Commit 8bfb7092 authored by Dave Hansen's avatar Dave Hansen Committed by Linus Torvalds

[PATCH] fix page->count discrepancy for zero page

While writing some analysis tools for memory hot-remove, we came across a
single page which had a ->count that always increased, without bound.  It
ended up always being the zero page, and it was caused by a leaked
reference in some do_wp_page() code that ends up avoiding PG_reserved
pages.

Basically what happens is that page_cache_release()/put_page() ignore
PG_reserved pages, while page_cache_get()/get_page() go ahead and take the
reference.  So, each time there's a COW fault on the zero-page, you get a
leaked page->count increment.

It's pretty rare to have a COW fault on anything that's PG_reserved, in
fact, I can't think of anything else that this applies to other than the
zero page.

In any case, it the bug doesn't cause any real problems, but it is a bit of
an annoyance and is obviously incorrect.  We've been running with this
patch for about 3 months now, and haven't run into any problems with it.
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent c25e4809
......@@ -1078,6 +1078,7 @@ static int do_wp_page(struct mm_struct *mm, struct vm_area_struct * vma,
/*
* Ok, we need to copy. Oh, well..
*/
if (!PageReserved(old_page))
page_cache_get(old_page);
spin_unlock(&mm->page_table_lock);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment