mm/huge_memory.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)
Recent changes exposed a BUG in remove_migration_pmd() where the
migration entry was being overridden when the folio is device private.
Use scope local entry for creating the device private pmde. Make the
pmde writable if the migration entry is writable by moving the check
is_migration_write() prior to creating the device private entry.
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Zi Yan <ziy@nvidia.com>
Cc: Joshua Hahn <joshua.hahnjy@gmail.com>
Cc: Rakie Kim <rakie.kim@sk.com>
Cc: Byungchul Park <byungchul@sk.com>
Cc: Gregory Price <gourry@gourry.net>
Cc: Ying Huang <ying.huang@linux.alibaba.com>
Cc: Alistair Popple <apopple@nvidia.com>
Cc: Oscar Salvador <osalvador@suse.de>
Cc: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
Cc: Baolin Wang <baolin.wang@linux.alibaba.com>
Cc: "Liam R. Howlett" <Liam.Howlett@oracle.com>
Cc: Nico Pache <npache@redhat.com>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Dev Jain <dev.jain@arm.com>
Cc: Barry Song <baohua@kernel.org>
Cc: Lyude Paul <lyude@redhat.com>
Cc: Danilo Krummrich <dakr@kernel.org>
Cc: David Airlie <airlied@gmail.com>
Cc: Simona Vetter <simona@ffwll.ch>
Cc: Ralph Campbell <rcampbell@nvidia.com>
Cc: Mika Penttilä <mpenttil@redhat.com>
Cc: Matthew Brost <matthew.brost@intel.com>
Cc: Francois Dugast <francois.dugast@intel.com>
Signed-off-by: Balbir Singh <balbirs@nvidia.com>
Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
---
mm/huge_memory.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/mm/huge_memory.c b/mm/huge_memory.c
index 9dda8c48daca..df93768a6e15 100644
--- a/mm/huge_memory.c
+++ b/mm/huge_memory.c
@@ -4698,7 +4698,12 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new)
folio_get(folio);
pmde = folio_mk_pmd(folio, READ_ONCE(vma->vm_page_prot));
+ if (is_writable_migration_entry(entry))
+ pmde = pmd_mkwrite(pmde, vma);
+
if (folio_is_device_private(folio)) {
+ swp_entry_t entry;
+
if (pmd_write(pmde))
entry = make_writable_device_private_entry(
page_to_pfn(new));
@@ -4710,8 +4715,6 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new)
if (pmd_swp_soft_dirty(*pvmw->pmd))
pmde = pmd_mksoft_dirty(pmde);
- if (is_writable_migration_entry(entry))
- pmde = pmd_mkwrite(pmde, vma);
if (pmd_swp_uffd_wp(*pvmw->pmd))
pmde = pmd_mkuffd_wp(pmde);
if (!is_migration_entry_young(entry))
--
2.51.1
On 14.11.25 02:21, Balbir Singh wrote:
> Recent changes exposed a BUG in remove_migration_pmd() where the
> migration entry was being overridden when the folio is device private.
>
> Use scope local entry for creating the device private pmde. Make the
> pmde writable if the migration entry is writable by moving the check
> is_migration_write() prior to creating the device private entry.
>
> Cc: Andrew Morton <akpm@linux-foundation.org>
> Cc: David Hildenbrand <david@redhat.com>
> Cc: Zi Yan <ziy@nvidia.com>
> Cc: Joshua Hahn <joshua.hahnjy@gmail.com>
> Cc: Rakie Kim <rakie.kim@sk.com>
> Cc: Byungchul Park <byungchul@sk.com>
> Cc: Gregory Price <gourry@gourry.net>
> Cc: Ying Huang <ying.huang@linux.alibaba.com>
> Cc: Alistair Popple <apopple@nvidia.com>
> Cc: Oscar Salvador <osalvador@suse.de>
> Cc: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
> Cc: Baolin Wang <baolin.wang@linux.alibaba.com>
> Cc: "Liam R. Howlett" <Liam.Howlett@oracle.com>
> Cc: Nico Pache <npache@redhat.com>
> Cc: Ryan Roberts <ryan.roberts@arm.com>
> Cc: Dev Jain <dev.jain@arm.com>
> Cc: Barry Song <baohua@kernel.org>
> Cc: Lyude Paul <lyude@redhat.com>
> Cc: Danilo Krummrich <dakr@kernel.org>
> Cc: David Airlie <airlied@gmail.com>
> Cc: Simona Vetter <simona@ffwll.ch>
> Cc: Ralph Campbell <rcampbell@nvidia.com>
> Cc: Mika Penttilä <mpenttil@redhat.com>
> Cc: Matthew Brost <matthew.brost@intel.com>
> Cc: Francois Dugast <francois.dugast@intel.com>
>
> Signed-off-by: Balbir Singh <balbirs@nvidia.com>
> Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
> ---
> mm/huge_memory.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/mm/huge_memory.c b/mm/huge_memory.c
> index 9dda8c48daca..df93768a6e15 100644
> --- a/mm/huge_memory.c
> +++ b/mm/huge_memory.c
> @@ -4698,7 +4698,12 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new)
> folio_get(folio);
> pmde = folio_mk_pmd(folio, READ_ONCE(vma->vm_page_prot));
>
> + if (is_writable_migration_entry(entry))
> + pmde = pmd_mkwrite(pmde, vma);
> +
> if (folio_is_device_private(folio)) {
> + swp_entry_t entry;
> +
> if (pmd_write(pmde))
> entry = make_writable_device_private_entry(
> page_to_pfn(new));
> @@ -4710,8 +4715,6 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new)
>
> if (pmd_swp_soft_dirty(*pvmw->pmd))
> pmde = pmd_mksoft_dirty(pmde);
> - if (is_writable_migration_entry(entry))
> - pmde = pmd_mkwrite(pmde, vma);
> if (pmd_swp_uffd_wp(*pvmw->pmd))
> pmde = pmd_mkuffd_wp(pmde);
> if (!is_migration_entry_young(entry))
There are more problems here: you cannot call pmd_mksoft_dirty() etc on
something that is not a present pmd! We have pmd_swp_mksoft_dirty() and
friends for that.
