Home Home > GIT Browse
diff options
authorMikulas Patocka <mpatocka@redhat.com>2012-03-04 19:52:03 -0500
committerBen Hutchings <ben@decadent.org.uk>2017-07-02 17:12:48 +0100
commit0e49b7dd019da207f0cae45962175f9996682cb7 (patch)
parent2e8d6ed89dc84f4f7a82c57e10125f6fc3c98d9d (diff)
mm: fix find_vma_prev
commit 83cd904d271ba960c53f3adbb037f3486518f1e6 upstream. Commit 6bd4837de96e ("mm: simplify find_vma_prev()") broke memory management on PA-RISC. After application of the patch, programs that allocate big arrays on the stack crash with segfault, for example, this will crash if compiled without optimization: int main() { char array[200000]; array[199999] = 0; return 0; } The reason is that PA-RISC has up-growing stack and the stack is usually the last memory area. In the above example, a page fault happens above the stack. Previously, if we passed too high address to find_vma_prev, it returned NULL and stored the last VMA in *pprev. After "simplify find_vma_prev" change, it stores NULL in *pprev. Consequently, the stack area is not found and it is not expanded, as it used to be before the change. This patch restores the old behavior and makes it return the last VMA in *pprev if the requested address is higher than address of any other VMA. Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Acked-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
1 files changed, 10 insertions, 2 deletions
diff --git a/mm/mmap.c b/mm/mmap.c
index 37a72e4d437b..c7cbb405d5b3 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1628,7 +1628,6 @@ EXPORT_SYMBOL(find_vma);
* Same as find_vma, but also return a pointer to the previous VMA in *pprev.
- * Note: pprev is set to NULL when return value is NULL.
struct vm_area_struct *
find_vma_prev(struct mm_struct *mm, unsigned long addr,
@@ -1637,7 +1636,16 @@ find_vma_prev(struct mm_struct *mm, unsigned long addr,
struct vm_area_struct *vma;
vma = find_vma(mm, addr);
- *pprev = vma ? vma->vm_prev : NULL;
+ if (vma) {
+ *pprev = vma->vm_prev;
+ } else {
+ struct rb_node *rb_node = mm->mm_rb.rb_node;
+ *pprev = NULL;
+ while (rb_node) {
+ *pprev = rb_entry(rb_node, struct vm_area_struct, vm_rb);
+ rb_node = rb_node->rb_right;
+ }
+ }
return vma;