Commit 641ec5f8 authored by Naoya Horiguchi's avatar Naoya Horiguchi Committed by Kamal Mostafa

mm/memory-failure: call shake_page() when error hits thp tail page

commit 09789e5d upstream.

Currently memory_failure() calls shake_page() to sweep pages out from
pcplists only when the victim page is 4kB LRU page or thp head page.
But we should do this for a thp tail page too.

Consider that a memory error hits a thp tail page whose head page is on
a pcplist when memory_failure() runs.  Then, the current kernel skips
shake_pages() part, so hwpoison_user_mappings() returns without calling
split_huge_page() nor try_to_unmap() because PageLRU of the thp head is
still cleared due to the skip of shake_page().

As a result, me_huge_page() runs for the thp, which is broken behavior.

One effect is a leak of the thp.  And another is to fail to isolate the
memory error, so later access to the error address causes another MCE,
which kills the processes which used the thp.

This patch fixes this problem by calling shake_page() for thp tail case.

Fixes: 385de357 ("thp: allow a hwpoisoned head page to be put back to LRU")
Signed-off-by: default avatarNaoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Reviewed-by: default avatarAndi Kleen <ak@linux.intel.com>
Acked-by: default avatarDean Nelson <dnelson@redhat.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Cc: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
parent 227421c0
...@@ -1149,10 +1149,10 @@ int memory_failure(unsigned long pfn, int trapno, int flags) ...@@ -1149,10 +1149,10 @@ int memory_failure(unsigned long pfn, int trapno, int flags)
* The check (unnecessarily) ignores LRU pages being isolated and * The check (unnecessarily) ignores LRU pages being isolated and
* walked by the page reclaim code, however that's not a big loss. * walked by the page reclaim code, however that's not a big loss.
*/ */
if (!PageHuge(p) && !PageTransTail(p)) { if (!PageHuge(p)) {
if (!PageLRU(p)) if (!PageLRU(hpage))
shake_page(p, 0); shake_page(hpage, 0);
if (!PageLRU(p)) { if (!PageLRU(hpage)) {
/* /*
* shake_page could have turned it free. * shake_page could have turned it free.
*/ */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment