Commit 5b280c0c authored Mar 22, 2011 by Hugh Dickins Committed by Linus Torvalds Mar 22, 2011

mm: don't return 0 too early from find_get_pages()



Callers of find_get_pages(), or its wrapper pagevec_lookup() - notably
truncate_inode_pages_range() - stop looking further when it returns 0.

But if an interrupt comes just after its radix_tree_gang_lookup_slot(),
especially if we have preemptible RCU enabled, isn't it conceivable that
all 14 pages returned could be removed from the page cache by
shrink_page_list(), before find_get_pages() gets to process them?  So
causing it to return 0 although there may be plenty more pages beyond.

Make find_get_pages() and find_get_pages_tag() check for this unlikely
case, and restart should it occur; but callers of find_get_pages_contig()
have no such expectation, it's okay for that to return 0 early.

I have not seen this in practice, just worried by the possibility.

Signed-off-by: Hugh Dickins <hughd@google.com>
Cc: Nick Piggin <npiggin@kernel.dk>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Salman Qazi <sqazi@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

parent 9d8aa4ea

mm/filemap.c

+14 −0

Original line number	Diff line number	Diff line
		@@ -885,6 +885,13 @@ repeat:
		pages[ret] = page;
		ret++;
		}

		/*
		* If all entries were removed before we could secure them,
		* try again, because callers stop trying once 0 is returned.
		*/
		if (unlikely(!ret && nr_found))
		goto restart;
		rcu_read_unlock();
		return ret;
		}
		@@ -1004,6 +1011,13 @@ repeat:
		pages[ret] = page;
		ret++;
		}

		/*
		* If all entries were removed before we could secure them,
		* try again, because callers stop trying once 0 is returned.
		*/
		if (unlikely(!ret && nr_found))
		goto restart;
		rcu_read_unlock();

		if (ret)