Re: [BUGFIX][PATCH] Fix false positive BUG_ON in __page_set_anon_rmap
From: Rik van Riel
Date: Thu Jul 22 2010 - 09:17:05 EST
On 07/22/2010 03:41 AM, KAMEZAWA Hiroyuki wrote:
Rik, how do you think ?
==
From: KAMEZAWA Hiroyuki<kamezawa.hiroyu@xxxxxxxxxxxxxx>
Problem: wrong BUG_ON() in __page_set_anon_rmap().
Kernel version: mmotm-0719
Description:
Even if SwapCache is fully unmapped and mapcount goes down to 0,
page->mapping is not cleared and will remain on memory until kswapd or some
finds it. If a thread cause a page fault onto such "unmapped-but-not-discarded"
swapcache, it will see a swap cache whose mapcount is 0 but page->mapping has a
valid value.
When it's reused at do_swap_page(), __page_set_anon_rmap() is called with
"exclusive==1" and hits BUG_ON(). But this BUG_ON() is wrong. Nothing bad
with rmapping a page which has page->mapping isn't 0.
Yes, you are absolutely right.
Acked-by: Rik van Riel <riel@xxxxxxxxxx>
Index: mmotm-2.6.35-0719/mm/rmap.c
===================================================================
--- mmotm-2.6.35-0719.orig/mm/rmap.c
+++ mmotm-2.6.35-0719/mm/rmap.c
@@ -783,8 +783,16 @@ static void __page_set_anon_rmap(struct
if (PageAnon(page))
return;
anon_vma = anon_vma->root;
- } else
- BUG_ON(PageAnon(page));
+ } else {
+ /*
+ * In this case, swapped-out-but-not-discarded swap-cache
+ * is remapped. So, no need to update page->mapping here.
+ * We convice anon_vma poitned by page->mapping is not obsolete
+ * because vma->anon_vma is necessary to be a family of it.
+ */
+ if (PageAnon(page))
+ return;
+ }
anon_vma = (void *) anon_vma + PAGE_MAPPING_ANON;
page->mapping = (struct address_space *) anon_vma;
--
All rights reversed
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/