Prev: [PATCH 3/6] CIFS: Make cifs_convert_address() take a const src pointer and a length
Next: CIFS: Make cifs_convert_address() take a const src pointer and a length
From: Andrea Arcangeli on 22 Jul 2010 13:50 On Thu, Jul 22, 2010 at 09:16:44AM -0400, Rik van Riel wrote: > On 07/22/2010 03:41 AM, KAMEZAWA Hiroyuki wrote: > > Rik, how do you think ? > > > > == > > From: KAMEZAWA Hiroyuki<kamezawa.hiroyu(a)jp.fujitsu.com> > > > > Problem: wrong BUG_ON() in __page_set_anon_rmap(). > > Kernel version: mmotm-0719 > > > Description: > > Even if SwapCache is fully unmapped and mapcount goes down to 0, > > page->mapping is not cleared and will remain on memory until kswapd or some > > finds it. If a thread cause a page fault onto such "unmapped-but-not-discarded" > > swapcache, it will see a swap cache whose mapcount is 0 but page->mapping has a > > valid value. > > > > When it's reused at do_swap_page(), __page_set_anon_rmap() is called with > > "exclusive==1" and hits BUG_ON(). But this BUG_ON() is wrong. Nothing bad > > with rmapping a page which has page->mapping isn't 0. > > Yes, you are absolutely right. > I already noticed the problem when I merged your patch in aa.git (before it would only be exclusive=0 in do_swap_page so it wasn't a false positive), and I fixed it this way: http://git.kernel.org/?p=linux/kernel/git/andrea/aa.git;a=commitdiff;h=2fe4f42f0f17498984b3f86b2339d583004b45de;hp=ffd146080305632406d97c7f6f984a648854d755 So I retained the BUG_ON for the real page_add_anon_rmap. Maybe not worth it but you can have a look at my solution if you're interested to retain it too. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |