On Tue, Apr 26, 2022 at 11:10 PM Xu Yu <xuyu@xxxxxxxxxxxxxxxxx> wrote:
>
> This reverts commit d173d5417fb67411e623d394aab986d847e47dad.
>
> The commit d173d5417fb6 ("mm/memory-failure.c: skip huge_zero_page in
> memory_failure()") explicitly skips huge_zero_page in memory_failure(),
> in order to avoid triggering VM_BUG_ON_PAGE on huge_zero_page in
> split_huge_page_to_list().
>
> This works, but Yang Shi thinks that,
>
> Raising BUG is overkilling for splitting huge_zero_page. The
> huge_zero_page can't be met from normal paths other than memory
> failure, but memory failure is a valid caller. So I tend to replace
> the BUG to WARN + returning -EBUSY. If we don't care about the
> reason code in memory failure, we don't have to touch memory
> failure.
>
> And for the issue that huge_zero_page will be set PG_has_hwpoisoned,
> Yang Shi comments that,
>
> The anonymous page fault doesn't check if the page is poisoned or
> not since it typically gets a fresh allocated page and assumes the
> poisoned page (isolated successfully) can't be reallocated again.
> But huge zero page and base zero page are reused every time. So no
> matter what fix we pick, the issue is always there.
>
> Finally, Yang, David, Anshuman and Naoya all agree to fix the bug, i.e.,
> to split huge_zero_page, in split_huge_page_to_list().
>
> This reverts the commit d173d5417fb6 ("mm/memory-failure.c: skip
> huge_zero_page in memory_failure()"), and the original bug will be fixed
> by the next patch.
Reviewed-by: Yang Shi <shy828301@xxxxxxxxx>
>
> Suggested-by: Yang Shi <shy828301@xxxxxxxxx>
> Cc: Naoya Horiguchi <naoya.horiguchi@xxxxxxx>
> Signed-off-by: Xu Yu <xuyu@xxxxxxxxxxxxxxxxx>
> ---
> mm/memory-failure.c | 13 -------------
> 1 file changed, 13 deletions(-)
>
> diff --git a/mm/memory-failure.c b/mm/memory-failure.c
> index 27760c19bad7..2020944398c9 100644
> --- a/mm/memory-failure.c
> +++ b/mm/memory-failure.c
> @@ -1860,19 +1860,6 @@ int memory_failure(unsigned long pfn, int flags)
> }
>
> if (PageTransHuge(hpage)) {
> - /*
> - * Bail out before SetPageHasHWPoisoned() if hpage is
> - * huge_zero_page, although PG_has_hwpoisoned is not
> - * checked in set_huge_zero_page().
> - *
> - * TODO: Handle memory failure of huge_zero_page thoroughly.
> - */
> - if (is_huge_zero_page(hpage)) {
> - action_result(pfn, MF_MSG_UNSPLIT_THP, MF_IGNORED);
> - res = -EBUSY;
> - goto unlock_mutex;
> - }
> -
> /*
> * The flag must be set after the refcount is bumped
> * otherwise it may race with THP split.
> --
> 2.20.1.2432.ga663e714
>