So you'll have to completely split both paths.
--
Cheers
David
On 11/14/25 20:23, David Hildenbrand (Red Hat) wrote:
> On 14.11.25 02:21, Balbir Singh wrote:
>> Recent changes exposed a BUG in remove_migration_pmd() where the
>> migration entry was being overridden when the folio is device private.
>>
>> Use scope local entry for creating the device private pmde. Make the
>> pmde writable if the migration entry is writable by moving the check
>> is_migration_write() prior to creating the device private entry.
>>
>> Cc: Andrew Morton <akpm@linux-foundation.org>
>> Cc: David Hildenbrand <david@redhat.com>
>> Cc: Zi Yan <ziy@nvidia.com>
>> Cc: Joshua Hahn <joshua.hahnjy@gmail.com>
>> Cc: Rakie Kim <rakie.kim@sk.com>
>> Cc: Byungchul Park <byungchul@sk.com>
>> Cc: Gregory Price <gourry@gourry.net>
>> Cc: Ying Huang <ying.huang@linux.alibaba.com>
>> Cc: Alistair Popple <apopple@nvidia.com>
>> Cc: Oscar Salvador <osalvador@suse.de>
>> Cc: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
>> Cc: Baolin Wang <baolin.wang@linux.alibaba.com>
>> Cc: "Liam R. Howlett" <Liam.Howlett@oracle.com>
>> Cc: Nico Pache <npache@redhat.com>
>> Cc: Ryan Roberts <ryan.roberts@arm.com>
>> Cc: Dev Jain <dev.jain@arm.com>
>> Cc: Barry Song <baohua@kernel.org>
>> Cc: Lyude Paul <lyude@redhat.com>
>> Cc: Danilo Krummrich <dakr@kernel.org>
>> Cc: David Airlie <airlied@gmail.com>
>> Cc: Simona Vetter <simona@ffwll.ch>
>> Cc: Ralph Campbell <rcampbell@nvidia.com>
>> Cc: Mika Penttilä <mpenttil@redhat.com>
>> Cc: Matthew Brost <matthew.brost@intel.com>
>> Cc: Francois Dugast <francois.dugast@intel.com>
>>
>> Signed-off-by: Balbir Singh <balbirs@nvidia.com>
>> Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
>> ---
>> mm/huge_memory.c | 7 +++++--
>> 1 file changed, 5 insertions(+), 2 deletions(-)
>>
>> diff --git a/mm/huge_memory.c b/mm/huge_memory.c
>> index 9dda8c48daca..df93768a6e15 100644
>> --- a/mm/huge_memory.c
>> +++ b/mm/huge_memory.c
>> @@ -4698,7 +4698,12 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new)
>> folio_get(folio);
>> pmde = folio_mk_pmd(folio, READ_ONCE(vma->vm_page_prot));
>> + if (is_writable_migration_entry(entry))
>> + pmde = pmd_mkwrite(pmde, vma);
>> +
>> if (folio_is_device_private(folio)) {
>> + swp_entry_t entry;
>> +
>> if (pmd_write(pmde))
>> entry = make_writable_device_private_entry(
>> page_to_pfn(new));
>> @@ -4710,8 +4715,6 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new)
>> if (pmd_swp_soft_dirty(*pvmw->pmd))
>> pmde = pmd_mksoft_dirty(pmde);
>> - if (is_writable_migration_entry(entry))
>> - pmde = pmd_mkwrite(pmde, vma);
>> if (pmd_swp_uffd_wp(*pvmw->pmd))
>> pmde = pmd_mkuffd_wp(pmde);
>> if (!is_migration_entry_young(entry))
>
> There are more problems here: you cannot call pmd_mksoft_dirty() etc on something that is not a present pmd! We have pmd_swp_mksoft_dirty() and friends for that.
>
> So you'll have to completely split both paths.
