On Tue, 4 Sep 2012 16:39:49 -0700
Michel Lespinasse <walken@xxxxxxxxxx> wrote:
> This change fixes an anon_vma locking issue in the following situation:
> - vma has no anon_vma
> - next has an anon_vma
> - vma is being shrunk / next is being expanded, due to an mprotect call
>
> We need to take next's anon_vma lock to avoid races with rmap users
> (such as page migration) while next is being expanded.
>
> ...
>
> --- a/mm/mmap.c
> +++ b/mm/mmap.c
> @@ -578,8 +578,12 @@ again: remove_next = 1 + (end > next->vm_end);
> */
> if (vma->anon_vma && (importer || start != vma->vm_start)) {
> anon_vma = vma->anon_vma;
> + VM_BUG_ON(adjust_next && next->anon_vma &&
> + anon_vma != next->anon_vma);
> + } else if (adjust_next && next->anon_vma)
> + anon_vma = next->anon_vma;
> + if (anon_vma)
> anon_vma_lock(anon_vma);
> - }
>
> if (root) {
> flush_dcache_mmap_lock(mapping);
hm, OK. How serious was that bug? I'm suspecting "only needed in
3.7".
If we want to fix this in 3.6 and perhaps -stable, I'm a bit worried
about that new VM_BUG_ON(). Not that I don't trust you or anything,
but these things tend to go bang when people least expected it.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>