On Fri, Jul 11, 2014 at 12:53:26AM +0300, Oded Gabbay wrote:
mm/rmap.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/mm/rmap.c b/mm/rmap.c index 196cd0c..73d4c3d 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -1231,13 +1231,17 @@ static int try_to_unmap_one(struct page *page, struct vm_area_struct *vma, } else dec_mm_counter(mm, MM_FILEPAGES);
pte_unmap_unlock(pte, ptl);
mmu_notifier_invalidate_page(vma, address, event);
page_remove_rmap(page); page_cache_release(page);
return ret;
out_unmap: pte_unmap_unlock(pte, ptl);
- if (ret != SWAP_FAIL && !(flags & TTU_MUNLOCK))
mmu_notifier_invalidate_page(vma, address, event);out: return ret;
I think there is no bug. In that function the page is just unmapped, removed from the rmap (page_remove_rmap), and the LRU list (page_cache_release). The page itself is not released in this function, so the call mmu_notifier_invalidate_page() at the end is fine.
Joerg