tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

mm: remove nrexceptional from inode: remove BUG_ON

clear_inode()'s BUG_ON(!mapping_empty(&inode->i_data)) is unsafe: we
know of two ways in which nodes can and do (on rare occasions) get left
behind. Until those are fixed, do not BUG_ON() nor even WARN_ON().

Yes, this will then leak those nodes (or the next user of the struct
inode may use them); but this has been happening for years, and the new
BUG_ON(!mapping_empty) was only guilty of revealing that. A proper fix
will follow, but no hurry.

Link: https://lkml.kernel.org/r/alpine.LSU.2.11.2104292229380.16080@eggly.anvils
Signed-off-by: Hugh Dickins <hughd@google.com>
Cc: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Hugh Dickins and committed by
Linus Torvalds 786b3112 8bc3c481

+8 -1
+8 -1
fs/inode.c
··· 529 529 */ 530 530 xa_lock_irq(&inode->i_data.i_pages); 531 531 BUG_ON(inode->i_data.nrpages); 532 - BUG_ON(!mapping_empty(&inode->i_data)); 532 + /* 533 + * Almost always, mapping_empty(&inode->i_data) here; but there are 534 + * two known and long-standing ways in which nodes may get left behind 535 + * (when deep radix-tree node allocation failed partway; or when THP 536 + * collapse_file() failed). Until those two known cases are cleaned up, 537 + * or a cleanup function is called here, do not BUG_ON(!mapping_empty), 538 + * nor even WARN_ON(!mapping_empty). 539 + */ 533 540 xa_unlock_irq(&inode->i_data.i_pages); 534 541 BUG_ON(!list_empty(&inode->i_data.private_list)); 535 542 BUG_ON(!(inode->i_state & I_FREEING));