The patch titled mm: fix madvise infinine loop has been added to the -mm tree. Its filename is mm-fix-madvise-infinine-loop.patch *** Remember to use Documentation/SubmitChecklist when testing your code *** See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find out what to do about this ------------------------------------------------------ Subject: mm: fix madvise infinine loop From: Nick Piggin <npiggin@xxxxxxx> madvise(MADV_REMOVE) can go into an infinite loop or cause an oops if the call covers a region from the start of a vma, and extending past that vma. Signed-off-by: Nick Piggin <npiggin@xxxxxxx> Cc: Badari Pulavarty <pbadari@xxxxxxxxxx> Cc: Hugh Dickins <hugh@xxxxxxxxxxx> Cc: <stable@xxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- mm/madvise.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff -puN mm/madvise.c~mm-fix-madvise-infinine-loop mm/madvise.c --- a/mm/madvise.c~mm-fix-madvise-infinine-loop +++ a/mm/madvise.c @@ -155,11 +155,14 @@ static long madvise_dontneed(struct vm_a * Other filesystems return -ENOSYS. */ static long madvise_remove(struct vm_area_struct *vma, + struct vm_area_struct **prev, unsigned long start, unsigned long end) { struct address_space *mapping; loff_t offset, endoff; + *prev = vma; + if (vma->vm_flags & (VM_LOCKED|VM_NONLINEAR|VM_HUGETLB)) return -EINVAL; @@ -199,7 +202,7 @@ madvise_vma(struct vm_area_struct *vma, error = madvise_behavior(vma, prev, start, end, behavior); break; case MADV_REMOVE: - error = madvise_remove(vma, start, end); + error = madvise_remove(vma, prev, start, end); break; case MADV_WILLNEED: _ Patches currently in -mm which might be from npiggin@xxxxxxx are mm-fix-madvise-infinine-loop.patch mm-remove-gcc-workaround.patch mm-more-rmap-checking.patch mm-make-read_cache_page-synchronous.patch fs-buffer-dont-pageuptodate-without-page-locked.patch mm-debug-check-for-the-fault-vs-invalidate-race.patch mm-debug-check-for-the-fault-vs-invalidate-race-tidy.patch mm-simplify-filemap_nopage.patch mm-fix-fault-vs-invalidate-race-for-linear-mappings.patch mm-merge-populate-and-nopage-into-fault-fixes-nonlinear.patch mm-merge-populate-and-nopage-into-fault-fixes-nonlinear-tidy.patch mm-merge-nopfn-into-fault.patch mm-remove-legacy-cruft.patch mm-fix-clear_page_dirty_for_io-vs-fault-race.patch exec-fix-remove_arg_zero.patch exec-fix-remove_arg_zero-add-comment.patch - To unsubscribe from this list: send the line "unsubscribe mm-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html