On Thu, Nov 18, 2021 at 01:54:27PM -0800, akpm@xxxxxxxxxxxxxxxxxxxx wrote: > +++ a/mm/migrate.c > @@ -305,15 +305,7 @@ void __migration_entry_wait(struct mm_st > page = pfn_swap_entry_to_page(entry); > page = compound_head(page); > > - /* > - * Once page cache replacement of page migration started, page_count > - * is zero; but we must not call put_and_wait_on_page_locked() without > - * a ref. Use get_page_unless_zero(), and just fault again if it fails. > - */ > - if (!get_page_unless_zero(page)) > - goto out; > - pte_unmap_unlock(ptep, ptl); > - put_and_wait_on_page_locked(page, TASK_UNINTERRUPTIBLE); > + migration_entry_wait_on_locked(page_folio(page), ptep, ptl); This is clearly bogus. The 'page = compound_head(page)' line should be deleted. But I think we should go further and turn this into: migration_entry_wait_on_locked(entry, ptep, ptl); Neither caller has anything useful to do with the page any more.
