The vm_pgoff was being set incorrectly when expanding the next VMA to a
lower address. Fix the issue by using the mid->vm_pgoff value for this
merge case (aka case 8). Note that this does not change case 3's
vm_pgoff as next and mid are the same VMA.
Reported-by: Sanan Hasanov <[email protected]>
Link: https://lore.kernel.org/linux-mm/IA1PR07MB983017D2FBA174D2FF78CEB6ABCE9@IA1PR07MB9830.namprd07.prod.outlook.com/
Cc: Matthew Wilcox <[email protected]>
Cc: David Hildenbrand <[email protected]>
Cc: Hugh Dickins <[email protected]>
Signed-off-by: Liam R. Howlett <[email protected]>
---
mm/mmap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/mmap.c b/mm/mmap.c
index 00d90bbc250e..614ea2d93b0a 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -978,7 +978,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *vmi, struct mm_struct *mm,
vma = next; /* case 3 */
vma_start = addr;
vma_end = next->vm_end;
- vma_pgoff = next->vm_pgoff;
+ vma_pgoff = mid->vm_pgoff;
err = 0;
if (mid != next) { /* case 8 */
remove = mid;
--
2.39.0
On 30.01.23 20:57, Liam R. Howlett wrote:
> The vm_pgoff was being set incorrectly when expanding the next VMA to a
> lower address. Fix the issue by using the mid->vm_pgoff value for this
> merge case (aka case 8). Note that this does not change case 3's
> vm_pgoff as next and mid are the same VMA.
>
> Reported-by: Sanan Hasanov <[email protected]>
> Link: https://lore.kernel.org/linux-mm/IA1PR07MB983017D2FBA174D2FF78CEB6ABCE9@IA1PR07MB9830.namprd07.prod.outlook.com/
> Cc: Matthew Wilcox <[email protected]>
> Cc: David Hildenbrand <[email protected]>
> Cc: Hugh Dickins <[email protected]>
Fixes: ?
> Signed-off-by: Liam R. Howlett <[email protected]>
> ---
> mm/mmap.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/mmap.c b/mm/mmap.c
> index 00d90bbc250e..614ea2d93b0a 100644
> --- a/mm/mmap.c
> +++ b/mm/mmap.c
> @@ -978,7 +978,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *vmi, struct mm_struct *mm,
> vma = next; /* case 3 */
> vma_start = addr;
> vma_end = next->vm_end;
> - vma_pgoff = next->vm_pgoff;
> + vma_pgoff = mid->vm_pgoff;
> err = 0;
> if (mid != next) { /* case 8 */
> remove = mid;
Acked-by: David Hildenbrand <[email protected]>
Thanks!
--
Thanks,
David / dhildenb
* David Hildenbrand <[email protected]> [230131 03:35]:
> On 30.01.23 20:57, Liam R. Howlett wrote:
> > The vm_pgoff was being set incorrectly when expanding the next VMA to a
> > lower address. Fix the issue by using the mid->vm_pgoff value for this
> > merge case (aka case 8). Note that this does not change case 3's
> > vm_pgoff as next and mid are the same VMA.
> >
> > Reported-by: Sanan Hasanov <[email protected]>
> > Link: https://lore.kernel.org/linux-mm/IA1PR07MB983017D2FBA174D2FF78CEB6ABCE9@IA1PR07MB9830.namprd07.prod.outlook.com/
> > Cc: Matthew Wilcox <[email protected]>
> > Cc: David Hildenbrand <[email protected]>
> > Cc: Hugh Dickins <[email protected]>
>
> Fixes: ?
Fixes: (soon to be invalid git id :) ("mm/mmap: remove __vma_adjust()")
>
> > Signed-off-by: Liam R. Howlett <[email protected]>
> > ---
> > mm/mmap.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/mm/mmap.c b/mm/mmap.c
> > index 00d90bbc250e..614ea2d93b0a 100644
> > --- a/mm/mmap.c
> > +++ b/mm/mmap.c
> > @@ -978,7 +978,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *vmi, struct mm_struct *mm,
> > vma = next; /* case 3 */
> > vma_start = addr;
> > vma_end = next->vm_end;
> > - vma_pgoff = next->vm_pgoff;
> > + vma_pgoff = mid->vm_pgoff;
> > err = 0;
> > if (mid != next) { /* case 8 */
> > remove = mid;
>
> Acked-by: David Hildenbrand <[email protected]>
>
> Thanks!
>
> --
> Thanks,
>
> David / dhildenb
>
On 31.01.23 15:24, Liam R. Howlett wrote:
> * David Hildenbrand <[email protected]> [230131 03:35]:
>> On 30.01.23 20:57, Liam R. Howlett wrote:
>>> The vm_pgoff was being set incorrectly when expanding the next VMA to a
>>> lower address. Fix the issue by using the mid->vm_pgoff value for this
>>> merge case (aka case 8). Note that this does not change case 3's
>>> vm_pgoff as next and mid are the same VMA.
>>>
>>> Reported-by: Sanan Hasanov <[email protected]>
>>> Link: https://lore.kernel.org/linux-mm/IA1PR07MB983017D2FBA174D2FF78CEB6ABCE9@IA1PR07MB9830.namprd07.prod.outlook.com/
>>> Cc: Matthew Wilcox <[email protected]>
>>> Cc: David Hildenbrand <[email protected]>
>>> Cc: Hugh Dickins <[email protected]>
>>
>> Fixes: ?
>
> Fixes: (soon to be invalid git id :) ("mm/mmap: remove __vma_adjust()")
Ah, right, upstream was not affected ... :)
... so this should be squashed into that commit instead as long as it
doesn't have a stable ID.
--
Thanks,
David / dhildenb
On Tue, 31 Jan 2023 15:29:59 +0100 David Hildenbrand <[email protected]> wrote:
> On 31.01.23 15:24, Liam R. Howlett wrote:
> > * David Hildenbrand <[email protected]> [230131 03:35]:
> >> On 30.01.23 20:57, Liam R. Howlett wrote:
> >>> The vm_pgoff was being set incorrectly when expanding the next VMA to a
> >>> lower address. Fix the issue by using the mid->vm_pgoff value for this
> >>> merge case (aka case 8). Note that this does not change case 3's
> >>> vm_pgoff as next and mid are the same VMA.
> >>>
> >>> Reported-by: Sanan Hasanov <[email protected]>
> >>> Link: https://lore.kernel.org/linux-mm/IA1PR07MB983017D2FBA174D2FF78CEB6ABCE9@IA1PR07MB9830.namprd07.prod.outlook.com/
> >>> Cc: Matthew Wilcox <[email protected]>
> >>> Cc: David Hildenbrand <[email protected]>
> >>> Cc: Hugh Dickins <[email protected]>
> >>
> >> Fixes: ?
> >
> > Fixes: (soon to be invalid git id :) ("mm/mmap: remove __vma_adjust()")
>
> Ah, right, upstream was not affected ... :)
>
> ... so this should be squashed into that commit instead as long as it
> doesn't have a stable ID.
Yup, I queued this as mm-mmap-remove-__vma_adjust-fix.patch so it's
to-be-squished.
Generally, please let's tell people when a patch fixes something which
is staged in mm-unstable - to save a few brain cycles and to hopefully
improve review. A Fixes: with no SHA works, or simply "this fixes X".