Skip to main content

Browse the archive

Revision 0d777df5d8953293be090d9ab5a355db893e8357 authored by Naoya Horiguchi on 11 December 2015, 21:40:49 UTC, committed by Linus Torvalds on 12 December 2015, 18:15:34 UTC 
mm: hugetlb: call huge_pte_alloc() only if ptep is null
 
Currently at the beginning of hugetlb_fault(), we call huge_pte_offset()
and check whether the obtained *ptep is a migration/hwpoison entry or
not.  And if not, then we get to call huge_pte_alloc().  This is racy
because the *ptep could turn into migration/hwpoison entry after the
huge_pte_offset() check.  This race results in BUG_ON in
huge_pte_alloc().

We don't have to call huge_pte_alloc() when the huge_pte_offset()
returns non-NULL, so let's fix this bug with moving the code into else
block.

Note that the *ptep could turn into a migration/hwpoison entry after
this block, but that's not a problem because we have another
!pte_present check later (we never go into hugetlb_no_page() in that
case.)

Fixes: 290408d4a250 ("hugetlb: hugepage migration core")
Signed-off-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Acked-by: Hillf Danton <hillf.zj@alibaba-inc.com>
Acked-by: David Rientjes <rientjes@google.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Mike Kravetz <mike.kravetz@oracle.com>
Cc: <stable@vger.kernel.org>	[2.6.36+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 parent 86fffe4
History
File Mode Size
9p
adfs
affs
afs
autofs4
befs
bfs
btrfs
cachefiles
ceph
cifs
coda
configfs
cramfs
debugfs
devpts
dlm
ecryptfs
efivarfs
efs
exofs
exportfs
ext2
ext4
f2fs
fat
freevxfs
fscache
fuse
gfs2
hfs
hfsplus
hostfs
hpfs
hugetlbfs
isofs
jbd2
jffs2
jfs
kernfs
lockd
logfs
minix
ncpfs
nfs
nfs_common
nfsd
nilfs2
nls
notify
ntfs
ocfs2
omfs
openpromfs
overlayfs
proc
pstore
qnx4
qnx6
quota
ramfs
reiserfs
romfs
squashfs
sysfs
sysv
tracefs
ubifs
udf
ufs
xfs
Kconfig -rw-r--r-- 6.5 KB
Kconfig.binfmt -rw-r--r-- 7.0 KB
Makefile -rw-r--r-- 4.1 KB
aio.c -rw-r--r-- 43.0 KB
anon_inodes.c -rw-r--r-- 4.9 KB
attr.c -rw-r--r-- 7.9 KB
bad_inode.c -rw-r--r-- 4.7 KB
binfmt_aout.c -rw-r--r-- 10.8 KB
binfmt_elf.c -rw-r--r-- 60.6 KB
binfmt_elf_fdpic.c -rw-r--r-- 47.8 KB
binfmt_em86.c -rw-r--r-- 2.8 KB
binfmt_flat.c -rw-r--r-- 26.4 KB
binfmt_misc.c -rw-r--r-- 17.5 KB
binfmt_script.c -rw-r--r-- 3.0 KB
block_dev.c -rw-r--r-- 46.3 KB
buffer.c -rw-r--r-- 88.9 KB
char_dev.c -rw-r--r-- 13.3 KB
compat.c -rw-r--r-- 37.2 KB
compat_binfmt_elf.c -rw-r--r-- 3.7 KB
compat_ioctl.c -rw-r--r-- 45.5 KB
coredump.c -rw-r--r-- 19.2 KB
dax.c -rw-r--r-- 22.2 KB
dcache.c -rw-r--r-- 89.4 KB
dcookies.c -rw-r--r-- 6.9 KB
direct-io.c -rw-r--r-- 38.3 KB
drop_caches.c -rw-r--r-- 1.6 KB
eventfd.c -rw-r--r-- 11.2 KB
eventpoll.c -rw-r--r-- 59.0 KB
exec.c -rw-r--r-- 40.7 KB
fcntl.c -rw-r--r-- 16.6 KB
fhandle.c -rw-r--r-- 6.5 KB
file.c -rw-r--r-- 23.4 KB
file_table.c -rw-r--r-- 8.5 KB
filesystems.c -rw-r--r-- 6.4 KB
fs-writeback.c -rw-r--r-- 67.4 KB
fs_pin.c -rw-r--r-- 2.0 KB
fs_struct.c -rw-r--r-- 3.3 KB
inode.c -rw-r--r-- 52.9 KB
internal.h -rw-r--r-- 3.6 KB
ioctl.c -rw-r--r-- 15.7 KB
libfs.c -rw-r--r-- 30.4 KB
locks.c -rw-r--r-- 70.1 KB
mbcache.c -rw-r--r-- 24.1 KB
mount.h -rw-r--r-- 3.5 KB
mpage.c -rw-r--r-- 20.3 KB
namei.c -rw-r--r-- 114.6 KB
namespace.c -rw-r--r-- 81.5 KB
no-block.c -rw-r--r-- 688 bytes
nsfs.c -rw-r--r-- 3.7 KB
open.c -rw-r--r-- 26.9 KB
pipe.c -rw-r--r-- 25.0 KB
pnode.c -rw-r--r-- 11.2 KB
pnode.h -rw-r--r-- 1.8 KB
posix_acl.c -rw-r--r-- 19.9 KB
proc_namespace.c -rw-r--r-- 7.7 KB
read_write.c -rw-r--r-- 28.9 KB
readdir.c -rw-r--r-- 6.9 KB
select.c -rw-r--r-- 25.4 KB
seq_file.c -rw-r--r-- 22.4 KB
signalfd.c -rw-r--r-- 9.2 KB
splice.c -rw-r--r-- 46.4 KB
stack.c -rw-r--r-- 2.5 KB
stat.c -rw-r--r-- 11.9 KB
statfs.c -rw-r--r-- 5.3 KB
super.c -rw-r--r-- 35.0 KB
sync.c -rw-r--r-- 9.9 KB
timerfd.c -rw-r--r-- 13.0 KB
userfaultfd.c -rw-r--r-- 34.9 KB
utimes.c -rw-r--r-- 5.9 KB
xattr.c -rw-r--r-- 23.5 KB
back to top