From: Gavin Shan gshan@redhat.com
mainline inclusion from mainline-v6.1-rc8 commit 829ae0f81ce093d674ff2256f66a714753e9ce32 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/IAR7B3
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
--------------------------------
The issue is reported when removing memory through virtio_mem device. The transparent huge page, experienced copy-on-write fault, is wrongly regarded as pinned. The transparent huge page is escaped from being isolated in isolate_migratepages_block(). The transparent huge page can't be migrated and the corresponding memory block can't be put into offline state.
Fix it by replacing page_mapcount() with total_mapcount(). With this, the transparent huge page can be isolated and migrated, and the memory block can be put into offline state. Besides, The page's refcount is increased a bit earlier to avoid the page is released when the check is executed.
Link: https://lkml.kernel.org/r/20221124095523.31061-1-gshan@redhat.com Fixes: 1da2f328fa64 ("mm,thp,compaction,cma: allow THP migration for CMA allocations") Signed-off-by: Gavin Shan gshan@redhat.com Reported-by: Zhenyu Zhang zhenyzha@redhat.com Tested-by: Zhenyu Zhang zhenyzha@redhat.com Suggested-by: David Hildenbrand david@redhat.com Acked-by: David Hildenbrand david@redhat.com Cc: Alistair Popple apopple@nvidia.com Cc: Hugh Dickins hughd@google.com Cc: Kirill A. Shutemov kirill.shutemov@linux.intel.com Cc: Matthew Wilcox willy@infradead.org Cc: William Kucharski william.kucharski@oracle.com Cc: Zi Yan ziy@nvidia.com Cc: stable@vger.kernel.org [5.7+] Signed-off-by: Andrew Morton akpm@linux-foundation.org Conflicts: mm/compaction.c [ Context conflicts. ] Signed-off-by: Liu Shixin liushixin2@huawei.com --- mm/compaction.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/mm/compaction.c b/mm/compaction.c index 94ab4e9d1eb64..fb339ceb5bde6 100644 --- a/mm/compaction.c +++ b/mm/compaction.c @@ -965,29 +965,29 @@ isolate_migratepages_block(struct compact_control *cc, unsigned long low_pfn, goto isolate_fail; }
+ /* + * Be careful not to clear PageLRU until after we're + * sure the page is not being freed elsewhere -- the + * page release code relies on it. + */ + if (unlikely(!get_page_unless_zero(page))) + goto isolate_fail; + /* * Migration will fail if an anonymous page is pinned in memory, * so avoid taking lru_lock and isolating it unnecessarily in an * admittedly racy check. */ if (!page_mapping(page) && - page_count(page) > page_mapcount(page)) - goto isolate_fail; + (page_count(page) - 1) > total_mapcount(page)) + goto isolate_fail_put;
/* * Only allow to migrate anonymous pages in GFP_NOFS context * because those do not depend on fs locks. */ if (!(cc->gfp_mask & __GFP_FS) && page_mapping(page)) - goto isolate_fail; - - /* - * Be careful not to clear PageLRU until after we're - * sure the page is not being freed elsewhere -- the - * page release code relies on it. - */ - if (unlikely(!get_page_unless_zero(page))) - goto isolate_fail; + goto isolate_fail_put;
if (__isolate_lru_page_prepare(page, isolate_mode) != 0) goto isolate_fail_put;