On Tue, Apr 20, 2021 at 09:01:15PM +0100, Matthew Wilcox (Oracle) wrote: > The BUG_ON that checks whether the ractl is still in sync with the > local variables can trigger under some fairly unusual circumstances. > Remove the BUG_ON and resync the loop counter after every call to > read_pages(). > > One way I've seen to trigger it is: > > - Start out with a partially populated range in the page cache > - Allocate some pages and run into an existing page > - Send the read request off to the filesystem > - The page we ran into is removed from the page cache > - readahead_expand() succeeds in expanding upwards > - Return to page_cache_ra_unbounded() and we hit the BUG_ON, as nr_pages > has been adjusted upwards. (nb: this has only been reported for a kernel which has readahead_expand(). there is no indication this BUG_ON can be hit by a released kernel)
