From: Hugh Dickins Several times while testing swapless page migration, gcc has tried to exec a pointer instead of a string: smells like COW mappings are not being properly write-protected on fork. The protection in copy_one_pte looks very convincing, until at last you realize that the second arg to make_migration_entry is a boolean "write", and SWP_MIGRATION_READ is 30. Anyway, it's better done like in change_pte_range, using is_write_migration_entry and make_migration_entry_read. Signed-off-by: Hugh Dickins Acked-by: Christoph Lameter Signed-off-by: Andrew Morton --- mm/memory.c | 9 +++------ 1 files changed, 3 insertions(+), 6 deletions(-) diff -puN mm/memory.c~swapless-pm-add-r-w-migration-entries-fix-2 mm/memory.c --- 25/mm/memory.c~swapless-pm-add-r-w-migration-entries-fix-2 Fri May 26 13:20:14 2006 +++ 25-akpm/mm/memory.c Fri May 26 13:20:14 2006 @@ -445,16 +445,13 @@ copy_one_pte(struct mm_struct *dst_mm, s &src_mm->mmlist); spin_unlock(&mmlist_lock); } - if (is_migration_entry(entry) && + if (is_write_migration_entry(entry) && is_cow_mapping(vm_flags)) { - page = migration_entry_to_page(entry); - /* * COW mappings require pages in both parent - * and child to be set to read. + * and child to be set to read. */ - entry = make_migration_entry(page, - SWP_MIGRATION_READ); + make_migration_entry_read(&entry); pte = swp_entry_to_pte(entry); set_pte_at(src_mm, addr, src_pte, pte); } _