The patch titled Subject: mm/hmm: fix bad subpage pointer in try_to_unmap_one has been added to the -mm tree. Its filename is mm-hmm-fix-bad-subpage-pointer-in-try_to_unmap_one.patch
This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-hmm-fix-bad-subpage-pointer-in-t... and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-hmm-fix-bad-subpage-pointer-in-t...
Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated there every 3-4 working days
------------------------------------------------------ From: Ralph Campbell rcampbell@nvidia.com Subject: mm/hmm: fix bad subpage pointer in try_to_unmap_one
When migrating an anonymous private page to a ZONE_DEVICE private page, the source page->mapping and page->index fields are copied to the destination ZONE_DEVICE struct page and the page_mapcount() is increased. This is so rmap_walk() can be used to unmap and migrate the page back to system memory. However, try_to_unmap_one() computes the subpage pointer from a swap pte which computes an invalid page pointer and a kernel panic results such as:
BUG: unable to handle page fault for address: ffffea1fffffffc8
Currently, only single pages can be migrated to device private memory so no subpage computation is needed and it can be set to "page".
Link: http://lkml.kernel.org/r/20190719192955.30462-4-rcampbell@nvidia.com Fixes: a5430dda8a3a1c ("mm/migrate: support un-addressable ZONE_DEVICE page in migration") Signed-off-by: Ralph Campbell rcampbell@nvidia.com Cc: "Jérôme Glisse" jglisse@redhat.com Cc: "Kirill A. Shutemov" kirill.shutemov@linux.intel.com Cc: Mike Kravetz mike.kravetz@oracle.com Cc: Christoph Hellwig hch@lst.de Cc: Jason Gunthorpe jgg@mellanox.com Cc: John Hubbard jhubbard@nvidia.com Cc: Andrea Arcangeli aarcange@redhat.com Cc: Andrey Ryabinin aryabinin@virtuozzo.com Cc: Christoph Lameter cl@linux.com Cc: Dan Williams dan.j.williams@intel.com Cc: Dave Hansen dave.hansen@linux.intel.com Cc: Ira Weiny ira.weiny@intel.com Cc: Jan Kara jack@suse.cz Cc: Lai Jiangshan jiangshanlai@gmail.com Cc: Logan Gunthorpe logang@deltatee.com Cc: Martin Schwidefsky schwidefsky@de.ibm.com Cc: Matthew Wilcox willy@infradead.org Cc: Mel Gorman mgorman@techsingularity.net Cc: Michal Hocko mhocko@suse.com Cc: Pekka Enberg penberg@kernel.org Cc: Randy Dunlap rdunlap@infradead.org Cc: Vlastimil Babka vbabka@suse.cz Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org ---
mm/rmap.c | 1 + 1 file changed, 1 insertion(+)
--- a/mm/rmap.c~mm-hmm-fix-bad-subpage-pointer-in-try_to_unmap_one +++ a/mm/rmap.c @@ -1476,6 +1476,7 @@ static bool try_to_unmap_one(struct page * No need to invalidate here it will synchronize on * against the special swap migration pte. */ + subpage = page; goto discard; }
_
Patches currently in -mm which might be from rcampbell@nvidia.com are
mm-document-zone-device-struct-page-field-usage.patch mm-hmm-fix-zone_device-anon-page-mapping-reuse.patch mm-hmm-fix-bad-subpage-pointer-in-try_to_unmap_one.patch