diff options
author | Hugh Dickins <hughd@google.com> | 2011-03-14 04:08:47 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-14 11:29:50 -0400 |
commit | 2fbfac4e053861925fa3fffcdc327649b09af54c (patch) | |
tree | 36d9da87f5a42d61cd8be2fd02bab666cb8ac145 | |
parent | c44ed965be7a84afaa07543c04eb97a5dfe93422 (diff) |
thp+memcg-numa: fix BUG at include/linux/mm.h:370!
THP's collapse_huge_page() has an understandable but ugly difference
in when its huge page is allocated: inside if NUMA but outside if not.
It's hardly surprising that the memcg failure path forgot that, freeing
the page in the non-NUMA case, then hitting a VM_BUG_ON in get_page()
(or even worse, using the freed page).
Signed-off-by: Hugh Dickins <hughd@google.com>
Reviewed-by: Minchan Kim <minchan.kim@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | mm/huge_memory.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/mm/huge_memory.c b/mm/huge_memory.c index dbe99a5f2073..113e35c47502 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c | |||
@@ -1762,6 +1762,10 @@ static void collapse_huge_page(struct mm_struct *mm, | |||
1762 | #ifndef CONFIG_NUMA | 1762 | #ifndef CONFIG_NUMA |
1763 | VM_BUG_ON(!*hpage); | 1763 | VM_BUG_ON(!*hpage); |
1764 | new_page = *hpage; | 1764 | new_page = *hpage; |
1765 | if (unlikely(mem_cgroup_newpage_charge(new_page, mm, GFP_KERNEL))) { | ||
1766 | up_read(&mm->mmap_sem); | ||
1767 | return; | ||
1768 | } | ||
1765 | #else | 1769 | #else |
1766 | VM_BUG_ON(*hpage); | 1770 | VM_BUG_ON(*hpage); |
1767 | /* | 1771 | /* |
@@ -1781,12 +1785,12 @@ static void collapse_huge_page(struct mm_struct *mm, | |||
1781 | *hpage = ERR_PTR(-ENOMEM); | 1785 | *hpage = ERR_PTR(-ENOMEM); |
1782 | return; | 1786 | return; |
1783 | } | 1787 | } |
1784 | #endif | ||
1785 | if (unlikely(mem_cgroup_newpage_charge(new_page, mm, GFP_KERNEL))) { | 1788 | if (unlikely(mem_cgroup_newpage_charge(new_page, mm, GFP_KERNEL))) { |
1786 | up_read(&mm->mmap_sem); | 1789 | up_read(&mm->mmap_sem); |
1787 | put_page(new_page); | 1790 | put_page(new_page); |
1788 | return; | 1791 | return; |
1789 | } | 1792 | } |
1793 | #endif | ||
1790 | 1794 | ||
1791 | /* after allocating the hugepage upgrade to mmap_sem write mode */ | 1795 | /* after allocating the hugepage upgrade to mmap_sem write mode */ |
1792 | up_read(&mm->mmap_sem); | 1796 | up_read(&mm->mmap_sem); |