Re: [PATCH] mremap NULL pointer dereference fix

[Rajesh Venkatasubramanian]

> >
> > This saves a goto.   It works, but I wasn't able to trigger
> > the oops without it either.
>
> To trigger the bug you have to have _just_ the right memory usage, I
> suspect. You literally have to have the destination page directory
> allocation unmap the _exact_ source page (which has to be clean) for the
> bug to hit.

A minor point. It is not necessary for the src to be clean because a
parallel truncate can also invalidate the src. Actually, my test program
uses truncate to invalidate the src.

> Your version of the patch saves a goto in the source, but results in an
> extra goto in the generated assembly unless the compiler is clever enough
> to notice the double test for NULL.
>
> Never mind, that's a micro-optimization, and your version is cleaner.

Yeah. Andrew's patch is lot cleaner than my _crap_ patch.

> Let's go with it if Rajesh can verify that it fixes the problem for him.

Yeap. Andrew's patch fixes the problem. I did put in a printk along with
Andrew's patch to check whether the NULL src condition repeats. I could
trigger the condition again, and the machine didn't oops because of the
patch.

Thanks,
Rajesh


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/