Re: [PATCH 12/16] mm/migration: fix potential page refcounts leak in migrate_pages

From: Huang, Ying
Date: Mon Mar 07 2022 - 00:01:42 EST


Miaohe Lin <linmiaohe@xxxxxxxxxx> writes:

> In -ENOMEM case, there might be some subpages of fail-to-migrate THPs
> left in thp_split_pages list. We should move them back to migration
> list so that they could be put back to the right list by the caller
> otherwise the page refcnt will be leaked here. Also adjust nr_failed
> and nr_thp_failed accordingly to make vm events account more accurate.
>
> Fixes: b5bade978e9b ("mm: migrate: fix the return value of migrate_pages()")
> Signed-off-by: Miaohe Lin <linmiaohe@xxxxxxxxxx>
> ---
> mm/migrate.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/mm/migrate.c b/mm/migrate.c
> index e0db06927f02..6c2dfed2ddb8 100644
> --- a/mm/migrate.c
> +++ b/mm/migrate.c
> @@ -1422,6 +1422,15 @@ int migrate_pages(struct list_head *from, new_page_t get_new_page,
> }
>
> nr_failed_pages += nr_subpages;
> + /*
> + * There might be some subpages of fail-to-migrate THPs
> + * left in thp_split_pages list. Move them back to migration
> + * list so that they could be put back to the right list by
> + * the caller otherwise the page refcnt will be leaked.
> + */
> + list_splice_init(&thp_split_pages, from);
> + nr_failed += retry;

It appears that we don't need to change nr_failed, because we don't use
it for this situation. Otherwise looks good to me.

Reviewed-by: "Huang, Ying" <ying.huang@xxxxxxxxx>

Best Regards,
Huang, Ying

> + nr_thp_failed += thp_retry;
> goto out;
> case -EAGAIN:
> if (is_thp)