[PATCH] mmap_region: cleanup, remove unneeded file != NULL check

[PATCH] mmap_region: cleanup, remove unneeded file != NULL check

[Oleg Nesterov]

mmap_region() checks "file != NULL" when we know "file && vma_merge() == T".
Also, swap these if/else branches, imho make the code a bit more readable.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>

--- MM/mm/mmap.c~1_MMAP	2008-01-27 17:09:47.000000000 +0300
+++ MM/mm/mmap.c	2008-02-03 20:49:39.000000000 +0300
@@ -1189,22 +1189,20 @@ munmap_back:
 	if (vma_wants_writenotify(vma))
 		vma->vm_page_prot = vm_get_page_prot(vm_flags & ~VM_SHARED);
 
-	if (!file || !vma_merge(mm, prev, addr, vma->vm_end,
+	if (file && vma_merge(mm, prev, addr, vma->vm_end,
 			vma->vm_flags, NULL, file, pgoff, vma_policy(vma))) {
+		mpol_free(vma_policy(vma));
+		kmem_cache_free(vm_area_cachep, vma);
+		if (correct_wcount)
+			atomic_inc(&inode->i_writecount);
+		fput(file);
+	} else {
 		file = vma->vm_file;
 		vma_link(mm, vma, prev, rb_link, rb_parent);
 		if (correct_wcount)
 			atomic_inc(&inode->i_writecount);
-	} else {
-		if (file) {
-			if (correct_wcount)
-				atomic_inc(&inode->i_writecount);
-			fput(file);
-		}
-		mpol_free(vma_policy(vma));
-		kmem_cache_free(vm_area_cachep, vma);
 	}
-out:	
+out:
 	mm->total_vm += len >> PAGE_SHIFT;
 	vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT);
 	if (vm_flags & VM_LOCKED) {

Re: [PATCH] mmap_region: cleanup, remove unneeded file != NULL check

[Hugh Dickins]

On Sun, 3 Feb 2008, Oleg Nesterov wrote:

> mmap_region() checks "file != NULL" when we know "file && vma_merge() == T".
> Also, swap these if/else branches, imho make the code a bit more readable.
> 
> Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>

Acked-with-a-but-by: Hugh Dickins <hugh@veritas.com>

That's a great little improvement, Oleg: my difficulty in understanding
the patch is all due to the obscurity of the original you're improving.

But my but is this: you can go one step further, it's silly to be
repeating the "if (correct_wcount) atomic_inc..." in both the if
and the else clauses.

For several minutes I thought that must indicate we already had a
bug there.  Eventually I realized not: we need deny_write_access()
above to test and deny atomically, then once we've merged or linked
the vma it's securely denying in the vma itself: so before returning
we need to undo our temporary denial.  A brief comment might be
worthwhile, perhaps something like

	/* Once vma denies write, undo our temporary denial count */
	if (correct_wcount)
		atomic_inc(&inode->i_writecount);

Hugh

> 
> --- MM/mm/mmap.c~1_MMAP	2008-01-27 17:09:47.000000000 +0300
> +++ MM/mm/mmap.c	2008-02-03 20:49:39.000000000 +0300
> @@ -1189,22 +1189,20 @@ munmap_back:
>  	if (vma_wants_writenotify(vma))
>  		vma->vm_page_prot = vm_get_page_prot(vm_flags & ~VM_SHARED);
>  
> -	if (!file || !vma_merge(mm, prev, addr, vma->vm_end,
> +	if (file && vma_merge(mm, prev, addr, vma->vm_end,
>  			vma->vm_flags, NULL, file, pgoff, vma_policy(vma))) {
> +		mpol_free(vma_policy(vma));
> +		kmem_cache_free(vm_area_cachep, vma);
> +		if (correct_wcount)
> +			atomic_inc(&inode->i_writecount);
> +		fput(file);
> +	} else {
>  		file = vma->vm_file;
>  		vma_link(mm, vma, prev, rb_link, rb_parent);
>  		if (correct_wcount)
>  			atomic_inc(&inode->i_writecount);
> -	} else {
> -		if (file) {
> -			if (correct_wcount)
> -				atomic_inc(&inode->i_writecount);
> -			fput(file);
> -		}
> -		mpol_free(vma_policy(vma));
> -		kmem_cache_free(vm_area_cachep, vma);
>  	}
> -out:	
> +out:
>  	mm->total_vm += len >> PAGE_SHIFT;
>  	vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT);
>  	if (vm_flags & VM_LOCKED) {
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
> 

Re: [PATCH] mmap_region: cleanup, remove unneeded file != NULL check

[Oleg Nesterov]

Sorry for delay,

On 02/06, Hugh Dickins wrote:
>
> On Sun, 3 Feb 2008, Oleg Nesterov wrote:
> 
> > mmap_region() checks "file != NULL" when we know "file && vma_merge() == T".
> > Also, swap these if/else branches, imho make the code a bit more readable.
> > 
> > Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
> 
> Acked-with-a-but-by: Hugh Dickins <hugh@veritas.com>
> 
> But my but is this: you can go one step further, it's silly to be
> repeating the "if (correct_wcount) atomic_inc..." in both the if
> and the else clauses.

Ah. Shame on me. Of course, I noticed these 2 correct_wcount's, but
didn't realize we can safely use "inode" after fput(). Not only the
caller should have a reference, vma_merge() requires that vm_file == file,
so fput(file) can't destroy the last reference.

> For several minutes I thought that must indicate we already had a
> bug there.  Eventually I realized not: we need deny_write_access()
> above to test and deny atomically, then once we've merged or linked
> the vma it's securely denying in the vma itself: so before returning
> we need to undo our temporary denial.  A brief comment might be
> worthwhile, perhaps something like
> 
> 	/* Once vma denies write, undo our temporary denial count */
> 	if (correct_wcount)
> 		atomic_inc(&inode->i_writecount);

Thanks Hugh, I'll redo this cleanup.

Oleg.