• Mel Gorman's avatar
    tmpfs: fix shared mempolicy leak · 18a2f371
    Mel Gorman authored
    This fixes a regression in 3.7-rc, which has since gone into stable.
    
    Commit 00442ad0 ("mempolicy: fix a memory corruption by refcount
    imbalance in alloc_pages_vma()") changed get_vma_policy() to raise the
    refcount on a shmem shared mempolicy; whereas shmem_alloc_page() went
    on expecting alloc_page_vma() to drop the refcount it had acquired.
    This deserves a rework: but for now fix the leak in shmem_alloc_page().
    
    Hugh: shmem_swapin() did not need a fix, but surely it's clearer to use
    the same refcounting there as in shmem_alloc_page(), delete its onstack
    mempolicy, and the strange mpol_cond_copy() and __mpol_cond_copy() -
    those were invented to let swapin_readahead() make an unknown number of
    calls to alloc_pages_vma() with one mempolicy; but since 00442ad0,
    alloc_pages_vma() has kept refcount in balance, so now no problem.
    Reported-and-tested-by: default avatarTommi Rantala <tt.rantala@gmail.com>
    Signed-off-by: default avatarMel Gorman <mgorman@suse.de>
    Signed-off-by: default avatarHugh Dickins <hughd@google.com>
    Cc: stable@vger.kernel.org
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    18a2f371
mempolicy.c 65.7 KB