Re: [2.6.15-rc1+ regression] do_file_page bug introduced in recentrework
From: Hugh Dickins
Date: Sat Dec 03 2005 - 05:03:53 EST
On Fri, 2 Dec 2005, Blaisorblade wrote:
> I recently found a bug introduced in your commit
> 65500d234e74fc4e8f18e1a429bc24e51e75de4a, i.e. between 2.6.14 and 2.6.15-rc1,
> about do_file_page changes wrt remap_file_pages and MAP_POPULATE.
>
> Quoting from the changelog (which is wrong):
>
> do_file_page's fallback to do_no_page dates from a time when we were
> testing
> pte_file by using it wherever possible: currently it's peculiar to
> nonlinear
> vmas, so just check that. BUG_ON if not? Better not, it's probably page
> table corruption, so just show the pte: hmm, there's a pte_ERROR macro,
> let's
> use that for do_wp_page's invalid pfn too.
>
> This is false:
>
> do_mmap_pgoff:
> if (flags & MAP_POPULATE) {
> up_write(&mm->mmap_sem);
> sys_remap_file_pages(addr, len, 0,
> pgoff, flags & MAP_NONBLOCK);
> down_write(&mm->mmap_sem);
> }
>
> So, with MAP_POPULATE|MAP_NONBLOCK passed, you can get a linear PAGE_FILE pte
> in a !VM_NONLINEAR vma.
>
> That PTE is very useless since it doesn't add any information, I know that, so
> avoiding that possible installation is a possible fix, but for now it's
> simpler to change the test in do_file_page(). Btw, in fact I discovered this
> bug while I was implementing this optimization (working again on
> remap_file_pages() patches of this summer).
>
> Indeed, the condition to test (and to possibly BUG_ON/pte_ERROR) is that
> ->populate must exist for the sys_remap_file_pages call to work.
I'm puzzled. Both filemap_populate and shmem_populate
now test VM_NONLINEAR before calling install_file_pte.
Hugh
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/