On Thu, 29 Apr 2021, Andrew Morton wrote: > > I'm not sure this ever was resolved? It was not resolved: Matthew had prospective fixes for one way in which it could happen, but they did not help the case which still hits my testing (well, I replace the BUG_ON by a WARN_ON, so not hit badly). > > Is it the case that the series "Remove nrexceptional tracking v2" at > least exposed this bug? Yes: makes a BUG out of a long-standing issue not noticed before. > > IOW, what the heck should I do with > > mm-introduce-and-use-mapping_empty.patch > mm-stop-accounting-shadow-entries.patch > dax-account-dax-entries-as-nrpages.patch > mm-remove-nrexceptional-from-inode.patch If Matthew doesn't have a proper fix yet (and it's a bit late for more than an obvious fix), I think those should go in, with this addition: [PATCH] mm: remove nrexceptional from inode: remove BUG_ON clear_inode()'s BUG_ON(!mapping_empty(&inode->i_data)) is unsafe: we know of two ways in which nodes can and do (on rare occasions) get left behind. Until those are fixed, do not BUG_ON() nor even WARN_ON(). Yes, this will then leak those nodes (or the next user of the struct inode may use them); but this has been happening for years, and the new BUG_ON(!mapping_empty) was only guilty of revealing that. A proper fix will follow, but no hurry. Signed-off-by: Hugh Dickins <hughd@xxxxxxxxxx> --- fs/inode.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) --- mmotm/fs/inode.c 2021-04-22 18:30:46.285908982 -0700 +++ linux/fs/inode.c 2021-04-29 22:13:54.096530691 -0700 @@ -529,7 +529,14 @@ void clear_inode(struct inode *inode) */ xa_lock_irq(&inode->i_data.i_pages); BUG_ON(inode->i_data.nrpages); - BUG_ON(!mapping_empty(&inode->i_data)); + /* + * Almost always, mapping_empty(&inode->i_data) here; but there are + * two known and long-standing ways in which nodes may get left behind + * (when deep radix-tree node allocation failed partway; or when THP + * collapse_file() failed). Until those two known cases are cleaned up, + * or a cleanup function is called here, do not BUG_ON(!mapping_empty), + * nor even WARN_ON(!mapping_empty). + */ xa_unlock_irq(&inode->i_data.i_pages); BUG_ON(!list_empty(&inode->i_data.private_list)); BUG_ON(!(inode->i_state & I_FREEING));
