From: Paul Jackson <pj@sgi.com>
To: Nick Piggin <nickpiggin@yahoo.com.au>
Cc: ak@suse.de, akpm@osdl.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH]: Clean up of __alloc_pages
Date: Sun, 6 Nov 2005 19:44:25 -0800 [thread overview]
Message-ID: <20051106194425.1f728fbf.pj@sgi.com> (raw)
In-Reply-To: <436EC2AF.4020202@yahoo.com.au>
Nick wrote:
> I don't think so because if the cpuset can be freed, then its page
> might be unmapped from the kernel address space if use-after-free
> debugging is turned on. And this is a use after free :)
Yup - that is a showstopper. If dereferencing a stale pointer, even if
one doesn't really care what is read, is a no-no, then this is a no-no.
Thanks, Nick, for catching this.
This puts more value on the other idea I had - a global kernel flag
"cpusets_have_been_used", that could be used to short circuit all the
cpuset hooks on systems that never mucked with cpusets.
For any lurkers wondering why I am chasing stale pointers when I don't
care what I read, it's like this. Essentially, the task doing this
read is looking for an asychronous incoming level triggered signal
(going from the two mems_generations being equal to them being unequal),
that in this case is coming in at about the same time we are sampling
for it. Whether we realize this time that the signal came in, or
don't realize it until the next time we sample, doesn't really matter
to us. One way or the other, we'll see it, for sure the next sample if
not this one. So the details of what happened on this read (so long as
no one got annoyed that we tried to chase a stale pointer) don't really
matter. Unfortunately, Nick reminds us that someone will get annoyed.
Oh well.
> Also, it may be reused for something else far into the future without
> having its value changed - is this OK?
That part would be ok. If I failed to realize that the underlying
cpuset had changed this time through __alloc_pages(), I would see it
next time, when I picked up a fresh and useful copy of my task->cpuset
pointer, having long forgotten my stale copy. My stale cpuset pointer
only had a lifetime of a couple machine instructions.
--
I won't rest till it's the best ...
Programmer, Linux Scalability
Paul Jackson <pj@sgi.com> 1.925.600.0401
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2005-11-07 3:44 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-29 1:33 Rohit, Seth
2005-10-29 2:33 ` Nick Piggin
2005-10-31 20:55 ` Rohit Seth
2005-11-01 1:14 ` Nick Piggin
2005-11-04 18:15 ` Rohit Seth
2005-11-05 0:00 ` Nick Piggin
2005-10-30 0:16 ` Paul Jackson
2005-10-31 19:09 ` Rohit Seth
2005-11-05 17:09 ` Andi Kleen
2005-11-06 4:18 ` Paul Jackson
2005-11-06 17:35 ` Andi Kleen
2005-11-06 20:49 ` Paul Jackson
2005-11-07 2:57 ` Nick Piggin
2005-11-07 3:42 ` Andi Kleen
2005-11-07 4:37 ` Paul Jackson
2005-11-07 6:08 ` Nick Piggin
2005-11-07 9:46 ` Paul Jackson
2005-11-07 10:17 ` Nick Piggin
2005-11-07 14:41 ` Paul Jackson
2005-11-07 3:44 ` Paul Jackson [this message]
2005-10-30 1:47 ` Paul Jackson
2005-10-30 2:01 ` Nick Piggin
2005-10-30 2:19 ` Paul Jackson
2005-10-30 2:32 ` Nick Piggin
2005-10-30 3:06 ` Paul Jackson
2005-10-30 3:53 ` Nick Piggin
2005-10-30 2:26 ` Paul Jackson
2005-10-30 2:36 ` Nick Piggin
2005-10-30 3:09 ` Paul Jackson
2005-10-30 3:55 ` Nick Piggin
2005-10-30 4:11 ` Paul Jackson
2005-10-31 21:20 ` Rohit Seth
2005-10-31 21:28 ` Paul Jackson
-- strict thread matches above, loose matches on Subject: below --
2005-11-05 1:57 Seth, Rohit
2005-10-01 19:00 Seth, Rohit
2005-10-02 3:09 ` Nick Piggin
2005-10-03 16:50 ` Rohit Seth
2005-10-03 15:34 ` Christoph Lameter
2005-10-03 16:55 ` Rohit Seth
2005-10-03 16:57 ` Christoph Lameter
2005-10-03 17:48 ` Rohit Seth
2005-10-04 13:27 ` Andi Kleen
2005-10-04 16:26 ` Ray Bryant
2005-10-04 16:10 ` Martin J. Bligh
2005-10-04 17:02 ` Ray Bryant
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20051106194425.1f728fbf.pj@sgi.com \
--to=pj@sgi.com \
--cc=ak@suse.de \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=nickpiggin@yahoo.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox