Re: [PATCH] mm: swapfile: avoid split_swap_cluster() NULL pointer dereference

From: Huang, Ying
Date: Thu Sep 24 2020 - 23:23:06 EST

Next message: Kees Cook: "Re: [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache"
Previous message: Xu Yilun: "Re: [PATCH v3 1/5] fpga: dfl: rename the bus type "dfl" to "fpga-dfl""
In reply to: Rafael Aquini: "Re: [PATCH] mm: swapfile: avoid split_swap_cluster() NULL pointer dereference"
Next in thread: Rafael Aquini: "Re: [PATCH] mm: swapfile: avoid split_swap_cluster() NULL pointer dereference"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rafael Aquini <aquini@xxxxxxxxxx> writes:
>> Or, can you help to run the test with a debug kernel based on upstream
>> kernel. I can provide some debug patch.
>>
>
> Sure, I can set your patches to run with the test cases we have that tend to
> reproduce the issue with some degree of success.

Thanks!

I found a race condition. During THP splitting, "head" may be unlocked
before calling split_swap_cluster(), because head != page during
deferred splitting. So we should call split_swap_cluster() before
unlocking. The debug patch to do that is as below. Can you help to
test it?

Best Regards,
Huang, Ying

------------------------8<----------------------------

Next message: Kees Cook: "Re: [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache"
Previous message: Xu Yilun: "Re: [PATCH v3 1/5] fpga: dfl: rename the bus type "dfl" to "fpga-dfl""
In reply to: Rafael Aquini: "Re: [PATCH] mm: swapfile: avoid split_swap_cluster() NULL pointer dereference"
Next in thread: Rafael Aquini: "Re: [PATCH] mm: swapfile: avoid split_swap_cluster() NULL pointer dereference"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]