From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932139AbcAROdw (ORCPT ); Mon, 18 Jan 2016 09:33:52 -0500 Received: from bombadil.infradead.org ([198.137.202.9]:44274 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755169AbcAROdu (ORCPT ); Mon, 18 Jan 2016 09:33:50 -0500 Date: Mon, 18 Jan 2016 15:33:45 +0100 From: Peter Zijlstra To: gavin.guo@canonical.com Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, jay.vosburgh@canonical.com, liang.chen@canonical.com, mgorman@suse.de, mingo@redhat.com, riel@redhat.com Subject: Re: [PATCH] sched/numa: Fix use-after-free bug in the task_numa_compare Message-ID: <20160118143345.GQ6357@twins.programming.kicks-ass.net> References: <1453125548-2762-1-git-send-email-gavin.guo@canonical.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1453125548-2762-1-git-send-email-gavin.guo@canonical.com> User-Agent: Mutt/1.5.21 (2012-12-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 18, 2016 at 09:59:08PM +0800, gavin.guo@canonical.com wrote: > BugLink: https://bugs.launchpad.net/bugs/1527643 These do not go in patches.. > /* > + * No need to move the exiting task or idle task. > */ > if ((cur->flags & PF_EXITING) || is_idle_task(cur)) > cur = NULL; > + else > + /* > + * The task_struct must be protected here to protect the > + * p->numa_faults access in the task_weight since the > + * numa_faults could already be freed in the following path: > + * finish_task_switch() > + * --> put_task_struct() > + * --> __put_task_struct() > + * --> task_numa_free() > + */ > + get_task_struct(cur); > + This is incorrect CodingStyle, please add { }.