[PATCH] mm: do not access page->mapping directly on page_endio

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Minchan Kim <minchan@kernel.org>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org, kernel-team@lge.com,
	Minchan Kim <minchan@kernel.org>,
	Matthew Wilcox <willy@infradead.org>,
	stable@vger.kernel.org
Subject: [PATCH] mm: do not access page->mapping directly on page_endio
Date: Wed, 22 Feb 2017 14:39:24 +0900	[thread overview]
Message-ID: <1487741964-17913-1-git-send-email-minchan@kernel.org> (raw)

With rw_page, page_endio is used for completing IO on a page
and it propagates write error to the address space if the IO
fails. The problem is it accesses page->mapping directly which
might be okay for file-backed pages but it shouldn't for
anonymous page. Otherwise, it can corrupt one of field from
anon_vma under us and system goes panic randomly.

Cc: Matthew Wilcox <willy@infradead.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Minchan Kim <minchan@kernel.org>
---
 mm/filemap.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/mm/filemap.c b/mm/filemap.c
index 2ba46f410c7c..1944c631e3e6 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -1008,9 +1008,12 @@ void page_endio(struct page *page, bool is_write, int err)
 		unlock_page(page);
 	} else {
 		if (err) {
+			struct address_space *mapping;
+
 			SetPageError(page);
-			if (page->mapping)
-				mapping_set_error(page->mapping, err);
+			mapping = page_mapping(page);
+			if (mapping)
+				mapping_set_error(mapping, err);
 		}
 		end_page_writeback(page);
 	}
-- 
2.7.4

next             reply	other threads:[~2017-02-22  5:39 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-22  5:39 Minchan Kim [this message]
2017-02-22 12:11 ` [PATCH] mm: do not access page->mapping directly on page_endio Michal Hocko
2017-02-22 14:35   ` Minchan Kim
2017-02-22 14:53     ` Michal Hocko
2017-02-23 23:26       ` Minchan Kim
2017-02-24  9:13         ` Michal Hocko

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:2ba46f410c7 dfblob:1944c631e3e )
 OR (
bs:"[PATCH] mm: do not access page->mapping directly on page_endio" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1487741964-17913-1-git-send-email-minchan@kernel.org \
    --to=minchan@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=kernel-team@lge.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=stable@vger.kernel.org \
    --cc=willy@infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.