_memory
[...] acpi_memory_device_remove
[...] acpi_bus_trim
[...] acpi_bus_trim
[...] acpi_device_hotplug
[...] acpi_hotplug_work_fn
[...] process_one_work
[...] worker_thread
[...] ? rescuer_thread
[...] kthread
[...] ? kthread_create_on_node
[...] ret_from_fork
[...] ? kthread_create_on_node
This patch removes unnecessary kfree() from unregister_one_node().
Signed-off-by: Yasuaki Ishimatsu <isimatu.yasuaki@xxxxxxxxxxxxxx>
Cc: Xishi Qiu <qiuxishi@xxxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx # v3.16+
Fixes: 92d585ef067d "numa: fix NULL pointer access and memory leak in unregister_one_node()"
---
drivers/base/node.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/drivers/base/node.c b/drivers/base/node.c
index c6d3ae0..d51c49c 100644
--- a/drivers/base/node.c
+++ b/drivers/base/node.c
@@ -603,7 +603,6 @@ void unregister_one_node(int nid)
return;
unregister_node(node_devices[nid]);
- kfree(node_devices[nid]);
node_devices[nid] = NULL;
}
--
1.8.3.1
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>