isolate_migratepages_block() from another thread may try to isolate the page again:
for (; low_pfn < end_pfn; low_pfn++) {
/* ... */
page = pfn_to_page(low_pfn);
/* ... */
if (!PageLRU(page)) {
if (unlikely(__PageMovable(page)) && !PageIsolated(page)) {
/* ... */
if (!isolate_movable_page(page, isolate_mode))
goto isolate_success;
/*... */
isolate_success:
list_add(&page->lru, &cc->migratepages);
And this page will be added to another list.
Or, do you see any reason that the page cannot go through this path?
________________________________________
From: Michal Hocko [mhocko@xxxxxxxxxx]
Sent: Wednesday, September 04, 2019 14:38
To: sunqiuyang
Cc: linux-kernel@xxxxxxxxxxxxxxx; linux-mm@xxxxxxxxx
Subject: Re: [PATCH 1/1] mm/migrate: fix list corruption in migration of non-LRU movable pages
On Wed 04-09-19 02:18:38, sunqiuyang wrote:
> The isolate path of non-lru movable pages:
>
> isolate_migratepages_block
> isolate_movable_page
> trylock_page
> // if PageIsolated, goto out_no_isolated
> a_ops->isolate_page
> __SetPageIsolated
> unlock_page
> list_add(&page->lru, &cc->migratepages)
>
> The migration path:
>
> unmap_and_move
> __unmap_and_move
> lock_page
> move_to_new_page
> a_ops->migratepage
> __ClearPageIsolated
> unlock_page
> /* here, the page could be isolated again by another thread, and added into another cc->migratepages,
> since PG_Isolated has been cleared, and not protected by page_lock */
> list_del(&page->lru)
But the page has been migrated already and not freed yet because there
is still a pin on it. So nobody should be touching it at this stage.
Or do I still miss something?
--
Michal Hocko
SUSE Labs
