On 11/14/25 20:23, David Hildenbrand (Red Hat) wrote: > On 14.11.25 02:21, Balbir Singh wrote: >> Recent changes exposed a BUG in remove_migration_pmd() where the >> migration entry was being overridden when the folio is device private. >> >> Use scope local entry for creating the device private pmde. Make the >> pmde writable if the migration entry is writable by moving the check >> is_migration_write() prior to creating the device private entry. >> >> Cc: Andrew Morton <[email protected]> >> Cc: David Hildenbrand <[email protected]> >> Cc: Zi Yan <[email protected]> >> Cc: Joshua Hahn <[email protected]> >> Cc: Rakie Kim <[email protected]> >> Cc: Byungchul Park <[email protected]> >> Cc: Gregory Price <[email protected]> >> Cc: Ying Huang <[email protected]> >> Cc: Alistair Popple <[email protected]> >> Cc: Oscar Salvador <[email protected]> >> Cc: Lorenzo Stoakes <[email protected]> >> Cc: Baolin Wang <[email protected]> >> Cc: "Liam R. Howlett" <[email protected]> >> Cc: Nico Pache <[email protected]> >> Cc: Ryan Roberts <[email protected]> >> Cc: Dev Jain <[email protected]> >> Cc: Barry Song <[email protected]> >> Cc: Lyude Paul <[email protected]> >> Cc: Danilo Krummrich <[email protected]> >> Cc: David Airlie <[email protected]> >> Cc: Simona Vetter <[email protected]> >> Cc: Ralph Campbell <[email protected]> >> Cc: Mika Penttilä <[email protected]> >> Cc: Matthew Brost <[email protected]> >> Cc: Francois Dugast <[email protected]> >> >> Signed-off-by: Balbir Singh <[email protected]> >> Reviewed-by: Lorenzo Stoakes <[email protected]> >> --- >> mm/huge_memory.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) >> >> diff --git a/mm/huge_memory.c b/mm/huge_memory.c >> index 9dda8c48daca..df93768a6e15 100644 >> --- a/mm/huge_memory.c >> +++ b/mm/huge_memory.c >> @@ -4698,7 +4698,12 @@ void remove_migration_pmd(struct page_vma_mapped_walk >> *pvmw, struct page *new) >> folio_get(folio); >> pmde = folio_mk_pmd(folio, READ_ONCE(vma->vm_page_prot)); >> + if (is_writable_migration_entry(entry)) >> + pmde = pmd_mkwrite(pmde, vma); >> + >> if (folio_is_device_private(folio)) { >> + swp_entry_t entry; >> + >> if (pmd_write(pmde)) >> entry = make_writable_device_private_entry( >> page_to_pfn(new)); >> @@ -4710,8 +4715,6 @@ void remove_migration_pmd(struct page_vma_mapped_walk >> *pvmw, struct page *new) >> if (pmd_swp_soft_dirty(*pvmw->pmd)) >> pmde = pmd_mksoft_dirty(pmde); >> - if (is_writable_migration_entry(entry)) >> - pmde = pmd_mkwrite(pmde, vma); >> if (pmd_swp_uffd_wp(*pvmw->pmd)) >> pmde = pmd_mkuffd_wp(pmde); >> if (!is_migration_entry_young(entry)) > > There are more problems here: you cannot call pmd_mksoft_dirty() etc on > something that is not a present pmd! We have pmd_swp_mksoft_dirty() and > friends for that. > > So you'll have to completely split both paths. >
I'll follow the pattern of remove_migration_pte(), where all the device private handling and that of pte_swp_soft_dirty and pte_swp_mkuffd_wp is done at the every end after migration processing. Thanks for the review! That might also take up any softleaf fix-up's required, I'll check Balbir Balbir
