* [PATCH] pagewalk: don't pte_unmap(NULL) in walk_pte_range() @ 2008-04-09 10:08 Roel Kluin 2008-04-09 13:30 ` Johannes Weiner 0 siblings, 1 reply; 5+ messages in thread From: Roel Kluin @ 2008-04-09 10:08 UTC (permalink / raw) To: linux-mm, lkml This is right isn't it? --- Don't pte_unmap a NULL pointer, but the previous. Signed-off-by: Roel Kluin <12o3l@tiscali.nl> --- diff --git a/mm/pagewalk.c b/mm/pagewalk.c index 1cf1417..6615f0b 100644 --- a/mm/pagewalk.c +++ b/mm/pagewalk.c @@ -15,7 +15,7 @@ static int walk_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, break; } while (pte++, addr += PAGE_SIZE, addr != end); - pte_unmap(pte); + pte_unmap(pte - 1); return err; } -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a> ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] pagewalk: don't pte_unmap(NULL) in walk_pte_range() 2008-04-09 10:08 [PATCH] pagewalk: don't pte_unmap(NULL) in walk_pte_range() Roel Kluin @ 2008-04-09 13:30 ` Johannes Weiner 2008-04-10 11:42 ` Roel Kluin 2008-04-10 12:09 ` Andreas Schwab 0 siblings, 2 replies; 5+ messages in thread From: Johannes Weiner @ 2008-04-09 13:30 UTC (permalink / raw) To: Roel Kluin; +Cc: linux-mm, lkml Hi, Roel Kluin <12o3l@tiscali.nl> writes: > This is right isn't it? > --- > Don't pte_unmap a NULL pointer, but the previous. Which NULL pointer? > Signed-off-by: Roel Kluin <12o3l@tiscali.nl> > --- > diff --git a/mm/pagewalk.c b/mm/pagewalk.c > index 1cf1417..6615f0b 100644 > --- a/mm/pagewalk.c > +++ b/mm/pagewalk.c > @@ -15,7 +15,7 @@ static int walk_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, > break; > } while (pte++, addr += PAGE_SIZE, addr != end); > > - pte_unmap(pte); > + pte_unmap(pte - 1); > return err; > } This does not make any sense to me. Hannes -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a> ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] pagewalk: don't pte_unmap(NULL) in walk_pte_range() 2008-04-09 13:30 ` Johannes Weiner @ 2008-04-10 11:42 ` Roel Kluin 2008-04-10 12:09 ` Andreas Schwab 1 sibling, 0 replies; 5+ messages in thread From: Roel Kluin @ 2008-04-10 11:42 UTC (permalink / raw) To: Johannes Weiner; +Cc: linux-mm, lkml Johannes Weiner wrote: > Hi, > > Roel Kluin <12o3l@tiscali.nl> writes: > >> This is right isn't it? >> --- >> Don't pte_unmap a NULL pointer, but the previous. > > Which NULL pointer? > >> Signed-off-by: Roel Kluin <12o3l@tiscali.nl> >> --- >> diff --git a/mm/pagewalk.c b/mm/pagewalk.c >> index 1cf1417..6615f0b 100644 >> --- a/mm/pagewalk.c >> +++ b/mm/pagewalk.c >> @@ -15,7 +15,7 @@ static int walk_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, >> break; >> } while (pte++, addr += PAGE_SIZE, addr != end); >> >> - pte_unmap(pte); >> + pte_unmap(pte - 1); >> return err; >> } > > This does not make any sense to me. you are right, please ignore. > Hannes thanks, Roel -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a> ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] pagewalk: don't pte_unmap(NULL) in walk_pte_range() 2008-04-09 13:30 ` Johannes Weiner 2008-04-10 11:42 ` Roel Kluin @ 2008-04-10 12:09 ` Andreas Schwab 2008-04-10 14:01 ` [PATCH] Stay below upper pmd boundary on pte range walk Johannes Weiner 1 sibling, 1 reply; 5+ messages in thread From: Andreas Schwab @ 2008-04-10 12:09 UTC (permalink / raw) To: Johannes Weiner; +Cc: Roel Kluin, linux-mm, lkml Johannes Weiner <hannes@saeurebad.de> writes: >> Signed-off-by: Roel Kluin <12o3l@tiscali.nl> >> --- >> diff --git a/mm/pagewalk.c b/mm/pagewalk.c >> index 1cf1417..6615f0b 100644 >> --- a/mm/pagewalk.c >> +++ b/mm/pagewalk.c >> @@ -15,7 +15,7 @@ static int walk_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, >> break; >> } while (pte++, addr += PAGE_SIZE, addr != end); >> >> - pte_unmap(pte); >> + pte_unmap(pte - 1); >> return err; >> } > > This does not make any sense to me. There is something fishy here. If the loop ends because addr == end then pte has been incremented past the pmd page for addr, no? Andreas. -- Andreas Schwab, SuSE Labs, schwab@suse.de SuSE Linux Products GmbH, Maxfeldstrasse 5, 90409 Nurnberg, Germany PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a> ^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH] Stay below upper pmd boundary on pte range walk 2008-04-10 12:09 ` Andreas Schwab @ 2008-04-10 14:01 ` Johannes Weiner 0 siblings, 0 replies; 5+ messages in thread From: Johannes Weiner @ 2008-04-10 14:01 UTC (permalink / raw) To: Andreas Schwab; +Cc: Roel Kluin, linux-mm, lkml, akpm Hi, Andreas Schwab <schwab@suse.de> writes: > Johannes Weiner <hannes@saeurebad.de> writes: > >>> Signed-off-by: Roel Kluin <12o3l@tiscali.nl> >>> --- >>> diff --git a/mm/pagewalk.c b/mm/pagewalk.c >>> index 1cf1417..6615f0b 100644 >>> --- a/mm/pagewalk.c >>> +++ b/mm/pagewalk.c >>> @@ -15,7 +15,7 @@ static int walk_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, >>> break; >>> } while (pte++, addr += PAGE_SIZE, addr != end); >>> >>> - pte_unmap(pte); >>> + pte_unmap(pte - 1); >>> return err; >>> } >> >> This does not make any sense to me. > > There is something fishy here. If the loop ends because addr == end > then pte has been incremented past the pmd page for addr, no? Whoops, yes. But Roel's fix breaks if the break is taken in the first iteration of the loop, because the pte is then out of the lower bounds of the pmd page. Please see attached fix. Hannes --- After the loop in walk_pte_range() pte might point to the first address after the pmd it walks. The pte_unmap() is then applied to something bad. Spotted by Roel Kluin and Andreas Schwab. Signed-off-by: Johannes Weiner <hannes@saeurebad.de> --- A bug is unlikely, though. kunmap_atomic() looks up the kmap entry by map-type instead of the address the pte points. So the worst thing I could find with a quick grep was that a wrong TLB entry is being flushed. Still, the code is wrong :) diff --git a/mm/pagewalk.c b/mm/pagewalk.c index 1cf1417..cf3c004 100644 --- a/mm/pagewalk.c +++ b/mm/pagewalk.c @@ -13,7 +13,7 @@ static int walk_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, err = walk->pte_entry(pte, addr, addr + PAGE_SIZE, private); if (err) break; - } while (pte++, addr += PAGE_SIZE, addr != end); + } while (addr += PAGE_SIZE, addr != end && pte++); pte_unmap(pte); return err; -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a> ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2008-04-10 14:01 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2008-04-09 10:08 [PATCH] pagewalk: don't pte_unmap(NULL) in walk_pte_range() Roel Kluin 2008-04-09 13:30 ` Johannes Weiner 2008-04-10 11:42 ` Roel Kluin 2008-04-10 12:09 ` Andreas Schwab 2008-04-10 14:01 ` [PATCH] Stay below upper pmd boundary on pte range walk Johannes Weiner
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox