thp+memcg-numa: fix BUG at include/linux/mm.h:370!

THP's collapse_huge_page() has an understandable but ugly difference
in when its huge page is allocated: inside if NUMA but outside if not.
It's hardly surprising that the memcg failure path forgot that, freeing
the page in the non-NUMA case, then hitting a VM_BUG_ON in get_page()
(or even worse, using the freed page).

Signed-off-by: Hugh Dickins <hughd@google.com>
Reviewed-by: Minchan Kim <minchan.kim@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Hugh Dickins 2011-03-14 01:08:47 -07:00 committed by Linus Torvalds
parent c44ed965be
commit 2fbfac4e05
1 changed files with 5 additions and 1 deletions

View File

@ -1762,6 +1762,10 @@ static void collapse_huge_page(struct mm_struct *mm,
#ifndef CONFIG_NUMA #ifndef CONFIG_NUMA
VM_BUG_ON(!*hpage); VM_BUG_ON(!*hpage);
new_page = *hpage; new_page = *hpage;
if (unlikely(mem_cgroup_newpage_charge(new_page, mm, GFP_KERNEL))) {
up_read(&mm->mmap_sem);
return;
}
#else #else
VM_BUG_ON(*hpage); VM_BUG_ON(*hpage);
/* /*
@ -1781,12 +1785,12 @@ static void collapse_huge_page(struct mm_struct *mm,
*hpage = ERR_PTR(-ENOMEM); *hpage = ERR_PTR(-ENOMEM);
return; return;
} }
#endif
if (unlikely(mem_cgroup_newpage_charge(new_page, mm, GFP_KERNEL))) { if (unlikely(mem_cgroup_newpage_charge(new_page, mm, GFP_KERNEL))) {
up_read(&mm->mmap_sem); up_read(&mm->mmap_sem);
put_page(new_page); put_page(new_page);
return; return;
} }
#endif
/* after allocating the hugepage upgrade to mmap_sem write mode */ /* after allocating the hugepage upgrade to mmap_sem write mode */
up_read(&mm->mmap_sem); up_read(&mm->mmap_sem);