On Fri, Jul 14, 2017 at 08:25:35PM +0400, Stanislav Kinsburskiy wrote: > From: Artem Fetishev <[email protected]> > > The expected logic of proc_map_files_get_link() is either to return 0 > and initialize 'path' or return an error and leave 'path' uninitialized. > > By the time dname_to_vma_addr() returns 0 the corresponding vma may have > already be gone. In this case the path is not initialized but the > return value is still 0. This results in 'general protection fault' > inside d_path(). > > Steps to reproduce: > > CONFIG_CHECKPOINT_RESTORE=y > > fd = open(...); > while (1) { > mmap(fd, ...); > munmap(fd, ...); > } > > ls -la /proc/$PID/map_files > > Addresses https://bugzilla.kernel.org/show_bug.cgi?id=68991 > > https://jira.sw.ru/browse/PSBM-68472 > > Signed-off-by: Artem Fetishev <[email protected]> > Signed-off-by: Aleksandr Terekhov <[email protected]> > Reported-by: <[email protected]> > Acked-by: Pavel Emelyanov <[email protected]> > Acked-by: Cyrill Gorcunov <[email protected]> > Reviewed-by: "Eric W. Biederman" <[email protected]> > Cc: <[email protected]> > Signed-off-by: Andrew Morton <[email protected]> > Signed-off-by: Linus Torvalds <[email protected]> > Signed-off-by: Stanislav Kinsburskiy <[email protected]> Acked-by: Cyrill Gorcunov <[email protected]>
_______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
