[PATCH 7/8] mm: memory-failure: fetch compound head after extra page refcnt is held
From: Miaohe Lin
Date: Sat Jul 08 2023 - 04:57:54 EST
Page might become thp, huge page or being splited after compound head
is fetched but before page refcnt is bumped. So hpage might be a tail
page leading to VM_BUG_ON_PAGE(PageTail(page)) in PageTransHuge().
Fixes: 415c64c1453a ("mm/memory-failure: split thp earlier in memory error handling")
Signed-off-by: Miaohe Lin <linmiaohe@xxxxxxxxxx>
---
mm/memory-failure.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/mm/memory-failure.c b/mm/memory-failure.c
index 0f93175ed862..76d88d27cdbe 100644
--- a/mm/memory-failure.c
+++ b/mm/memory-failure.c
@@ -2179,8 +2179,6 @@ int memory_failure(unsigned long pfn, int flags)
goto unlock_mutex;
}
- hpage = compound_head(p);
-
/*
* We need/can do nothing about count=0 pages.
* 1) it's a free page, and therefore in safe hand:
@@ -2219,6 +2217,7 @@ int memory_failure(unsigned long pfn, int flags)
}
}
+ hpage = compound_head(p);
if (PageTransHuge(hpage)) {
/*
* The flag must be set after the refcount is bumped
--
2.33.0