On 14.03.24 02:25, Matthew Wilcox (Oracle) wrote:
The current folio_test_hugetlb() can be fooled by a concurrent folio split
into returning true for a folio which has never belonged to hugetlbfs.
This can't happen if the caller holds a refcount on it, but we have a
few places (memory-failure, compaction, procfs) which do not and should
not take a speculative reference.
Since hugetlb pages do not use individual page mapcounts (they are always
fully mapped and use the entire_mapcount field to record the number of
mappings), the PageType field is available for use with only a minor
modification to page_mapcount() to ignore the value in this field for
hugetlb pages. Other parts of the kernel which examine page->_mapcount
directly already know about page_has_type() (eg procfs, dump_page()).
Signed-off-by: Matthew Wilcox (Oracle) <willy@xxxxxxxxxxxxx>
---
Should we include this hunk:
diff --git a/mm/debug.c b/mm/debug.c
index c1c1a6a484e4c..f521e17150a10 100644
--- a/mm/debug.c
+++ b/mm/debug.c
@@ -63,7 +63,8 @@ static void __dump_folio(struct folio *folio, struct page *page,
* encode own info, and we must avoid calling page_folio() again.
*/
if (!folio_test_slab(folio)) {
- mapcount = atomic_read(&page->_mapcount) + 1;
+ if (!folio_test_hugetlb(folio))
+ mapcount = atomic_read(&page->_mapcount) + 1;
if (folio_test_large(folio))
mapcount += folio_entire_mapcount(folio);
}
Apart from that, LGTM
Reviewed-by: David Hildenbrand <david@xxxxxxxxxx>
--
Cheers,
David / dhildenb
