Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp25764054rwd; Mon, 3 Jul 2023 00:13:55 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7bHh2jlJyWCTvX46C8WhdQw67JMp6lVfQ7nCEkOh/lwW3vPOV51YiUp2ZHmHHLD6yMUo1B X-Received: by 2002:a05:6a21:7899:b0:125:1ca4:a013 with SMTP id bf25-20020a056a21789900b001251ca4a013mr10331282pzc.25.1688368435192; Mon, 03 Jul 2023 00:13:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1688368435; cv=none; d=google.com; s=arc-20160816; b=iRtrHZPODC+KsaswodMw/2VbBQ8tPWdP8SwYukETN4mJVMLf0SDT/eIkrtkVURPwfi KQ2+UlPUuoxEwAQ9YZNTkY37Cm0RiKnYCNK+NZYmfhuGToo9fI/PF8mF70Be7DmQfg2c NoOaANn+PPUSFcGlejisJny3EWMneXBdlsa5U0W0135Qh0tcUn6fTEJuJbBWesOlUq5z XVQtzxEAgNzWV+E7uhW9tF5I+5//KMC05/wrRiYsP0+0xJw3cgA9R8h2zK++K1QyX5mc pbVehW9xx/sPC1F+EoEqMNJWbQo/B2f+8po+jRC/z6zgoKOJ1vXkiKnScif26ae1ikJO jryg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:dkim-signature:date; bh=qgtl3KNejjhGEFo01vKVSysKHUjXjywDSUtFXciTS1E=; fh=dOqGLk4SDb5qQr8Q3BczncTdFF+f9EHUkf+2WbyZJF8=; b=ZHoNyEP33XVpQ27d4xT8e8WgvgN6HRycemulTJZg3D+igwmqPim8RW+TW/DHNscpvW nZNWXIW9+ss/f5O6lsgqEF8uUzvUiRb468ImHg5Se2mOXxXzTKI9F5vwZ4ZMD5YtoyFZ wO9A058/GqWxTsH8uFWlGBej0YlUFO6X384Rfwx8wXYv0C1bkGU8Dzd8Gp30OELuG/8l BK+N5WgRmD/8aEmwI1TFDVZEAdkqngDLcj+TWVl5oONscwh5WnfzfanTiaVS/JmHo+/E NQofxt2nOwNXn4R92bSvaddyx+pmoVcmLj75lBc1TF6nEmHIzxUr48nFwL/+rAlOpgSm keUQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b="n/Jxl3fb"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k13-20020a170902ce0d00b001b025aba9f2si18792454plg.22.2023.07.03.00.13.42; Mon, 03 Jul 2023 00:13:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b="n/Jxl3fb"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230112AbjGCGh1 (ORCPT + 99 others); Mon, 3 Jul 2023 02:37:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44276 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229482AbjGCGh0 (ORCPT ); Mon, 3 Jul 2023 02:37:26 -0400 Received: from out-2.mta0.migadu.com (out-2.mta0.migadu.com [IPv6:2001:41d0:1004:224b::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F2C9DBA for ; Sun, 2 Jul 2023 23:37:24 -0700 (PDT) Date: Mon, 3 Jul 2023 15:37:13 +0900 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1688366240; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=qgtl3KNejjhGEFo01vKVSysKHUjXjywDSUtFXciTS1E=; b=n/Jxl3fbSyGprRr6uYBzHo7yc4dLFYDR4dt+n80peUyflF+Xzu8sLTlg8sU2GQebeUGJnM ClNEb5IjHUFQe4DEO2UOm5mp84wX4ZV2Sd/afQdnzXxVygoHwj3lqPOC0LGCYwJp0YOrMM a3sECEZhChEr1HkaNUBlrLdOEwhSMzk= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Naoya Horiguchi To: Miaohe Lin Cc: akpm@linux-foundation.org, naoya.horiguchi@nec.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] mm: memory-failure: fix potential page refcnt leak in memory_failure() Message-ID: <20230703063713.GA3012709@ik1-406-35019.vs.sakura.ne.jp> References: <20230701072837.1994253-1-linmiaohe@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20230701072837.1994253-1-linmiaohe@huawei.com> X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Jul 01, 2023 at 03:28:37PM +0800, Miaohe Lin wrote: > put_ref_page() is not called to drop extra refcnt when comes from madvise > in the case pfn is valid but pgmap is NULL leading to page refcnt leak. Is this test scenario realistic one? I don't think that we can call madvise() for such a device memory page. If this is the case, this issue can be thought as potentioal one (so no need to send to stable). > > Fixes: 1e8aaedb182d ("mm,memory_failure: always pin the page in madvise_inject_error") > Signed-off-by: Miaohe Lin Anyway, the patch looks good to me. Thanks you. Acked-by: Naoya Horiguchi > --- > mm/memory-failure.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/mm/memory-failure.c b/mm/memory-failure.c > index e245191e6b04..65e2d4c5b50d 100644 > --- a/mm/memory-failure.c > +++ b/mm/memory-failure.c > @@ -2080,8 +2080,6 @@ static int memory_failure_dev_pagemap(unsigned long pfn, int flags, > { > int rc = -ENXIO; > > - put_ref_page(pfn, flags); > - > /* device metadata space is not recoverable */ > if (!pgmap_pfn_valid(pgmap, pfn)) > goto out; > @@ -2157,6 +2155,7 @@ int memory_failure(unsigned long pfn, int flags) > > if (pfn_valid(pfn)) { > pgmap = get_dev_pagemap(pfn, NULL); > + put_ref_page(pfn, flags); > if (pgmap) { > res = memory_failure_dev_pagemap(pfn, flags, > pgmap); > -- > 2.33.0 > > >