Commit 97d255c8 authored by Minchan Kim's avatar Minchan Kim Committed by Linus Torvalds

mm: do not use page_count() without a page pin

d179e84b ("mm: vmscan: do not use page_count without a page pin") fixed
this problem in vmscan.c but same problem is in __count_immobile_pages().

I copy and paste d179e84b's contents for description.

"It is unsafe to run page_count during the physical pfn scan because
compound_head could trip on a dangling pointer when reading
page->first_page if the compound page is being freed by another CPU."
Signed-off-by: default avatarMinchan Kim <minchan@kernel.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Michal Hocko <mhocko@suse.cz>
Reviewed-by: default avatarKAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Wanpeng Li <liwp.linux@gmail.com>
Cc: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent de34d965
...@@ -5500,11 +5500,18 @@ __count_immobile_pages(struct zone *zone, struct page *page, int count) ...@@ -5500,11 +5500,18 @@ __count_immobile_pages(struct zone *zone, struct page *page, int count)
continue; continue;
page = pfn_to_page(check); page = pfn_to_page(check);
if (!page_count(page)) { /*
* We can't use page_count without pin a page
* because another CPU can free compound page.
* This check already skips compound tails of THP
* because their page->_count is zero at all time.
*/
if (!atomic_read(&page->_count)) {
if (PageBuddy(page)) if (PageBuddy(page))
iter += (1 << page_order(page)) - 1; iter += (1 << page_order(page)) - 1;
continue; continue;
} }
if (!PageLRU(page)) if (!PageLRU(page))
found++; found++;
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment