Re: fix __exit_mm() dereference before check.

From: Linus Torvalds
Date: Fri Apr 16 2004 - 17:35:12 EST

Next message: Christoph Hellwig: "Re: fix notify_change() potential null dereference."
Previous message: Konstantin Gavrilenko: "2.6.5-mm6 reiserfs and hpt366 problems"
In reply to: Dave Jones: "fix __exit_mm() dereference before check."
Next in thread: Dave Jones: "Re: fix __exit_mm() dereference before check."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 16 Apr 2004, Dave Jones wrote:
>
> From a quick look, it appears passing NULL mm's down to mm_release()
> isn't a good idea.

Hmm.. Where's the dereference? I don't disagree with the patch per se, but
I don't see any real problem.

The mm->mm_users check is protected by "tsk->clear_child_tid", and that
will have been cleared already if we ever happen to call __exit_mm()
twice, so that one is safe.

So this patch might be a cleanup, but not a "fix" per se.

Linus

> --- linux-2.6.5/kernel/exit.c~ 2004-04-16 22:06:00.000000000 +0100
> +++ linux-2.6.5/kernel/exit.c 2004-04-16 22:06:51.000000000 +0100
> @@ -482,9 +482,10 @@
> {
> struct mm_struct *mm = tsk->mm;
>
> - mm_release(tsk, mm);
> if (!mm)
> return;
> + mm_release(tsk, mm);
> +
> /*
> * Serialize with any possible pending coredump.
> * We must hold mmap_sem around checking core_waiters
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Christoph Hellwig: "Re: fix notify_change() potential null dereference."
Previous message: Konstantin Gavrilenko: "2.6.5-mm6 reiserfs and hpt366 problems"
In reply to: Dave Jones: "fix __exit_mm() dereference before check."
Next in thread: Dave Jones: "Re: fix __exit_mm() dereference before check."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]