mmap: fix petty bug in anonymous shared mmap offset handling
authorTejun Heo <tj@kernel.org>
Wed, 3 Sep 2008 14:09:47 +0000 (16:09 +0200)
committerLinus Torvalds <torvalds@linux-foundation.org>
Thu, 4 Sep 2008 02:58:53 +0000 (19:58 -0700)
Anonymous mappings should ignore offset but shared anonymous mapping
forgot to clear it and makes the following legit test program trigger
SIGBUS.

 #include <sys/mman.h>
 #include <stdio.h>
 #include <errno.h>

 #define PAGE_SIZE 4096

 int main(void)
 {
 char *p;
 int i;

 p = mmap(NULL, 2 * PAGE_SIZE, PROT_READ|PROT_WRITE,
  MAP_SHARED|MAP_ANONYMOUS, -1, PAGE_SIZE);
 if (p == MAP_FAILED) {
 perror("mmap");
 return 1;
 }

 for (i = 0; i < 2; i++) {
 printf("page %d\n", i);
 p[i * 4096] = i;
 }
 return 0;
 }

Fix it.

Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Hugh Dickins <hugh@veritas.com>
Acked-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
mm/mmap.c

index 339cf5c..e7a5a68 100644 (file)
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1030,6 +1030,10 @@ unsigned long do_mmap_pgoff(struct file * file, unsigned long addr,
        } else {
                switch (flags & MAP_TYPE) {
                case MAP_SHARED:
+                       /*
+                        * Ignore pgoff.
+                        */
+                       pgoff = 0;
                        vm_flags |= VM_SHARED | VM_MAYSHARE;
                        break;
                case MAP_PRIVATE: