Commit ad415db8 authored by Peter Xu's avatar Peter Xu Committed by Linus Torvalds
Browse files

mm/gup: fix __get_user_pages() on fault retry of hugetlb

When follow_hugetlb_page() returns with *locked==0, it means we've got a
VM_FAULT_RETRY within the fauling process and we've released the mmap_sem.
When that happens, we should stop and bail out.
Signed-off-by: default avatarPeter Xu <>
Signed-off-by: default avatarAndrew Morton <>
Tested-by: default avatarBrian Geffon <>
Cc: Andrea Arcangeli <>
Cc: Bobby Powers <>
Cc: David Hildenbrand <>
Cc: Denis Plotnikov <>
Cc: "Dr . David Alan Gilbert" <>
Cc: Hugh Dickins <>
Cc: Jerome Glisse <>
Cc: Johannes Weiner <>
Cc: "Kirill A . Shutemov" <>
Cc: Martin Cracauer <>
Cc: Marty McFadden <>
Cc: Matthew Wilcox <>
Cc: Maya Gokhale <>
Cc: Mel Gorman <>
Cc: Mike Kravetz <>
Cc: Mike Rapoport <>
Cc: Pavel Emelyanov <>

Signed-off-by: default avatarLinus Torvalds <>
parent 4f6da934
......@@ -1065,6 +1065,16 @@ static long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
i = follow_hugetlb_page(mm, vma, pages, vmas,
&start, &nr_pages, i,
gup_flags, locked);
if (locked && *locked == 0) {
* We've got a VM_FAULT_RETRY
* and we've lost mmap_sem.
* We must stop here.
BUG_ON(gup_flags & FOLL_NOWAIT);
BUG_ON(ret != 0);
goto out;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment