Re: get_user_pages vs mmap MAP_FIXED bug

Andrew Morton wrote:

On Mon, 07 May 2007 11:26:44 +1000 Rusty Russell <[email protected]> wrote:

On Sun, 2007-05-06 at 17:01 +1000, Rusty Russell wrote:

This bug is in 2.6.21-rc7-mm2, but not 2.6.21.  Haven't tested
2.6.21-mm1 yet.


OK, 2.6.21-mm1 fails too.  2.6.21-git6 ... is fine.

Here's a standalone test using ptrace.  No kernel module req'd.

rusty@debussy:~/linux-2.6.21-mm1$ ../examinerptrace says 0, child says 0x464c457f



thanks.

Any clues Andrew?  Or should I take your patches and do a binary search?



I've been assuming that Nick's vm_operations.fault changes have broken
get_user_pages()'s manual faulting.  The next step is to wait for Nick to
turn up.


Fancy that! Thanks for catching it Rusty, does the following work for
you?

--
SUSE Labs, Novell Inc.

Fix a couple of places that should be testing fault as well as nopage.

Signed-off-by: Nick Piggin <[email protected]>

Index: linux-2.6/mm/memory.c
===================================================================
--- linux-2.6.orig/mm/memory.c	2007-04-24 15:02:51.000000000 +1000
+++ linux-2.6/mm/memory.c	2007-05-08 15:23:55.000000000 +1000
@@ -1049,7 +1049,8 @@
 		if (pages)
 			foll_flags |= FOLL_GET;
 		if (!write && !(vma->vm_flags & VM_LOCKED) &&
-		    (!vma->vm_ops || !vma->vm_ops->nopage))
+		    (!vma->vm_ops || (!vma->vm_ops->nopage &&
+					!vma->vm_ops->fault)))
 			foll_flags |= FOLL_ANON;
 
 		do {
Index: linux-2.6/mm/rmap.c
===================================================================
--- linux-2.6.orig/mm/rmap.c	2007-04-24 08:53:50.000000000 +1000
+++ linux-2.6/mm/rmap.c	2007-05-08 15:24:27.000000000 +1000
@@ -640,8 +640,10 @@
 			printk (KERN_EMERG "  page->count = %x\n", page_count(page));
 			printk (KERN_EMERG "  page->mapping = %p\n", page->mapping);
 			print_symbol (KERN_EMERG "  vma->vm_ops = %s\n", (unsigned long)vma->vm_ops);
-			if (vma->vm_ops)
+			if (vma->vm_ops) {
 				print_symbol (KERN_EMERG "  vma->vm_ops->nopage = %s\n", (unsigned long)vma->vm_ops->nopage);
+				print_symbol (KERN_EMERG "  vma->vm_ops->fault = %s\n", (unsigned long)vma->vm_ops->fault);
+			}
 			if (vma->vm_file && vma->vm_file->f_op)
 				print_symbol (KERN_EMERG "  vma->vm_file->f_op->mmap = %s\n", (unsigned long)vma->vm_file->f_op->mmap);
 			BUG();

Follow-Ups:
- Re: get_user_pages vs mmap MAP_FIXED bug
  - From: Rusty Russell <[email protected]>

References:
- get_user_pages vs mmap MAP_FIXED bug
  - From: Rusty Russell <[email protected]>
- Re: get_user_pages vs mmap MAP_FIXED bug
  - From: Rusty Russell <[email protected]>
- Re: get_user_pages vs mmap MAP_FIXED bug
  - From: Andrew Morton <[email protected]>

Prev by Date: Re: [PATCH 0/2] LogFS take two
Next by Date: Re: [patch] CFS scheduler, -v10
Previous by thread: Re: get_user_pages vs mmap MAP_FIXED bug
Next by thread: Re: get_user_pages vs mmap MAP_FIXED bug
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]