>
I'll follow the pattern of remove_migration_pte(), where all the device private handling
and that of pte_swp_soft_dirty and pte_swp_mkuffd_wp is done at the every end after
migration processing.
Thanks for the review! That might also take up any softleaf fix-up's required, I'll check
Balbir
Balbir
On 11/14/25 12:21, Balbir Singh wrote: > Recent changes exposed a BUG in remove_migration_pmd() where the > migration entry was being overridden when the folio is device private. > > Use scope local entry for creating the device private pmde. Make the > pmde writable if the migration entry is writable by moving the check > is_migration_write() prior to creating the device private entry. > > Cc: Andrew Morton <akpm@linux-foundation.org> > Cc: David Hildenbrand <david@redhat.com> > Cc: Zi Yan <ziy@nvidia.com> > Cc: Joshua Hahn <joshua.hahnjy@gmail.com> > Cc: Rakie Kim <rakie.kim@sk.com> > Cc: Byungchul Park <byungchul@sk.com> > Cc: Gregory Price <gourry@gourry.net> > Cc: Ying Huang <ying.huang@linux.alibaba.com> > Cc: Alistair Popple <apopple@nvidia.com> > Cc: Oscar Salvador <osalvador@suse.de> > Cc: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > Cc: Baolin Wang <baolin.wang@linux.alibaba.com> > Cc: "Liam R. Howlett" <Liam.Howlett@oracle.com> > Cc: Nico Pache <npache@redhat.com> > Cc: Ryan Roberts <ryan.roberts@arm.com> > Cc: Dev Jain <dev.jain@arm.com> > Cc: Barry Song <baohua@kernel.org> > Cc: Lyude Paul <lyude@redhat.com> > Cc: Danilo Krummrich <dakr@kernel.org> > Cc: David Airlie <airlied@gmail.com> > Cc: Simona Vetter <simona@ffwll.ch> > Cc: Ralph Campbell <rcampbell@nvidia.com> > Cc: Mika Penttilä <mpenttil@redhat.com> > Cc: Matthew Brost <matthew.brost@intel.com> > Cc: Francois Dugast <francois.dugast@intel.com> > > Signed-off-by: Balbir Singh <balbirs@nvidia.com> > Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > --- > mm/huge_memory.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > Hi, Andrew This patch fixes a bug in mm/rmap: extend rmap and migration support device-private entries in the thp device-private series. Thanks, Balbir
On 14.11.25 02:24, Balbir Singh wrote: > On 11/14/25 12:21, Balbir Singh wrote: >> Recent changes exposed a BUG in remove_migration_pmd() where the >> migration entry was being overridden when the folio is device private. >> >> Use scope local entry for creating the device private pmde. Make the >> pmde writable if the migration entry is writable by moving the check >> is_migration_write() prior to creating the device private entry. >> >> Cc: Andrew Morton <akpm@linux-foundation.org> >> Cc: David Hildenbrand <david@redhat.com> >> Cc: Zi Yan <ziy@nvidia.com> >> Cc: Joshua Hahn <joshua.hahnjy@gmail.com> >> Cc: Rakie Kim <rakie.kim@sk.com> >> Cc: Byungchul Park <byungchul@sk.com> >> Cc: Gregory Price <gourry@gourry.net> >> Cc: Ying Huang <ying.huang@linux.alibaba.com> >> Cc: Alistair Popple <apopple@nvidia.com> >> Cc: Oscar Salvador <osalvador@suse.de> >> Cc: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> >> Cc: Baolin Wang <baolin.wang@linux.alibaba.com> >> Cc: "Liam R. Howlett" <Liam.Howlett@oracle.com> >> Cc: Nico Pache <npache@redhat.com> >> Cc: Ryan Roberts <ryan.roberts@arm.com> >> Cc: Dev Jain <dev.jain@arm.com> >> Cc: Barry Song <baohua@kernel.org> >> Cc: Lyude Paul <lyude@redhat.com> >> Cc: Danilo Krummrich <dakr@kernel.org> >> Cc: David Airlie <airlied@gmail.com> >> Cc: Simona Vetter <simona@ffwll.ch> >> Cc: Ralph Campbell <rcampbell@nvidia.com> >> Cc: Mika Penttilä <mpenttil@redhat.com> >> Cc: Matthew Brost <matthew.brost@intel.com> >> Cc: Francois Dugast <francois.dugast@intel.com> >> >> Signed-off-by: Balbir Singh <balbirs@nvidia.com> >> Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> >> --- >> mm/huge_memory.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) >> > > Hi, Andrew > > This patch fixes a bug in mm/rmap: extend rmap and migration support device-private entries > in the thp device-private series. When you resend, best to add under the "--" something like "This fixup should be squashed into the patch "$NAMEOFCOMMIT" in mm/mm-unstable" It is also helpful to call the patch then "fixup: $NAMEOFCOMMIT" So it's immediately clear that this is something to be squashed. -- Cheers David
© 2016 - 2025 Red Hat, Inc.