tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

mm/vmscan: fix unintended mtc->nmask mutation in alloc_demote_folio()

In alloc_demote_folio(), mtc->nmask is set to NULL for the first
allocation. If that succeeds, it returns without restoring mtc->nmask to
allowed_mask. For subsequent allocations from the migrate_pages() batch,
mtc->nmask will be NULL. If the target node then becomes full, the
fallback allocation will use nmask = NULL, allocating from any node
allowed by the task cpuset, which for kswapd is all nodes.

To address this issue, use a local copy of the mtc structure with nmask =
NULL for the first allocation attempt specifically, ensuring the original
mtc remains unmodified.

Link: https://lkml.kernel.org/r/20260303052519.109244-1-bingjiao@google.com
Fixes: 320080272892 ("mm/demotion: demote pages according to allocation fallback order")
Signed-off-by: Bing Jiao <bingjiao@google.com>
Acked-by: David Hildenbrand (Arm) <david@kernel.org>
Reviewed-by: Lorenzo Stoakes (Oracle) <ljs@kernel.org>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: Qi Zheng <zhengqi.arch@bytedance.com>
Cc: Shakeel Butt <shakeel.butt@linux.dev>
Cc: Wei Xu <weixugc@google.com>
Cc: Yuanchu Xie <yuanchu@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Bing Jiao and committed by
Andrew Morton d9f74cfb 90963271

+5 -9
+5 -9
mm/vmscan.c
··· 985 985 static struct folio *alloc_demote_folio(struct folio *src, 986 986 unsigned long private) 987 987 { 988 + struct migration_target_control *mtc, target_nid_mtc; 988 989 struct folio *dst; 989 - nodemask_t *allowed_mask; 990 - struct migration_target_control *mtc; 991 990 992 991 mtc = (struct migration_target_control *)private; 993 992 994 - allowed_mask = mtc->nmask; 995 993 /* 996 994 * make sure we allocate from the target node first also trying to 997 995 * demote or reclaim pages from the target node via kswapd if we are ··· 999 1001 * a demotion of cold pages from the target memtier. This can result 1000 1002 * in the kernel placing hot pages in slower(lower) memory tiers. 1001 1003 */ 1002 - mtc->nmask = NULL; 1003 - mtc->gfp_mask |= __GFP_THISNODE; 1004 - dst = alloc_migration_target(src, (unsigned long)mtc); 1004 + target_nid_mtc = *mtc; 1005 + target_nid_mtc.nmask = NULL; 1006 + target_nid_mtc.gfp_mask |= __GFP_THISNODE; 1007 + dst = alloc_migration_target(src, (unsigned long)&target_nid_mtc); 1005 1008 if (dst) 1006 1009 return dst; 1007 - 1008 - mtc->gfp_mask &= ~__GFP_THISNODE; 1009 - mtc->nmask = allowed_mask; 1010 1010 1011 1011 return alloc_migration_target(src, (unsigned long)mtc); 1012 1012 }