From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>,
Guillaume Morin <guillaume@morinfr.org>,
Hugh Dickins <hughd@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: [PATCH 3.10 17/21] mm: hugetlb: fix copy_hugetlb_page_range()
Date: Tue, 29 Jul 2014 18:48:46 -0700 [thread overview]
Message-ID: <20140730014831.202690528@linuxfoundation.org> (raw)
In-Reply-To: <20140730014830.424826215@linuxfoundation.org>
3.10-stable review patch. If anyone has any objections, please let me know.
------------------
From: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
commit 0253d634e0803a8376a0d88efee0bf523d8673f9 upstream.
Commit 4a705fef9862 ("hugetlb: fix copy_hugetlb_page_range() to handle
migration/hwpoisoned entry") changed the order of
huge_ptep_set_wrprotect() and huge_ptep_get(), which leads to breakage
in some workloads like hugepage-backed heap allocation via libhugetlbfs.
This patch fixes it.
The test program for the problem is shown below:
$ cat heap.c
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#define HPS 0x200000
int main() {
int i;
char *p = malloc(HPS);
memset(p, '1', HPS);
for (i = 0; i < 5; i++) {
if (!fork()) {
memset(p, '2', HPS);
p = malloc(HPS);
memset(p, '3', HPS);
free(p);
return 0;
}
}
sleep(1);
free(p);
return 0;
}
$ export HUGETLB_MORECORE=yes ; export HUGETLB_NO_PREFAULT= ; hugectl --heap ./heap
Fixes 4a705fef9862 ("hugetlb: fix copy_hugetlb_page_range() to handle
migration/hwpoisoned entry"), so is applicable to -stable kernels which
include it.
Signed-off-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Reported-by: Guillaume Morin <guillaume@morinfr.org>
Suggested-by: Guillaume Morin <guillaume@morinfr.org>
Acked-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
mm/hugetlb.c | 1 +
1 file changed, 1 insertion(+)
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -2400,6 +2400,7 @@ int copy_hugetlb_page_range(struct mm_st
} else {
if (cow)
huge_ptep_set_wrprotect(src, addr, src_pte);
+ entry = huge_ptep_get(src_pte);
ptepage = pte_page(entry);
get_page(ptepage);
page_dup_rmap(ptepage);
next prev parent reply other threads:[~2014-07-30 1:48 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-30 1:48 [PATCH 3.10 00/21] 3.10.51-stable review Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 01/21] media: hdpvr: fix two audio bugs Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 02/21] media: tda10071: force modulation to QPSK on DVB-S Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 03/21] block: provide compat ioctl for BLKZEROOUT Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 04/21] block: dont assume last put of shared tags is for the host Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 05/21] libata: support the ata host which implements a queue depth less than 32 Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 06/21] libata: introduce ata_host->n_tags to avoid oops on SAS controllers Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 07/21] ahci: add support for the Promise FastTrak TX8660 SATA HBA (ahci mode) Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 08/21] blkcg: dont call into policy draining if root_blkg is already gone Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 09/21] tracing: Fix wraparound problems in "uptime" trace clock Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 10/21] slab_common: Do not check for duplicate slab names Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 11/21] slab_common: fix the " Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 12/21] Input: fix defuzzing logic Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 13/21] coredump: fix the setting of PF_DUMPCORE Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 14/21] parisc: Remove SA_RESTORER define Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 15/21] hwmon: (smsc47m192) Fix temperature limit and vrm write operations Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 16/21] x86_32, entry: Store badsys error code in %eax Greg Kroah-Hartman
2014-07-30 1:48 ` Greg Kroah-Hartman [this message]
2014-07-30 1:48 ` [PATCH 3.10 19/21] s390/ptrace: fix PSW mask check Greg Kroah-Hartman
2014-07-30 1:48 ` [PATCH 3.10 21/21] core, nfqueue, openvswitch: Orphan frags in skb_zerocopy and handle errors Greg Kroah-Hartman
2014-07-30 16:07 ` [PATCH 3.10 00/21] 3.10.51-stable review Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140730014831.202690528@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=guillaume@morinfr.org \
--cc=hughd@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=n-horiguchi@ah.jp.nec.com \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).