On Tue, 27 Aug 2013 07:26:04 +0800 Wanpeng Li <liwanp@xxxxxxxxxxxxxxxxxx> wrote: > Hi Naoya, > On Mon, Aug 26, 2013 at 11:45:37AM -0400, Naoya Horiguchi wrote: > >On Mon, Aug 26, 2013 at 04:46:12PM +0800, Wanpeng Li wrote: > >> madvise hwpoison inject will poison the read-only empty zero page if there is > >> no write access before poison. Empty zero page reference count will be increased > >> for hwpoison, subsequent poison zero page will return directly since page has > >> already been set PG_hwpoison, however, page reference count is still increased > >> by get_user_pages_fast. The unpoison process will unpoison the empty zero page > >> and decrease the reference count successfully for the fist time, however, > >> subsequent unpoison empty zero page will return directly since page has already > >> been unpoisoned and without decrease the page reference count of empty zero page. > >> This patch fix it by decrease page reference count for empty zero page which has > >> already been unpoisoned and page count > 1. > > > >I guess that fixing on the madvise side looks reasonable to me, because this > >refcount mismatch happens only when we poison with madvise(). The root cause > >is that we can get refcount multiple times on a page, even if memory_failure() > >or soft_offline_page() can do its work only once. > > > > I think this just happen in read-only before poison case against empty > zero page. > > Hi Andrew, > > I see you have already merged the patch, which method you prefer? > Addressing it within the madvise code does sound more appropriate. The change which mm-hwpoison-fix-memory-failure-still-holding-reference-count-after-unpoisoning-empty-zero-page.patch makes is pretty darn strange-looking at at least needs a comment telling people what it's doing, and why. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>