linux/mm
Hugh Dickins de51257aa3 mm: fix ia64 crash when gcore reads gate area
Debian's ia64 autobuilders have been seeing kernel freeze or reboot
when running the gdb testsuite (Debian bug 588574): dannf bisected to
2.6.32 62eede62da "mm: ZERO_PAGE without
PTE_SPECIAL"; and reproduced it with gdb's gcore on a simple target.

I'd missed updating the gate_vma handling in __get_user_pages(): that
happens to use vm_normal_page() (nowadays failing on the zero page),
yet reported success even when it failed to get a page - boom when
access_process_vm() tried to copy that to its intermediate buffer.

Fix this, resisting cleanups: in particular, leave it for now reporting
success when not asked to get any pages - very probably safe to change,
but let's not risk it without testing exposure.

Why did ia64 crash with 16kB pages, but succeed with 64kB pages?
Because setup_gate() pads each 64kB of its gate area with zero pages.

Reported-by: Andreas Barth <aba@not.so.argh.org>
Bisected-by: dann frazier <dannf@debian.org>
Signed-off-by: Hugh Dickins <hughd@google.com>
Tested-by: dann frazier <dannf@dannf.org>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-07-30 18:56:09 -07:00
..
backing-dev.c writeback: simplify the write back thread queue 2010-07-06 08:59:53 +02:00
bootmem.c x86,nobootmem: make alloc_bootmem_node fall back to other node when 32bit numa is used 2010-07-20 16:25:40 -07:00
bounce.c
compaction.c mm: compaction: add a tunable that decides when memory should be compacted and when it should be reclaimed 2010-05-25 08:06:59 -07:00
debug-pagealloc.c
dmapool.c
fadvise.c
failslab.c
filemap_xip.c
filemap.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse 2010-05-30 09:16:14 -07:00
fremap.c
highmem.c highmem: remove unneeded #ifdef CONFIG_TRACE_IRQFLAGS_SUPPORT for debug_kmap_atomic() 2010-05-25 08:07:01 -07:00
hugetlb.c cpuset,mm: fix no node to alloc memory when changing cpuset's mems 2010-05-25 08:06:57 -07:00
hwpoison-inject.c
init-mm.c
internal.h
Kconfig lmb: rename to memblock 2010-07-14 17:14:00 +10:00
Kconfig.debug
kmemcheck.c
kmemleak-test.c
kmemleak.c
ksm.c mm: migration: share the anon_vma ref counts between KSM and page migration 2010-05-25 08:06:58 -07:00
maccess.c
madvise.c
Makefile lmb: rename to memblock 2010-07-14 17:14:00 +10:00
memblock.c lmb: rename to memblock 2010-07-14 17:14:00 +10:00
memcontrol.c memcg: fix wake up in oom wait queue 2010-06-29 15:29:30 -07:00
memory_hotplug.c mem-hotplug: fix potential race while building zonelist for new populated zone 2010-05-25 08:07:02 -07:00
memory-failure.c
memory.c mm: fix ia64 crash when gcore reads gate area 2010-07-30 18:56:09 -07:00
mempolicy.c mempolicy: fix dangling reference to tmpfs superblock mpol 2010-06-29 15:29:31 -07:00
mempool.c
migrate.c memcg: fix mis-accounting of file mapped racy with migration 2010-05-27 09:12:44 -07:00
mincore.c mincore: do nested page table walks 2010-05-25 08:06:58 -07:00
mlock.c
mm_init.c
mmap.c
mmu_context.c
mmu_notifier.c
mmzone.c
mprotect.c
mremap.c
msync.c sanitize vfs_fsync calling conventions 2010-05-21 18:31:21 -04:00
nommu.c nommu: allow private mappings of read-only devices 2010-05-26 08:19:23 -07:00
oom_kill.c memcg: make oom killer a no-op when no killable task can be found 2010-05-27 09:12:43 -07:00
page_alloc.c x86,nobootmem: make alloc_bootmem_node fall back to other node when 32bit numa is used 2010-07-20 16:25:40 -07:00
page_cgroup.c kmemleak: Annotate false positive in init_section_page_cgroup() 2010-07-19 11:54:14 +01:00
page_io.c
page_isolation.c
page-writeback.c writeback: remove writeback_inodes_wbc 2010-07-06 08:54:03 +02:00
pagewalk.c
percpu_up.c
percpu-km.c
percpu-vm.c
percpu.c percpu: fix first chunk match in per_cpu_ptr_to_phys() 2010-06-18 15:07:23 +02:00
prio_tree.c
quicklist.c
readahead.c readahead.c: fix comment 2010-05-25 08:07:00 -07:00
rmap.c mm: migration: avoid race between shift_arg_pages() and rmap_walk() during migration by not migrating temporary stacks 2010-05-25 08:06:59 -07:00
shmem.c fix truncate inode time modification breakage 2010-06-04 17:16:30 -04:00
slab.c numa: slab: use numa_mem_id() for slab local memory node 2010-05-27 09:12:57 -07:00
slob.c mm: Move ARCH_SLAB_MINALIGN and ARCH_KMALLOC_MINALIGN to <linux/slob_def.h> 2010-05-19 22:03:13 +03:00
slub.c Merge branch 'slub/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/slab-2.6 2010-05-30 12:46:17 -07:00
sparse-vmemmap.c
sparse.c sparsemem: on no vmemmap path put mem_map on node high too 2010-05-25 08:06:56 -07:00
swap_state.c
swap.c mm: export lru_cache_add_*() to modules 2010-05-25 15:06:06 +02:00
swapfile.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6 2010-05-21 15:26:46 -07:00
thrash.c
truncate.c fs: introduce new truncate sequence 2010-05-27 22:15:33 -04:00
util.c
vmalloc.c
vmscan.c mm/vmscan.c: fix mapping use after free 2010-07-20 16:25:40 -07:00
vmstat.c mm: compaction: direct compact when a high-order allocation fails 2010-05-25 08:06:59 -07:00