Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp1355135imw;
        Sat, 9 Jul 2022 02:45:55 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1uRRrammnUml0EuETqZQ80yEGC7ypOIV0CNhZ2BJCe7QTTKC1JtZXq62Zy6RUpMeyyvRtKB
X-Received: by 2002:a17:902:9348:b0:167:8e92:272f with SMTP id g8-20020a170902934800b001678e92272fmr8030064plp.77.1657359954841;
        Sat, 09 Jul 2022 02:45:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1657359954; cv=none;
        d=google.com; s=arc-20160816;
        b=WPlci03OmXZHFGH6lAEVaL8FibIO4GkQbayhT8oOhHKtEP9w7IbwdkK/A7nZySkJcg
         Rozzg+xZ8zCXoiWEHVgTydPoX5xQ7Daweva2UPpVEJbLJabYCDWG3tlMoOA5YrO0Th/v
         YBoJ/QeoFIiB0NiKAcJYoeDckAv6wkSmwXEfL8bGSGamX7om+2ottsmiq+px0Aq0v62H
         K7dJjrdxMgV8jgtU0yPgLTSaGtoApL444kd2DTcvHqD24NWGc7wqxbnzs5GwJ7IOFFvm
         X2+8kBeYcc//rjynrDWjMtcJZsVK43a9Fly8iosll8JmASCK4C7Bz2TwoAM8UhTzdLUc
         V1HA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=dsIQAqO7o34nue81j2oQ9H1A2IWEuQBDQAJvR3KDbNM=;
        b=wAA0lbthFRdkm+6cJ8vbKi/zvSLINZLaiBhvgqHvpYUpIBGTaGfBAccTvM9eRaXUpl
         3oFpennwF3bdUxNoXvLMCYuzyJUDUixYxAWgZeh0evbLCTe5yAs9Jx59QzQsZ4Nyr7mE
         CDxAOQBlJ6LPrJa+3t94EhvnaAABnIks7t171qrUibunmlzb9ogt6w0tZzTmPl+xi/Gc
         MTcyj3biBOixSn1211x/xplDSrPdDdNxDGp35+nUW8P1PYO+E7nqPEcmmYyfn3eZZuLj
         4FV1x+kUHwZ1bIg6WLAqhtFs+w1i7jA06EwBLAW5XRXmb9kzxsXwrIkTNTxa44IsTu/Z
         mDlA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id d18-20020a634f12000000b00403f98eb964si1800358pgb.202.2022.07.09.02.45.42;
        Sat, 09 Jul 2022 02:45:54 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229590AbiGIJ0l (ORCPT <rfc822;alex.slater.dev@gmail.com>
        + 99 others); Sat, 9 Jul 2022 05:26:41 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36714 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229379AbiGIJ0k (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 9 Jul 2022 05:26:40 -0400
Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DA98568708
        for <linux-kernel@vger.kernel.org>; Sat,  9 Jul 2022 02:26:38 -0700 (PDT)
Received: from canpemm500002.china.huawei.com (unknown [172.30.72.54])
        by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4Lg4SK4xJWzTgTd;
        Sat,  9 Jul 2022 17:22:57 +0800 (CST)
Received: from huawei.com (10.175.124.27) by canpemm500002.china.huawei.com
 (7.192.104.244) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Sat, 9 Jul
 2022 17:26:36 +0800
From:   Miaohe Lin <linmiaohe@huawei.com>
To:     <akpm@linux-foundation.org>, <mike.kravetz@oracle.com>,
        <songmuchun@bytedance.com>
CC:     <linux-mm@kvack.org>, <linux-kernel@vger.kernel.org>,
        <linmiaohe@huawei.com>
Subject: [PATCH] hugetlb: fix memoryleak in hugetlb_mcopy_atomic_pte
Date:   Sat, 9 Jul 2022 17:26:29 +0800
Message-ID: <20220709092629.54291-1-linmiaohe@huawei.com>
X-Mailer: git-send-email 2.23.0
MIME-Version: 1.0
Content-Transfer-Encoding: 7BIT
Content-Type:   text/plain; charset=US-ASCII
X-Originating-IP: [10.175.124.27]
X-ClientProxiedBy: dggems701-chm.china.huawei.com (10.3.19.178) To
 canpemm500002.china.huawei.com (7.192.104.244)
X-CFilter-Loop: Reflected
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

When alloc_huge_page fails, *pagep is set to NULL without put_page first.
So the hugepage indicated by *pagep is leaked.

Fixes: 8cc5fcbb5be8 ("mm, hugetlb: fix racy resv_huge_pages underflow on UFFDIO_COPY")
Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>
---
 mm/hugetlb.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mm/hugetlb.c b/mm/hugetlb.c
index 06c2d86b1ba3..598c37279fee 100644
--- a/mm/hugetlb.c
+++ b/mm/hugetlb.c
@@ -5962,6 +5962,7 @@ int hugetlb_mcopy_atomic_pte(struct mm_struct *dst_mm,
 
 		page = alloc_huge_page(dst_vma, dst_addr, 0);
 		if (IS_ERR(page)) {
+			put_page(*pagep);
 			ret = -ENOMEM;
 			*pagep = NULL;
 			goto out;
-- 
2.23.0