| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Jan 2010 19:29:54 GMT From: bugzilla-daemon@...zilla.kernel.org To: linux-ext4@...r.kernel.org Subject: [Bug 14256] kernel BUG at fs/ext3/super.c:435 http://bugzilla.kernel.org/show_bug.cgi?id=14256 --- Comment #33 from Darren Hart <dvhltc@...ibm.com> 2010-01-20 19:29:53 --- Took a look at the 2.6.29 code, I believe it is possible to have an inode reference imbalance when a fault is taken. Unfortunately, both queue_lock() and get_futex_key() acquire references to the inode (I'd like to do away with queue_lock() as it masks reference usage and generally complicates the corner-case-heavy futex code). In the fault path queue_unlock() will release the first inode reference, but if on the first attempt (attempt == 0) the get_user() fails, we'll simply return without dropping the second reference. Some instrumentation could confirm this. I'll take a look at later sources which should have a significantly different fault path. -- Configure bugmail: http://bugzilla.kernel.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists