On Sun, 3 Sep 2000, Linus Torvalds wrote:
> On Sun, 3 Sep 2000, Rik van Riel wrote:
> > > Rik.
> > >
> > > You're apparently completely ignoring the fact that the page
> > > "already on the LRU queue" was just allocated from
> > > __alloc_pages() in the backtrace you had.
> > It wasn't. If it was allocated there, the boobytraps in
> > either rmqueue() or page_reclaim() would have caught it.
> What you're saying is that you're ignoring the evidence because you don't
> like it and you don't understand how it happens.
> The BUG() was "impossible", so you're discounting it?
> I can tell you several ways it happens in.
> - modify the page after free_page(). free_page() won't see bad
> state, but alloc_page() will.
__alloc_pages() didn't see it either, but Christian seems
to have found a possible cause for the bug (as you got by
> - race: one user uses a page at the same time another user does a
> free_page(). Somebody doesn't do a proper "get_page()" or honour the
> locking. Again, this effectively results in modifying the page after
> having free'd it.
> There's a bug somewhere. It seems to have the free page stuff on
> a page that should have been free already.
> NOTE! The bug may be old. I'm not necessarily blaming your code.
> I couldn't see anything wrong in your patches. I'm just saying
> that you seem to be in denial about the fact that the pages come
> from the freelist, at least in the one trace I saw.
This indeed seems to be the case, except that the corruption
happens /after/ the page is handed over by __alloc_pages()...
(see Christian's email)
-- "What you're running that piece of shit Gnome?!?!" -- Miguel de Icaza, UKUUG 2000
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to firstname.lastname@example.org Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Sep 07 2000 - 21:00:16 EST