Re: [Patch mm-hotfixes v4] mm/page_vma_mapped: fix device-private PMD handling
From: Lance Yang
Date: Thu Jun 25 2026 - 07:26:20 EST
On 2026/6/25 18:37, David Hildenbrand (Arm) wrote:
CPU0: pmde = pmdp_get_lockless(); // sees PMD migration entry
CPU1: remove_migration_ptes(src, dst /* device-private */)
... via rmap_walk(dst) ...
page_vma_mapped_walk(&pvmw /* src, PVMW_MIGRATION */)
returns with PTL held for the PMD migration entry
remove_migration_pmd(new = dst page)
installs a device-private PMD
next page_vma_mapped_walk()
drops PTL via not_found()
CPU0: takes PTL
pmde = *pvmw->pmd; // now device-private PMD
So when PVMW_MIGRATION is not set, current code can return not_found()
before we even decode the locked PMD as a device-private entry.
Commit 65edfda6f3f2 ("mm/rmap: extend rmap and migration support
device-private entries") made the
device-private PMD <-> PMD migration
transition possible.
Doesn't the folio lock help here already?
Ah, yeah, I was too focused on the PTL and missed the folio lock ...
Don't have a caller like that :) Went over the fix again, nothing
else jumped out.