| Message ID | 20211210171949.n1LCDzHMZ%akpm@linux-foundation.org |
|---|---|
| State | New |
| Headers | show |
| Series | + mm-delete-unsafe-bug-from-page_cache_add_speculative.patch added to -mm tree | expand |
--- a/include/linux/pagemap.h~mm-delete-unsafe-bug-from-page_cache_add_speculative +++ a/include/linux/pagemap.h @@ -285,7 +285,6 @@ static inline struct inode *folio_inode( static inline bool page_cache_add_speculative(struct page *page, int count) { - VM_BUG_ON_PAGE(PageTail(page), page); return folio_ref_try_add_rcu((struct folio *)page, count); }
The patch titled Subject: mm: delete unsafe BUG from page_cache_add_speculative() has been added to the -mm tree. Its filename is mm-delete-unsafe-bug-from-page_cache_add_speculative.patch This patch should soon appear at https://ozlabs.org/~akpm/mmots/broken-out/mm-delete-unsafe-bug-from-page_cache_add_speculative.patch and later at https://ozlabs.org/~akpm/mmotm/broken-out/mm-delete-unsafe-bug-from-page_cache_add_speculative.patch Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Hugh Dickins <hughd@google.com> Subject: mm: delete unsafe BUG from page_cache_add_speculative() It is not easily reproducible, but on 5.16-rc I have several times hit the VM_BUG_ON_PAGE(PageTail(page), page) in page_cache_add_speculative(): usually from filemap_get_read_batch() for an ext4 read, yesterday from next_uptodate_page() from filemap_map_pages() for a shmem fault. That BUG used to be placed where page_ref_add_unless() had succeeded, but now it is placed before folio_ref_add_unless() is attempted: that is not safe, since it is only the acquired reference which makes the page safe from racing THP collapse or split. We could keep the BUG, checking PageTail only when folio_ref_try_add_rcu() has succeeded; but I don't think it adds much value - just delete it. Link: https://lkml.kernel.org/r/8b98fc6f-3439-8614-c3f3-945c659a1aba@google.com Fixes: 020853b6f5ea ("mm: Add folio_try_get_rcu()") Signed-off-by: Hugh Dickins <hughd@google.com> Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Reviewed-by: Matthew Wilcox (Oracle) <willy@infradead.org> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: William Kucharski <william.kucharski@oracle.com> Cc: Christoph Hellwig <hch@lst.de> Cc: Mike Rapoport <rppt@linux.ibm.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> --- include/linux/pagemap.h | 1 - 1 file changed, 1 deletion(-)