A required unlock_page will be missed in a very rare (but possible) race
condition. Acked by Hugh, who says:

	It'll be hard to hit because of the additional page_mapped test above,
	with truncate unmapping ptes from mms before it advances to removing
	pages from cache; but nothing to prevent it happening.

Signed-off-by: Nick Piggin <nickpiggin@yahoo.com.au>
Signed-off-by: Hugh Dickins <hugh@veritas.com>



---

 linux-2.6-npiggin/mm/rmap.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff -puN mm/rmap.c~mm-rmap-missing-unlock mm/rmap.c
--- linux-2.6/mm/rmap.c~mm-rmap-missing-unlock	2004-09-18 20:46:16.000000000 +1000
+++ linux-2.6-npiggin/mm/rmap.c	2004-09-18 20:46:41.000000000 +1000
@@ -406,8 +406,9 @@ int page_referenced(struct page *page, i
 			referenced += page_referenced_file(page);
 		else if (TestSetPageLocked(page))
 			referenced++;
-		else if (page->mapping) {
-			referenced += page_referenced_file(page);
+		else {
+			if (page->mapping)
+				referenced += page_referenced_file(page);
 			unlock_page(page);
 		}
 	}

_