[PATCH 11/11] mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()

From: Hugh Dickins
Date: Thu Jun 10 2021 - 02:56:08 EST

Next message: Ming Lei: "Re: [PATCH v9 3/8] writeback, cgroup: increment isw_nr_in_flight before grabbing an inode"
Previous message: Hugh Dickins: "[PATCH 10/11] mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes"
In reply to: Kirill A. Shutemov: "Re: [PATCH 10/11] mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes"
Next in thread: Kirill A. Shutemov: "Re: [PATCH 11/11] mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Aha! Shouldn't that quick scan over pte_none()s make sure that it holds
ptlock in the PVMW_SYNC case? That too might have been responsible for
BUGs or WARNs in split_huge_page_to_list() or its unmap_page(), though
I've never seen any.

Fixes: ace71a19cec5 ("mm: introduce page_vma_mapped_walk()")
Signed-off-by: Hugh Dickins <hughd@xxxxxxxxxx>
Cc: <stable@xxxxxxxxxxxxxxx>
---
mm/page_vma_mapped.c | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/mm/page_vma_mapped.c b/mm/page_vma_mapped.c
index 6eb2f1863506..7ae4a016304b 100644
--- a/mm/page_vma_mapped.c
+++ b/mm/page_vma_mapped.c
@@ -277,6 +277,10 @@ bool page_vma_mapped_walk(struct page_vma_mapped_walk *pvmw)
goto restart;
}
pvmw->pte++;
+ if ((pvmw->flags & PVMW_SYNC) && !pvmw->ptl) {
+ pvmw->ptl = pte_lockptr(mm, pvmw->pmd);
+ spin_lock(pvmw->ptl);
+ }
} while (pte_none(*pvmw->pte));

if (!pvmw->ptl) {
--
2.26.2

Next message: Ming Lei: "Re: [PATCH v9 3/8] writeback, cgroup: increment isw_nr_in_flight before grabbing an inode"
Previous message: Hugh Dickins: "[PATCH 10/11] mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes"
In reply to: Kirill A. Shutemov: "Re: [PATCH 10/11] mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes"
Next in thread: Kirill A. Shutemov: "Re: [PATCH 11/11] mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]