I see a benign race but no oops.
> In the situation such as:
> - two processes (process A and B) sharing memory space
> - one of the pages in the space has been swapped out and
> not remained in swapcache
> - process A runs on cpu0, process B runs on cpu1
>
> when process A reads the address corresponding to the page,
> page fault occurs and the cpu0 reads swapped-out page into memory,
> calls add_to_page_cache_unique() to add it to swapcache and then
> calls lru_cache_add() to add it to lru list.
>
> If process B reads the same address at that time, cpu1 calls
> do_swap_page() and lookup_swap_cache() may succeed before cpu0
> calls lru_cache_add() and cpu1 will set the page active by
> following mark_page_accessed().
I agree that B may get to mark_page_accessed before A gets to
lru_cache_add, but B will just SetPageReferenced. If there's a
similar process C racing on the page too, its mark_page_accessed
would call activate_page, but that will see !PageLRU and do nothing.
> lru_cache_add() checks if the page is active and if it is active,
> it calls BUG().
It cannot be made PageActive until after lru_cache_add has set PageLRU.
Hugh
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/