mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check

commit 3486b85a29c1741db99d0c522211c82d2b7a56d0 upstream.

Khugepaged detects own VMAs by checking vm_file and vm_ops but this way
it cannot distinguish private /dev/zero mappings from other special
mappings like /dev/hpet which has no vm_ops and popultes PTEs in mmap.

This fixes false-positive VM_BUG_ON and prevents installing THP where
they are not expected.

Link: http://lkml.kernel.org/r/CACT4Y+ZmuZMV5CjSFOeXviwQdABAgT7T+StKfTqan9YDtgEi5g@mail.gmail.com
Fixes: 78f11a255749 ("mm: thp: fix /dev/zero MAP_PRIVATE and vm_flags cleanups")
Signed-off-by: Konstantin Khlebnikov <koct9i@gmail.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
[bwh: Backported to 3.2:
 - The assertions use VM_BUG_ON() and also check is_linear_pfn_mapping();
   keep that check
 - Adjust context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>

diff --git a/mm/huge_memory.c b/mm/huge_memory.c
index d570aae..2fde516 100644 (file)
--- a/mm/huge_memory.c
+++ b/mm/huge_memory.c
@@ -1635,14 +1635,14 @@ int khugepaged_enter_vma_merge(struct vm_area_struct *vma,
                 * page fault if needed.
                 */
                return 0;
                 * page fault if needed.
                 */
                return 0;

-       if (vma->vm_ops)
+       if (vma->vm_ops || (vm_flags & VM_NO_THP))

                /* khugepaged not yet working on file or special mappings */
                return 0;
        /*
         * If is_pfn_mapping() is true is_learn_pfn_mapping() must be
         * true too, verify it here.
         */
                /* khugepaged not yet working on file or special mappings */
                return 0;
        /*
         * If is_pfn_mapping() is true is_learn_pfn_mapping() must be
         * true too, verify it here.
         */

-       VM_BUG_ON(is_linear_pfn_mapping(vma) || vm_flags & VM_NO_THP);
+       VM_BUG_ON(is_linear_pfn_mapping(vma));

        hstart = (vma->vm_start + ~HPAGE_PMD_MASK) & HPAGE_PMD_MASK;
        hend = vma->vm_end & HPAGE_PMD_MASK;
        if (hstart < hend)
        hstart = (vma->vm_start + ~HPAGE_PMD_MASK) & HPAGE_PMD_MASK;
        hend = vma->vm_end & HPAGE_PMD_MASK;
        if (hstart < hend)


@@ -1831,8 +1831,8 @@ static bool hugepage_vma_check(struct vm_area_struct *vma)
         * If is_pfn_mapping() is true is_learn_pfn_mapping() must be
         * true too, verify it here.
         */
         * If is_pfn_mapping() is true is_learn_pfn_mapping() must be
         * true too, verify it here.
         */

-       VM_BUG_ON(is_linear_pfn_mapping(vma) || vma->vm_flags & VM_NO_THP);
-       return true;
+       VM_BUG_ON(is_linear_pfn_mapping(vma));
+       return !(vma->vm_flags & VM_NO_THP);

 }
 
 static void collapse_huge_page(struct mm_struct *mm,
 }
 
 static void collapse_huge_page(struct mm_struct *mm,