Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp5334943ybi; Wed, 12 Jun 2019 00:25:56 -0700 (PDT) X-Google-Smtp-Source: APXvYqxPWH1rrggglZGl29UEDA6xedS3nqt32XhQJSimhIgXO4fIm4HPXEvNcO3LMIZXQxS4DqCH X-Received: by 2002:a17:902:b202:: with SMTP id t2mr78082707plr.69.1560324356469; Wed, 12 Jun 2019 00:25:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560324356; cv=none; d=google.com; s=arc-20160816; b=wu3Cl59iPi9ow6gIS8gIUrOLaTIYRqcxOvCvIuKbGgT+jJ1HyrzNnTWx0/TdoOnLFM Tw7MCU0/8bi2SSY8+FFnuiZ9Ny/vtceOp6l/LJT6ry6D+6XHeYw8iLyvE9QJi5AsGLbL TuPc5eNPKjP7Rcohdl/mDusu9+v1HePm4Tun93x98to83aeTcbp4v9U7a+2yxO0yiVRJ RSp91SpPAoDUY49kh0qlglYdkCxkkGebxDjLJ9R5jgm93uwLqF/RYjxXmCtlUJNPI1Bj uKOHNI+DrR0gzQZFhO9c6PNN+/HhLcHsvGhiaBKzDJHUyubliQngnoJX4hF8r1MrWris XBYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject:to :from; bh=a7qs70KHlFjDgo1PtkSlw6qelC9xAmuWWShZg4kyKUo=; b=JIoBOaXDSeSGorh8G1N4frKlBu8hVPjNT6aSxZJOIaPZwszcZCE77Aq+B+2cKhCJBZ fxAJcprul/Zy5ojlacfd/2hC0/kuMtcWpphIUXnnQ8r83syd8FFvZv7cHMx48ek0sT/+ 2U2/7RJJWuJMySZBW+8Qz+iU5jd11S760w2CHwLmzUj4NNyRAFXbKLVkpCKPGNitjDq7 j32o02e6k858fdP4udHdYy3pnenkKe7YkdSNVrEmS7rEx4ZcGSFDtNpmJQh5lGxjHQwy O7bfKLwL4ucOcFgyafyotAtMdbUeQd++ILpSDXleyii0rt2lR1uL3q6guzwwqstTYMFy O+3Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l11si14146266pgp.438.2019.06.12.00.25.40; Wed, 12 Jun 2019 00:25:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391816AbfFLBtP (ORCPT + 99 others); Tue, 11 Jun 2019 21:49:15 -0400 Received: from szxga05-in.huawei.com ([45.249.212.191]:18131 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1729044AbfFLBtP (ORCPT ); Tue, 11 Jun 2019 21:49:15 -0400 Received: from DGGEMS407-HUB.china.huawei.com (unknown [172.30.72.58]) by Forcepoint Email with ESMTP id E8849EB679BB46D72185; Wed, 12 Jun 2019 09:49:10 +0800 (CST) Received: from RH5885H-V3.huawei.com (10.90.53.225) by DGGEMS407-HUB.china.huawei.com (10.3.19.207) with Microsoft SMTP Server id 14.3.439.0; Wed, 12 Jun 2019 09:48:57 +0800 From: ZhangXiaoxu To: , , , , , Subject: [PATCH] futex: Fix futex lock the wrong page Date: Wed, 12 Jun 2019 09:54:25 +0800 Message-ID: <1560304465-68966-1-git-send-email-zhangxiaoxu5@huawei.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.90.53.225] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The upstram commit 65d8fc777f6d ("futex: Remove requirement for lock_page() in get_futex_key()") use variable 'page' as the page head, when merge it to stable branch, the variable `page_head` is page head. In the stable branch, the variable `page` not means the page head, when lock the page head, we should lock 'page_head', rather than 'page'. It maybe lead a hung task problem. Signed-off-by: ZhangXiaoxu Cc: stable@vger.kernel.org --- kernel/futex.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/futex.c b/kernel/futex.c index ec9df5b..15d850f 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -593,8 +593,8 @@ again: * applies. If this is really a shmem page then the page lock * will prevent unexpected transitions. */ - lock_page(page); - shmem_swizzled = PageSwapCache(page) || page->mapping; + lock_page(page_head); + shmem_swizzled = PageSwapCache(page_head) || page_head->mapping; unlock_page(page_head); put_page(page_head); -- 2.7.4