Hi Felipe,
On Sun, 25 Jul 2010 22:10:32 +0200
ext Felipe Contreras <felipe.contreras@xxxxxxxxx> wrote:
> Hi,
>
> While investigating a bug in maemo[1] I found that this patch triggers
> it, I think I found the reason.
>
> It probably doesn't matter for upstream anymore.
>
> On Fri, Nov 6, 2009 at 3:34 PM, Hiroshi DOYU <Hiroshi.DOYU@xxxxxxxxx> wrote:
> > @@ -690,14 +732,19 @@ static int memory_check_vma(unsigned long start, u32 len)
> > if (end <= start)
> > return -EINVAL;
> >
> > - down_read(¤t->mm->mmap_sem);
> > -
> > while ((vma = find_vma(current->mm, start)) != NULL) {
> > + ssize_t size;
> >
> > - if (vma->vm_start > start) {
> > - err = -EINVAL;
> > + if (vma->vm_flags & (VM_IO | VM_PFNMAP))
> > + return -EINVAL;
> > +
> > + if (vma->vm_start > start)
> > + return -EINVAL;
> > +
> > + size = min_t(ssize_t, vma->vm_end - start, len);
>
> This 'len' is the total length, which is not what we want; in each
> iteration the length should be decreased so that it's always the
> remaining length. Right?
>
> len -= size;
Great finding and I'm so sorry for this bug...
>
> > + err = memory_sync_page(vma, start, size, ftype);
> > + if (err)
> > break;
> > - }
> >
> > if (end <= vma->vm_end)
> > break;
>
> [1] https://bugs.maemo.org/show_bug.cgi?id=10813
>
> --
> Felipe Contreras
--
To unsubscribe from this list: send the line "unsubscribe linux-omap" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
