Home Home > GIT Browse > SLE12-SP4
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVlastimil Babka <vbabka@suse.cz>2019-01-14 10:07:57 +0100
committerVlastimil Babka <vbabka@suse.cz>2019-01-14 10:08:35 +0100
commit505e1da509cf17ada6de41736bcf4c6086505512 (patch)
tree7f06603171d839421ca4bea6cc3b4dae6a39909c
parent6fbf3d58294c7e64bac07824fa97866b4757a347 (diff)
mm/khugepaged: fix crashes due to misaccounted holes (VM
Functionality, bsc#1121599).
-rw-r--r--patches.fixes/mm-khugepaged-fix-crashes-due-to-misaccounted-holes.patch88
-rw-r--r--series.conf1
2 files changed, 89 insertions, 0 deletions
diff --git a/patches.fixes/mm-khugepaged-fix-crashes-due-to-misaccounted-holes.patch b/patches.fixes/mm-khugepaged-fix-crashes-due-to-misaccounted-holes.patch
new file mode 100644
index 0000000000..99c0a49393
--- /dev/null
+++ b/patches.fixes/mm-khugepaged-fix-crashes-due-to-misaccounted-holes.patch
@@ -0,0 +1,88 @@
+From: Hugh Dickins <hughd@google.com>
+Date: Fri, 30 Nov 2018 14:10:29 -0800
+Subject: mm/khugepaged: fix crashes due to misaccounted holes
+Git-commit: aaa52e340073b7f4593b3c4ddafcafa70cf838b5
+Patch-mainline: v4.20-rc5
+References: VM Functionality, bsc#1121599
+
+[ vbabka@suse.cz: use 4.14 pre-xarray stable backport ]
+
+Huge tmpfs testing on a shortish file mapped into a pmd-rounded extent
+hit shmem_evict_inode()'s WARN_ON(inode->i_blocks) followed by
+clear_inode()'s BUG_ON(inode->i_data.nrpages) when the file was later
+closed and unlinked.
+
+khugepaged's collapse_shmem() was forgetting to update mapping->nrpages
+on the rollback path, after it had added but then needs to undo some
+holes.
+
+There is indeed an irritating asymmetry between shmem_charge(), whose
+callers want it to increment nrpages after successfully accounting
+blocks, and shmem_uncharge(), when __delete_from_page_cache() already
+decremented nrpages itself: oh well, just add a comment on that to them
+both.
+
+And shmem_recalc_inode() is supposed to be called when the accounting is
+expected to be in balance (so it can deduce from imbalance that reclaim
+discarded some pages): so change shmem_charge() to update nrpages
+earlier (though it's rare for the difference to matter at all).
+
+Link: http://lkml.kernel.org/r/alpine.LSU.2.11.1811261523450.2275@eggly.anvils
+Fixes: 800d8c63b2e98 ("shmem: add huge pages support")
+Fixes: f3f0e1d2150b2 ("khugepaged: add support of collapse for tmpfs/shmem pages")
+Signed-off-by: Hugh Dickins <hughd@google.com>
+Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
+Cc: Jerome Glisse <jglisse@redhat.com>
+Cc: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
+Cc: Matthew Wilcox <willy@infradead.org>
+Cc: <stable@vger.kernel.org> [4.8+]
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
+---
+ mm/khugepaged.c | 4 +++-
+ mm/shmem.c | 6 +++++-
+ 2 files changed, 8 insertions(+), 2 deletions(-)
+
+--- a/mm/khugepaged.c
++++ b/mm/khugepaged.c
+@@ -1534,8 +1534,10 @@ tree_unlocked:
+ *hpage = NULL;
+ } else {
+ /* Something went wrong: rollback changes to the radix-tree */
+- shmem_uncharge(mapping->host, nr_none);
+ spin_lock_irq(&mapping->tree_lock);
++ mapping->nrpages -= nr_none;
++ shmem_uncharge(mapping->host, nr_none);
++
+ radix_tree_for_each_slot(slot, &mapping->page_tree, &iter,
+ start) {
+ if (iter.index >= end)
+--- a/mm/shmem.c
++++ b/mm/shmem.c
+@@ -294,12 +294,14 @@ bool shmem_charge(struct inode *inode, l
+ if (!shmem_inode_acct_block(inode, pages))
+ return false;
+
++ /* nrpages adjustment first, then shmem_recalc_inode() when balanced */
++ inode->i_mapping->nrpages += pages;
++
+ spin_lock_irqsave(&info->lock, flags);
+ info->alloced += pages;
+ inode->i_blocks += pages * BLOCKS_PER_PAGE;
+ shmem_recalc_inode(inode);
+ spin_unlock_irqrestore(&info->lock, flags);
+- inode->i_mapping->nrpages += pages;
+
+ return true;
+ }
+@@ -309,6 +311,8 @@ void shmem_uncharge(struct inode *inode,
+ struct shmem_inode_info *info = SHMEM_I(inode);
+ unsigned long flags;
+
++ /* nrpages adjustment done by __delete_from_page_cache() or caller */
++
+ spin_lock_irqsave(&info->lock, flags);
+ info->alloced -= pages;
+ inode->i_blocks -= pages * BLOCKS_PER_PAGE;
diff --git a/series.conf b/series.conf
index e61800fbe1..802bb7634a 100644
--- a/series.conf
+++ b/series.conf
@@ -19367,6 +19367,7 @@
patches.fixes/mm-huge_memory-splitting-set-mapping-index-before-unfreeze.patch
patches.fixes/mm-huge_memory-fix-lockdep-complaint-on-32-bit-i_size_read.patch
patches.fixes/mm-khugepaged-collapse_shmem-stop-if-punched-or-truncated.patch
+ patches.fixes/mm-khugepaged-fix-crashes-due-to-misaccounted-holes.patch
patches.drivers/pci-imx6-fix-link-training-status-detection-in-link-up-check
patches.fixes/fs-fix-lost-error-code-in-dio_complete.patch
patches.fixes/nvme-free-ctrl-device-name-on-init-failure.patch