rmap_walk() present in RH7 requires the caller to either hold mmap_sem or pin the page's anon_vma. page_idle_clear_pte_refs does neither. As a result, it might end up trying to lock/unlock anon_vma which has already been freed and possibly reallocated. This won't do any good.
Let's pull the new version of rmap_walk() from upstream, which allows to specify a custom anon_vma lock function and use it in page_idle code to avoid this issue. This patch puts page_idle in sync with upstream. I hope this will fix: https://jira.sw.ru/browse/PSBM-42015 Joonsoo Kim (3): mm/rmap: factor lock function out of rmap_walk_anon() mm/rmap: make rmap_walk to get the rmap_walk_control argument mm/rmap: extend rmap_walk_xxx() to cope with different cases Vladimir Davydov (1): mm: page_idle: look up page anon_vma carefully when checking references include/linux/ksm.h | 7 ++--- include/linux/rmap.h | 24 ++++++++++++++-- mm/ksm.c | 13 +++++++-- mm/migrate.c | 7 ++++- mm/page_idle.c | 19 +++++++++++-- mm/rmap.c | 80 ++++++++++++++++++++++++++++++++++++---------------- 6 files changed, 112 insertions(+), 38 deletions(-) -- 2.1.4 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel