lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 1 May 2012 08:43:03 -0700 (PDT)
From:	Hugh Dickins <hughd@...gle.com>
To:	Chris Metcalf <cmetcalf@...era.com>
cc:	Mel Gorman <mel@....ul.ie>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Hillf Danton <dhillf@...il.com>, Michal Hocko <mhocko@...e.cz>,
	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>,
	linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] hugetlb: avoid gratuitous BUG_ON in hugetlb_fault() ->
 hugetlb_cow()

On Sun, 29 Apr 2012, Chris Metcalf wrote:

No, Chris wrote this version on Mon, 30 Apr 2012, but gmail,
or its intereaction with imap, is too confused to grasp that.

> Commit 66aebce747eaf added code to avoid a race condition by
> elevating the page refcount in hugetlb_fault() while calling
> hugetlb_cow().  However, one code path in hugetlb_cow() includes
> an assertion that the page count is 1, whereas it may now also
> have the value 2 in this path.  Consensus is that this BUG_ON
> has served its purpose, so rather than extending it to cover both
> cases, we just remove it.
> 
> Signed-off-by: Chris Metcalf <cmetcalf@...era.com>

Acked-by: Hugh Dickins <hughd@...gle.com>
Cc: stable@...r.kernel.org

It is rather important that we Cc stable on this, since the
earlier fix triggering this BUG went out in 3.0.29, 3.2.16 and 3.3.3
stable.  Sadly, 3.2.16 was the end of the 3.2 line...

> ---
>  mm/hugetlb.c |    1 -
>  1 files changed, 0 insertions(+), 1 deletions(-)
> 
> diff --git a/mm/hugetlb.c b/mm/hugetlb.c
> index cd65cb1..baaad5d 100644
> --- a/mm/hugetlb.c
> +++ b/mm/hugetlb.c
> @@ -2498,7 +2498,6 @@ retry_avoidcopy:
>  		if (outside_reserve) {
>  			BUG_ON(huge_pte_none(pte));
>  			if (unmap_ref_private(mm, vma, old_page, address)) {
> -				BUG_ON(page_count(old_page) != 1);
>  				BUG_ON(huge_pte_none(pte));
>  				spin_lock(&mm->page_table_lock);
>  				ptep = huge_pte_offset(mm, address & huge_page_mask(h));
> -- 
> 1.6.5.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