| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Jun 2014 11:03:02 -0700 (PDT) From: Hugh Dickins <hughd@...gle.com> To: Sasha Levin <sasha.levin@...cle.com> cc: Hugh Dickins <hughd@...gle.com>, Vlastimil Babka <vbabka@...e.cz>, Konstantin Khlebnikov <koct9i@...il.com>, Dave Jones <davej@...hat.com>, Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org, linux-fsdevel@...r.kernel.org, LKML <linux-kernel@...r.kernel.org> Subject: Re: mm: shm: hang in shmem_fallocate On Fri, 27 Jun 2014, Sasha Levin wrote: > On 06/27/2014 01:59 AM, Hugh Dickins wrote: > >> > First, this: > >> > > >> > [ 681.267487] BUG: unable to handle kernel paging request at ffffea0003480048 > >> > [ 681.268621] IP: zap_pte_range (mm/memory.c:1132) > > Weird, I don't think we've seen anything like that before, have we? > > I'm pretty sure it's not a consequence of my "index = min(index, end)", > > but what it portends I don't know. Please confirm mm/memory.c:1132 - > > that's the "if (PageAnon(page))" line, isn't it? Which indeed matches > > the code below. So accessing page->mapping is causing an oops... > > Right, that's the correct line. > > At this point I'm pretty sure that it's somehow related to that one line > patch since it reproduced fairly quickly after applying it, and when I > removed it I didn't see it happening again during the overnight fuzzing. Oh, I assumed it was a one-off: you're saying that you saw it more than once with the min(index, end) patch in? But not since removing it (did you replace that by the newer patch? or by the older? or by nothing?). I want to exclaim "That makes no sense!", but bugs don't make sense anyway. It's going to be a challenge to work out a connection though. I think I want to ask for more attempts to reproduce, with and without the min(index, end) patch (if you have enough time - there must be a limit to the amount of time you can give me on this). I rather hoped that the oops on PageAnon might shed light from another direction on the outstanding page_mapped bug: both seem like page table corruption of some kind (though I've not seen a plausible path to either). And regarding the page_mapped bug: we've heard nothing since Dave Hansen suggested a VM_BUG_ON_PAGE for that - has it gone away now? Thanks, Hugh -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists