Hi all.
I am developing an android smartphone.
I am facing a problem that a thread is looping the page fault routine forever.
(The kernel version is around v4.4 though it may differ from the mainline slightly
as the problem occurs in a device being developed in my company.)
The pte corresponding to the fault address is with PTE_PROT_NONE and !PTE_VALID.
(by the way, the pte is mapped to anon page (ashmem))
The weird thing, in my opinion, is that
the VMA of the fault address is not with PROT_NONE but with PROT_READ & PROT_WRITE.
So, the page fault routine (handle_pte_fault()) returns 0 and fault loops forever.
I don't think this is a normal situation.
As I didn't enable NUMA, a pte with PROT_NONE and !PTE_VALID is likely set by mprotect().
1. mprotect(PROT_NONE) -> vma split & set pte with PROT_NONE
2. mprotect(PROT_READ & WRITE) -> vma merge & revert pte
I suspect that the revert pte in #2 didn't work somehow
but no clue.
I googled and found a similar situation (http://linux-kernel.2935.n7.nabble.com/pipe-page-fault-oddness-td953839.html) which is relevant to NUMA and huge pagetable configs
while my device is nothing to do with those configs.
Am I missing any possible scenario? or is it already known BUG?
It will be pleasure if you can give any idea about this problem.
Thanks.
Chulmin Kim
