Re: [PATCH] mm/memory-failure: fix race with compound page split/merge
From: Naoya Horiguchi
Date: Mon Apr 18 2016 - 19:18:52 EST
# CCed Andrew,
On Mon, Apr 18, 2016 at 02:43:45PM +0300, Konstantin Khlebnikov wrote:
> Get_hwpoison_page() must recheck relation between head and tail pages.
>
> Signed-off-by: Konstantin Khlebnikov <khlebnikov@xxxxxxxxxxxxxx>
Looks good to me. Without this recheck, the race causes kernel to pin
an irrelevant page, and finally makes kernel crash for refcount mismcach...
Acked-by: Naoya Horiguchi <n-horiguchi@xxxxxxxxxxxxx>
> ---
> mm/memory-failure.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/mm/memory-failure.c b/mm/memory-failure.c
> index 78f5f2641b91..ca5acee53b7a 100644
> --- a/mm/memory-failure.c
> +++ b/mm/memory-failure.c
> @@ -888,7 +888,15 @@ int get_hwpoison_page(struct page *page)
> }
> }
>
> - return get_page_unless_zero(head);
> + if (get_page_unless_zero(head)) {
> + if (head == compound_head(page))
> + return 1;
> +
> + pr_info("MCE: %#lx cannot catch tail\n", page_to_pfn(page));
Recently Chen Yucong replaced the label "MCE:" with "Memory failure:",
but the resolution is trivial, I think.
Thanks,
Naoya Horiguchi
> + put_page(head);
> + }
> +
> + return 0;
> }
> EXPORT_SYMBOL_GPL(get_hwpoison_page);
>
>