Re: [PATCH 2/2] mm/hugetlb: fix unable to handle page fault for address dead000000000108

From: Andrew Morton
Date: Thu Apr 18 2024 - 16:38:39 EST

Next message: Laurentiu Mihalcea: "[PATCH 1/3] dt-bindings: dsp: support imx8ulp dsp clocks"
Previous message: Laurentiu Mihalcea: "[PATCH 0/3] Add DSP node for imx8ulp"
In reply to: Miaohe Lin: "[PATCH 2/2] mm/hugetlb: fix unable to handle page fault for address dead000000000108"
Next in thread: Miaohe Lin: "Re: [PATCH 2/2] mm/hugetlb: fix unable to handle page fault for address dead000000000108"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 18 Apr 2024 10:20:00 +0800 Miaohe Lin <linmiaohe@xxxxxxxxxx> wrote:

> Below panic occurs when I did memory failure test:
>
> BUG: unable to handle page fault for address: dead000000000108
>
> ...
>
> The root cause is that list_del() is used to remove folio from list when
> dissolve_free_hugetlb_folio(). But list_move() might be used to reenqueue
> hugetlb folio when free_huge_folio() leading to above panic. Fix this
> issue by using list_del_init() to remove folio.
>
> ...
>
> --- a/mm/hugetlb.c
> +++ b/mm/hugetlb.c
> @@ -1642,7 +1642,7 @@ static void __remove_hugetlb_folio(struct hstate *h, struct folio *folio,
> if (hstate_is_gigantic(h) && !gigantic_page_runtime_supported())
> return;
>
> - list_del(&folio->lru);
> + list_del_init(&folio->lru);
>
> if (folio_test_hugetlb_freed(folio)) {
> h->free_huge_pages--;

We should cc:stable and find a Fixes:. This appears to predate
6eb4e88a6d27022ea8aff424d47a0a5dfc9fcb34, after which I got lost.

Next message: Laurentiu Mihalcea: "[PATCH 1/3] dt-bindings: dsp: support imx8ulp dsp clocks"
Previous message: Laurentiu Mihalcea: "[PATCH 0/3] Add DSP node for imx8ulp"
In reply to: Miaohe Lin: "[PATCH 2/2] mm/hugetlb: fix unable to handle page fault for address dead000000000108"
Next in thread: Miaohe Lin: "Re: [PATCH 2/2] mm/hugetlb: fix unable to handle page fault for address dead000000000108"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]