Re: [RFC] rmap: fix "race" between do_wp_page and shrink_active_list

From: yalin
Date: Sun May 17 2015 - 08:49:01 EST

Next message: Maxime Ripard: "Re: [PATCH v2 01/10] Documentation: sunxi: Update Allwinner SoC documentation"
Previous message: Johannes Weiner: "Re: [PATCH] radix-tree: replace preallocated node array with linked list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, May 11, 2015 at 04:59:27PM +0800, yalin wang wrote:

i am confused about your analysis ,
for the race stack:

CPU0 CPU1

---- ----

do_wp_page shrink_active_list

lock_page page_referenced

PageAnon->yes, so skip trylock_page

page_move_anon_rmap

page->mapping = anon_vma

rmap_walk

PageAnon->no

rmap_walk_file

BUG

page->mapping += PAGE_MAPPING_ANON

the page should must change from PageAnon() to !PageAnon() when crash happened.
but page_move_anon_rmap() is doing change a page from !PageAnon()
(swapcache page) to PageAnon() ,

A swapcache page is not necessarily !PageAnon. In do_wp_page() old_page
*is* PageAnon. It may or may not be on the swapcache though, which does
not really matter.

how does this race condition crash happened ?

It never happened. It might theoretically happen due to a compiler
"optimization" I described above.

i see,
Thanks for your explanation!

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Maxime Ripard: "Re: [PATCH v2 01/10] Documentation: sunxi: Update Allwinner SoC documentation"
Previous message: Johannes Weiner: "Re: [PATCH] radix-tree: replace preallocated node array with linked list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]