Re: [PATCH] mm/hugetlb: init tails before init_migratetype
From: Kiryl Shutsemau
Date: Mon Jun 22 2026 - 11:12:09 EST
On Mon, Jun 22, 2026 at 12:19:01PM +0200, Michal Clapinski wrote:
> Currently, if you enable HVO, DEFERRED_STRUCT_PAGE_INIT and VM_DEBUG
> the kernel will crash with the following stack trace
>
> get_pfnblock_bitmap_bitidx
> __set_pfnblock_flags_mask
> hugetlb_bootmem_init_migratetype
> prep_and_add_bootmem_folios
> gather_bootmem_prealloc_node
> gather_bootmem_prealloc_parallel
> padata_do_multithreaded
> gather_bootmem_prealloc
> hugetlb_init
>
> on this code
>
> VM_BUG_ON_PAGE(!zone_spans_pfn(page_zone(page), pfn), page);
>
> This code looks inside the struct page which will be uninitialized
> for hugetlb tail pages, which will cause a false positive.
>
> So let's initialize the tail pages before this happens.
>
> Fixes: 622026e87c40 ("mm/hugetlb: remove fake head pages")
> Signed-off-by: Michal Clapinski <mclapinski@xxxxxxxxxx>
Reviewed-by: Kiryl Shutsemau (Meta) <kas@xxxxxxxxxx>
Tested-by: Kiryl Shutsemau (Meta) <kas@xxxxxxxxxx>
One nit below.
> ---
> I think this one check is the only thing that fails, so I can probably
> just remove it instead.
Please don't. It caught a legitimate issue.
> ---
> mm/hugetlb.c | 1 +
> mm/hugetlb_vmemmap.c | 14 +++++++++-----
> mm/hugetlb_vmemmap.h | 5 +++++
> 3 files changed, 15 insertions(+), 5 deletions(-)
>
> diff --git a/mm/hugetlb.c b/mm/hugetlb.c
> index 571212b80835..de5e7c104c10 100644
> --- a/mm/hugetlb.c
> +++ b/mm/hugetlb.c
> @@ -4127,6 +4127,7 @@ static int __init hugetlb_init(void)
> }
>
> hugetlb_init_hstates();
> + hugetlb_vmemmap_init_tails();
> gather_bootmem_prealloc();
> report_hugepages();
>
> diff --git a/mm/hugetlb_vmemmap.c b/mm/hugetlb_vmemmap.c
> index 133b46dfb09f..cf485c101926 100644
> --- a/mm/hugetlb_vmemmap.c
> +++ b/mm/hugetlb_vmemmap.c
> @@ -867,14 +867,10 @@ static const struct ctl_table hugetlb_vmemmap_sysctls[] = {
> },
> };
>
> -static int __init hugetlb_vmemmap_init(void)
> +void __init hugetlb_vmemmap_init_tails(void)
While you're touching this, please also fix up the now-stale comment in
vmemmap_get_tail() in mm/sparse-vmemmap.c, which still points at the
old function.
--
Kiryl Shutsemau / Kirill A. Shutemov