* fix __exit_mm() dereference before check.
@ 2004-04-16 21:08 Dave Jones
2004-04-16 22:01 ` Linus Torvalds
0 siblings, 1 reply; 3+ messages in thread
From: Dave Jones @ 2004-04-16 21:08 UTC (permalink / raw)
To: Linus Torvalds, Andrew Morton, mingo; +Cc: Linux Kernel
>From a quick look, it appears passing NULL mm's down to mm_release()
isn't a good idea.
Dave
--- linux-2.6.5/kernel/exit.c~ 2004-04-16 22:06:00.000000000 +0100
+++ linux-2.6.5/kernel/exit.c 2004-04-16 22:06:51.000000000 +0100
@@ -482,9 +482,10 @@
{
struct mm_struct *mm = tsk->mm;
- mm_release(tsk, mm);
if (!mm)
return;
+ mm_release(tsk, mm);
+
/*
* Serialize with any possible pending coredump.
* We must hold mmap_sem around checking core_waiters
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: fix __exit_mm() dereference before check.
2004-04-16 21:08 fix __exit_mm() dereference before check Dave Jones
@ 2004-04-16 22:01 ` Linus Torvalds
2004-04-16 22:13 ` Dave Jones
0 siblings, 1 reply; 3+ messages in thread
From: Linus Torvalds @ 2004-04-16 22:01 UTC (permalink / raw)
To: Dave Jones; +Cc: Andrew Morton, mingo, Linux Kernel
On Fri, 16 Apr 2004, Dave Jones wrote:
>
> From a quick look, it appears passing NULL mm's down to mm_release()
> isn't a good idea.
Hmm.. Where's the dereference? I don't disagree with the patch per se, but
I don't see any real problem.
The mm->mm_users check is protected by "tsk->clear_child_tid", and that
will have been cleared already if we ever happen to call __exit_mm()
twice, so that one is safe.
So this patch might be a cleanup, but not a "fix" per se.
Linus
> --- linux-2.6.5/kernel/exit.c~ 2004-04-16 22:06:00.000000000 +0100
> +++ linux-2.6.5/kernel/exit.c 2004-04-16 22:06:51.000000000 +0100
> @@ -482,9 +482,10 @@
> {
> struct mm_struct *mm = tsk->mm;
>
> - mm_release(tsk, mm);
> if (!mm)
> return;
> + mm_release(tsk, mm);
> +
> /*
> * Serialize with any possible pending coredump.
> * We must hold mmap_sem around checking core_waiters
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: fix __exit_mm() dereference before check.
2004-04-16 22:01 ` Linus Torvalds
@ 2004-04-16 22:13 ` Dave Jones
0 siblings, 0 replies; 3+ messages in thread
From: Dave Jones @ 2004-04-16 22:13 UTC (permalink / raw)
To: Linus Torvalds; +Cc: Andrew Morton, mingo, Linux Kernel
On Fri, Apr 16, 2004 at 03:01:32PM -0700, Linus Torvalds wrote:
> The mm->mm_users check is protected by "tsk->clear_child_tid", and that
> will have been cleared already if we ever happen to call __exit_mm()
> twice, so that one is safe.
Yes, I missed this.
> So this patch might be a cleanup, but not a "fix" per se.
ACK.
Dave
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-04-16 22:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-04-16 21:08 fix __exit_mm() dereference before check Dave Jones
2004-04-16 22:01 ` Linus Torvalds
2004-04-16 22:13 ` Dave Jones
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox