[2.6.15-rc1+ regression] do_file_page bug introduced in recent rework

I recently found a bug introduced in your commit 
65500d234e74fc4e8f18e1a429bc24e51e75de4a, i.e. between 2.6.14 and 2.6.15-rc1, 
about do_file_page changes wrt remap_file_pages and MAP_POPULATE.

Quoting from the changelog (which is wrong):

    do_file_page's fallback to do_no_page dates from a time when we were 
testing
    pte_file by using it wherever possible: currently it's peculiar to 
nonlinear
    vmas, so just check that.  BUG_ON if not?  Better not, it's probably page
    table corruption, so just show the pte: hmm, there's a pte_ERROR macro, 
let's
    use that for do_wp_page's invalid pfn too.

This is false:

do_mmap_pgoff:
        if (flags & MAP_POPULATE) {
                up_write(&mm->mmap_sem);
                sys_remap_file_pages(addr, len, 0,
                                        pgoff, flags & MAP_NONBLOCK);
                down_write(&mm->mmap_sem);
        }

So, with MAP_POPULATE|MAP_NONBLOCK passed, you can get a linear PAGE_FILE pte 
in a !VM_NONLINEAR vma.

That PTE is very useless since it doesn't add any information, I know that, so 
avoiding that possible installation is a possible fix, but for now it's 
simpler to change the test in do_file_page(). Btw, in fact I discovered this 
bug while I was implementing this optimization (working again on 
remap_file_pages() patches of this summer).

Indeed, the condition to test (and to possibly BUG_ON/pte_ERROR) is that 
->populate must exist for the sys_remap_file_pages call to work.
-- 
Inform me of my mistakes, so I can keep imitating Homer Simpson's "Doh!".
Paolo Giarrusso, aka Blaisorblade (Skype ID "PaoloGiarrusso", ICQ 215621894)
http://www.user-mode-linux.org/~blaisorblade


	

	
		
___________________________________ 
Yahoo! Mail: gratis 1GB per i messaggi e allegati da 10MB 
http://mail.yahoo.it
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: [2.6.15-rc1+ regression] do_file_page bug introduced in recent rework
  - From: Hugh Dickins <[email protected]>

Prev by Date: Re: copy_from_user/copy_to_user question
Next by Date: Re: [PATCH 0/3] x86 PCI domain support
Previous by thread: Re: [PATCH 0/4] linux-2.6-block: deactivating pagecache for benchmarks
Next by thread: Re: [2.6.15-rc1+ regression] do_file_page bug introduced in recent rework
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]