Re: [PATCH] mm/migrate_device: document folio_get requirement before frozen PMD split

Next message: Matt Coster: "Re: [PATCH] drm/imagination: Implement handling of context reset notification"
Previous message: Clark Williams: "[ANNOUNCE] 6.1.166-rt61"
Next in thread: David Hildenbrand (Arm): "Re: [PATCH] mm/migrate_device: document folio_get requirement before frozen PMD split"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Nico Pache

Date: Mon Mar 09 2026 - 11:12:38 EST

On Fri, Mar 6, 2026 at 3:44 AM Usama Arif <usama.arif@xxxxxxxxx> wrote:
>
> split_huge_pmd_address() with freeze=true splits a PMD migration entry
> into PTE migration entries, consuming one folio reference in the
> process. The folio_get() before it provides this reference.
>
> Add a comment explaining this relationship and a VM_WARN_ON_ONCE to
> catch an unexpected refcount != 1 entry state.
>
> Suggested-by: Zi Yan <ziy@xxxxxxxxxx>
> Signed-off-by: Usama Arif <usama.arif@xxxxxxxxx>

LGTM! Thank you for investigating my concerns about this. I'm glad you
found the proper answer.

Reviewed-by: Nico Pache <npache@xxxxxxxxxx>

> ---
> mm/migrate_device.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/mm/migrate_device.c b/mm/migrate_device.c
> index 78c7acf024615..6fa2878848a7e 100644
> --- a/mm/migrate_device.c
> +++ b/mm/migrate_device.c
> @@ -908,6 +908,11 @@ static int migrate_vma_split_unmapped_folio(struct migrate_vma *migrate,
> unsigned long flags;
> int ret = 0;
>
> + VM_WARN_ON_ONCE(folio_ref_count(folio) != 1);
> + /*
> + * take a reference, since split_huge_pmd_address() with freeze = true
> + * drops a reference at the end.
> + */
> folio_get(folio);
> split_huge_pmd_address(migrate->vma, addr, true);
> ret = folio_split_unmapped(folio, 0);
> --
> 2.47.3
>