memory unplug: isolate_lru_page fix
authorKAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Thu, 26 Jul 2007 17:41:08 +0000 (10:41 -0700)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Thu, 26 Jul 2007 18:35:17 +0000 (11:35 -0700)
release_pages() in mm/swap.c changes page_count() to be 0 without removing
PageLRU flag...

This means isolate_lru_page() can see a page, PageLRU() &&
page_count(page)==0..  This is BUG.  (get_page() will be called against
count=0 page.)

Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Christoph Lameter <clameter@sgi.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
mm/migrate.c

index c8d87221f36809785cb58266a711b9f5a1b0df7f..37c73b902008e1dd2083f71995f2ce67975f6512 100644 (file)
@@ -49,9 +49,8 @@ int isolate_lru_page(struct page *page, struct list_head *pagelist)
                struct zone *zone = page_zone(page);
 
                spin_lock_irq(&zone->lru_lock);
-               if (PageLRU(page)) {
+               if (PageLRU(page) && get_page_unless_zero(page)) {
                        ret = 0;
-                       get_page(page);
                        ClearPageLRU(page);
                        if (PageActive(page))
                                del_page_from_active_list(zone, page);