Re: [PATCH v2] x86/mm: fix freeing of PMD-sized vmemmap pages

Next message: J&#xFC;rgen Gro&#xDF;: "Re: [RFC PATCH] virtio-mmio: add xenbus probing"
Previous message: Zi Yan: "[PATCH v5 01/14] mm/khugepaged: remove READ_ONLY_THP_FOR_FS check"
In reply to: David Hildenbrand (Arm): "[PATCH v2] x86/mm: fix freeing of PMD-sized vmemmap pages"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Lance Yang

Date: Wed Apr 29 2026 - 11:43:02 EST

On 2026/4/29 18:49, David Hildenbrand (Arm) wrote:

In commit bf9e4e30f353 ("x86/mm: use pagetable_free()"), we switched
from freeing non-boot page tables through __free_pages() to
pagetable_free().

However, the function is also called to free vmemmap pages.

Given that vmemmap pages are not page tables, already the page_ptdesc(page)
is wrong. But worse, pagetable_free() calls

__free_pages(page, compound_order(page));

As vmemmap pages are not compound pages (see vmemmap_alloc_block()) --
except for HVO, which doesn't apply here -- we will only free the first
page when freeing a PMD-sized vmemmap page, leaking the other ones.

Fix it by properly decoupling pagetable and vmemmap freeing.
free_pagetable() no longer has to mess with SECTION_INFO, as only the
vmemmap is marked like that in register_page_bootmem_memmap().

The indentation in remove_pmd_table() is messed up, let's fix that
while touching it.

Note that we'll try to get rid of that bootmem info handling soon. For
now, we'll handle it similar to free_pagetable(), just avoiding the
ifdef.

Tested-by: Lance Yang <lance.yang@xxxxxxxxx>
Acked-by: Mike Rapoport (Microsoft) <rppt@xxxxxxxxxx>
Fixes: bf9e4e30f353 ("x86/mm: use pagetable_free()")
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: David Hildenbrand (Arm) <david@xxxxxxxxxx>
---
Reproduced and tested with a simple VM with a virtio-mem device,
repeatedly adding and removing memory.

Found by code inspection while working on bootmem_info removal.
---

Retested. Works as expected :)

Cheers, Lance