linux/arch/powerpc/mm
Andrea Arcangeli 405e44f2e3 powerpc: get_hugepte() don't put_page() the wrong page
"page" may have changed to point to the next hugepage after the loop
completed, The references have been taken on the head page, so the
put_page must happen there too.

This is a longstanding issue pre-thp inclusion.

It's totally unclear how these page_cache_add_speculative and
pte_val(pte) != pte_val(*ptep) checks are necessary across all the
powerpc gup_fast code, when x86 doesn't need any of that: there's no way
the page can be freed with irq disabled so we're guaranteed the
atomic_inc will happen on a page with page_count > 0 (so not needing the
speculative check).

The pte check is also meaningless on x86: no need to rollback on x86 if
the pte changed, because the pte can still change a CPU tick after the
check succeeded and it won't be rolled back in that case.  The important
thing is we got a reference on a valid page that was mapped there a CPU
tick ago.  So not knowing the soft tlb refill code of ppc64 in great
detail I'm not removing the "speculative" page_count increase and the
pte checks across all the code, but unless there's a strong reason for
it they should be later cleaned up too.

If a pte can change from huge to non-huge (like it could happen with
THP) passing a pte_t *ptep to gup_hugepte() would also require to repeat
the is_hugepd in gup_hugepte(), but that shouldn't happen with hugetlbfs
only so I'm not altering that.

Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Hugh Dickins <hughd@google.com>
Cc: Johannes Weiner <jweiner@redhat.com>
Cc: Rik van Riel <riel@redhat.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-11-02 16:06:57 -07:00
..
40x_mmu.c memblock: Remove rmo_size, burry it in arch/powerpc where it belongs 2010-08-05 12:56:08 +10:00
44x_mmu.c powerpc/47x: allow kernel to be loaded in higher physical memory 2011-07-12 10:34:24 -04:00
dma-noncoherent.c powerpc: Implement dma_mmap_coherent() 2011-03-30 10:44:00 +11:00
fault.c Merge branch 'perf-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip 2011-07-22 16:44:39 -07:00
fsl_booke_mmu.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2010-10-21 21:19:54 -07:00
gup.c powerpc: remove superfluous PageTail checks on the pte gup_fast 2011-11-02 16:06:57 -07:00
hash_low_32.S
hash_low_64.S powerpc: Free up some CPU feature bits by moving out MMU-related features 2011-04-27 14:18:52 +10:00
hash_native_64.c KVM: PPC: book3s_hv: Add support for PPC970-family processors 2011-07-12 13:16:59 +03:00
hash_utils_64.c powerpc: Free up some CPU feature bits by moving out MMU-related features 2011-04-27 14:18:52 +10:00
highmem.c mm: fix race in kunmap_atomic() 2010-10-27 18:03:05 -07:00
hugetlbpage-hash64.c powerpc/mm: Add some debug output when hash insertion fails 2010-07-23 12:56:56 +10:00
hugetlbpage.c powerpc: get_hugepte() don't put_page() the wrong page 2011-11-02 16:06:57 -07:00
init_32.c powerpc: Move free_initmem to common code 2011-06-30 15:28:05 +10:00
init_64.c powerpc: Move free_initmem to common code 2011-06-30 15:28:05 +10:00
Makefile powerpc/fsl-booke64: Use TLB CAMs to cover linear mapping on FSL 64-bit chips 2010-10-14 00:55:14 -05:00
mem.c powerpc/mm: Fix output of total_ram. 2011-07-19 15:13:04 +10:00
mmap_64.c
mmu_context_hash32.c PPC: Split context init/destroy functions 2010-05-17 12:18:20 +03:00
mmu_context_hash64.c powerpc: Fix compile with icwsx support 2011-05-06 13:18:34 +10:00
mmu_context_nohash.c powerpc: Add TLB size detection for TYPE_3E MMUs 2011-04-27 13:02:10 +10:00
mmu_decl.h powerpc/fsl-booke64: Use TLB CAMs to cover linear mapping on FSL 64-bit chips 2010-10-14 00:55:14 -05:00
numa.c powerpc: Convert old cpumask API into new one 2011-05-04 15:22:59 +10:00
pgtable_32.c powerpc: Remove ioremap_flags 2011-05-19 14:30:43 +10:00
pgtable_64.c powerpc: Remove ioremap_flags 2011-05-19 14:30:43 +10:00
pgtable.c mm, powerpc: move the RCU page-table freeing into generic code 2011-05-25 08:39:16 -07:00
ppc_mmu_32.c memblock: Remove rmo_size, burry it in arch/powerpc where it belongs 2010-08-05 12:56:08 +10:00
slb_low.S powerpc: Free up some CPU feature bits by moving out MMU-related features 2011-04-27 14:18:52 +10:00
slb.c powerpc: Free up some CPU feature bits by moving out MMU-related features 2011-04-27 14:18:52 +10:00
slice.c
stab.c powerpc: Free up some CPU feature bits by moving out MMU-related features 2011-04-27 14:18:52 +10:00
subpage-prot.c
tlb_hash32.c powerpc/44x: don't use tlbivax on AMP systems 2011-07-12 09:21:55 -04:00
tlb_hash64.c mm, powerpc: move the RCU page-table freeing into generic code 2011-05-25 08:39:16 -07:00
tlb_low_64e.S powerpc/book3e-64: use a separate TLB handler when linear map is bolted 2011-06-29 17:47:48 +10:00
tlb_nohash_low.S powerpc/476: Workaround for PLB6 hang 2011-02-02 06:59:02 -05:00
tlb_nohash.c Merge remote-tracking branch 'jwb/next' into next 2011-07-22 13:16:41 +10:00