    mm/hmm: fix bad subpage pointer in try_to_unmap_one · 1de13ee5
    Ralph Campbell authored
    When migrating an anonymous private page to a ZONE_DEVICE private page,
    the source page->mapping and page->index fields are copied to the
    destination ZONE_DEVICE struct page and the page_mapcount() is
    increased.  This is so rmap_walk() can be used to unmap and migrate the
    page back to system memory.
    However, try_to_unmap_one() computes the subpage pointer from a swap pte
    which computes an invalid page pointer and a kernel panic results such
      BUG: unable to handle page fault for address: ffffea1fffffffc8
    Currently, only single pages can be migrated to device private memory so
    no subpage computation is needed and it can be set to "page".
    [rcampbell@nvidia.com: add comment]
      Link: http://lkml.kernel.org/r/20190724232700.23327-4-rcampbell@nvidia.com
    Link: http://lkml.kernel.org/r/20190719192955.30462-4-rcampbell@nvidia.com
    Fixes: a5430dda ("mm/migrate: support un-addressable ZONE_DEVICE page in migration")
    Signed-off-by: default avatarRalph Campbell <rcampbell@nvidia.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
