Hi Nitin,
On Mon, Nov 26, 2012 at 11:26:07PM -0800, Nitin Gupta wrote:
> The commit c8f2f0db1 ("zram: Fix handling of incompressible pages")
> introduced a bug which caused a kunmap()'ed buffer to be used in case
I got confused by the descripton. :(
The descripton is not right.
The problem is to access freed memory, not accessing to kunmaped buffer.
partial I/O write.
1. uncmem = kmalloc
2. zram_decompress_page(uncmem)
3. memcpy(uncmem, user_mem)
4. lzo1x_1_compress(uncmem)
5. kfree(uncmem)
6. src = uncmem
7. memcpy(cmem, src, clen) <----- HIT
> of partial writes where the data was found to be incompressible.
>
> This fixes bug 50081:
> https://bugzilla.kernel.org/show_bug.cgi?id=50081
>
> Signed-off-by: Nitin Gupta <ngupta@xxxxxxxxxx>
> Reported-by: Mihail Kasadjikov <hamer.mk@xxxxxxxxx>
> Reported-by: Tomas M <tomas@xxxxxxxx>
Good catch! Shame on me. I should have reivewed more carefully. :(
Please resend it with revised descrption and title.
I will rebase mh patchset just sent on top of this bug fix patch.
P.S) Sigh, Now code isn't clean due to partial read/write path handling.
IMHO, sooner or later, we need refactoring.
--
Kind regards,
Minchan Kim
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
