On 07/24/2014 02:53 AM, Andrey Ryabinin wrote: > On 07/24/14 07:33, Sasha Levin wrote: >> > On 02/27/2014 02:53 PM, Kirill A. Shutemov wrote: >>> >> The patch introduces new vm_ops callback ->map_pages() and uses it for >>> >> mapping easy accessible pages around fault address. >>> >> >>> >> On read page fault, if filesystem provides ->map_pages(), we try to map >>> >> up to FAULT_AROUND_PAGES pages around page fault address in hope to >>> >> reduce number of minor page faults. >>> >> >>> >> We call ->map_pages first and use ->fault() as fallback if page by the >>> >> offset is not ready to be mapped (cold page cache or something). >>> >> >>> >> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx> >>> >> --- >> > >> > Hi all, >> > >> > This patch triggers use-after-free when fuzzing using trinity and the KASAN >> > patchset. >> > > I think this should be fixed already by following patch: > > From: Konstantin Khlebnikov <koct9i@xxxxxxxxx> > Subject: mm: do not call do_fault_around for non-linear fault I don't think so. It's supposed to deal with a different issue, and it was already in my -next tree which triggered the issue I've reported. Thanks, Sasha -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a>