Re: [PATCH] tracing: Fix WARN_ON in tracing_buffers_mmap_close

Next message: Geert Uytterhoeven: "Re: [PATCH 11/13] clk: renesas: rzg2l-cpg: drop determine_rate op and use CLK_ROUNDING_FW_MANAGED flag"
Previous message: Andrew Lunn: "Re: [PATCH net-next] net: mana: Expose page_pool stats via ethtool"
In reply to: Steven Rostedt: "Re: [PATCH] tracing: Fix WARN_ON in tracing_buffers_mmap_close"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Vincent Donnefort

Date: Fri Feb 27 2026 - 10:17:24 EST

On Fri, Feb 27, 2026 at 10:10:02AM -0500, Steven Rostedt wrote:
> On Fri, 27 Feb 2026 10:41:17 +0000
> Vincent Donnefort <vdonnefort@xxxxxxxxxx> wrote:
>
> > > Hum, not sure this is entirely correct. We do set VM_DONTCOPY when creating the
> > > mapping (see __rb_map_vma). So AFAICT ->open() is not called in this situation (see
> > > dup_mmap())
> >
> > Ah right, Syzkaller is using madvise(MADVISE_DOFORK) which resets VM_DONTCOPY.
>
> Hmm,
>
> So this means user space can override the DONTCOPY? Can this cause bugs
> elsewhere that DONTCOPY is used?

Indeed, user space can clear DONTCOPY... unless we also set VM_IO.

>
> -- Steve