[PATCH v1 07/11] mm: hwpoison: fix race between unpoisoning and freeing migrate source page

From: Naoya Horiguchi
Date: Thu Mar 03 2016 - 02:43:40 EST

Next message: Joonsoo Kim: "Re: [PATCH v4 2/2] mm/page_ref: add tracepoint to track down page reference manipulation"
Previous message: Naoya Horiguchi: "[PATCH v1 10/11] mm: migrate: move_pages() supports thp migration"
In reply to: kbuild test robot: "Re: [PATCH v1 10/11] mm: migrate: move_pages() supports thp migration"
Next in thread: Naoya Horiguchi: "[PATCH v1 05/11] mm: thp: check pmd migration entry in common path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

During testing thp migration, I saw the BUG_ON triggered due to the race between
soft offline and unpoison (what I actually saw was "bad page" warning of freeing
page with PageActive set, then subsequent bug messages differ each time.)

I tried to solve similar problem a few times (see commit f4c18e6f7b5b ("mm:
check __PG_HWPOISON separately from PAGE_FLAGS_CHECK_AT_*",) but the new
workload brings out a new problem of the previous solution.

Let's say that unpoison never works well if the target page is not properly
contained,) so now I'm going in the direction of limiting unpoison function
(as commit 230ac719c500 ("mm/hwpoison: don't try to unpoison containment-failed
pages" does). This patch takes another step in the direction by ensuring that
the target page is kicked out from any pcplist. With this change, the dirty hack
of calling put_page() instead of putback_lru_page() when migration reason is
MR_MEMORY_FAILURE is not necessary any more, so it's reverted.

Signed-off-by: Naoya Horiguchi <n-horiguchi@xxxxxxxxxxxxx>
---
mm/memory-failure.c | 10 +++++++++-
mm/migrate.c | 8 +-------
2 files changed, 10 insertions(+), 8 deletions(-)

diff --git v4.5-rc5-mmotm-2016-02-24-16-18/mm/memory-failure.c v4.5-rc5-mmotm-2016-02-24-16-18_patched/mm/memory-failure.c
index 67c30eb..bfb63c6 100644
--- v4.5-rc5-mmotm-2016-02-24-16-18/mm/memory-failure.c
+++ v4.5-rc5-mmotm-2016-02-24-16-18_patched/mm/memory-failure.c
@@ -1431,6 +1431,13 @@ int unpoison_memory(unsigned long pfn)
return 0;
}

+ /*
+ * Soft-offlined pages might stay in PCP list because it's freed via
+ * putback_lru_page(), and such pages shouldn't be unpoisoned because
+ * it could cause list corruption. So let's drain pages to avoid that.
+ */
+ shake_page(page, 0);
+
nr_pages = 1 << compound_order(page);

if (!get_hwpoison_page(p)) {
@@ -1674,7 +1681,8 @@ static int __soft_offline_page(struct page *page, int flags)
pfn, ret, page->flags);
if (ret > 0)
ret = -EIO;
- }
+ } else if (!TestSetPageHWPoison(page))
+ num_poisoned_pages_inc();
} else {
pr_info("soft offline: %#lx: isolation failed: %d, page count %d, type %lx\n",
pfn, ret, page_count(page), page->flags);
diff --git v4.5-rc5-mmotm-2016-02-24-16-18/mm/migrate.c v4.5-rc5-mmotm-2016-02-24-16-18_patched/mm/migrate.c
index bd8bfa4..31bc724 100644
--- v4.5-rc5-mmotm-2016-02-24-16-18/mm/migrate.c
+++ v4.5-rc5-mmotm-2016-02-24-16-18_patched/mm/migrate.c
@@ -994,13 +994,7 @@ static ICE_noinline int unmap_and_move(new_page_t get_new_page,
list_del(&page->lru);
dec_zone_page_state(page, NR_ISOLATED_ANON +
page_is_file_cache(page));
- /* Soft-offlined page shouldn't go through lru cache list */
- if (reason == MR_MEMORY_FAILURE) {
- put_page(page);
- if (!test_set_page_hwpoison(page))
- num_poisoned_pages_inc();
- } else
- putback_lru_page(page);
+ putback_lru_page(page);
}

/*
--
2.7.0

Next message: Joonsoo Kim: "Re: [PATCH v4 2/2] mm/page_ref: add tracepoint to track down page reference manipulation"
Previous message: Naoya Horiguchi: "[PATCH v1 10/11] mm: migrate: move_pages() supports thp migration"
In reply to: kbuild test robot: "Re: [PATCH v1 10/11] mm: migrate: move_pages() supports thp migration"
Next in thread: Naoya Horiguchi: "[PATCH v1 05/11] mm: thp: check pmd migration entry in common path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]