Re: [PATCH v2] mm/migrate_device: fix pgtable leak in migrate_vma_insert_huge_pmd_page

Next message: Bartosz Golaszewski: "Re: [PATCH] gpio: ep93xx: use handle_bad_irq() as default IRQ handler"
Previous message: Florian Weimer: "Re: [REGRESSION] rseq: refactoring in v6.19 broke everyone on arm64 and tcmalloc everywhere"
In reply to: Sunny Patel: "[PATCH v2] mm/migrate_device: fix pgtable leak in migrate_vma_insert_huge_pmd_page"
Next in thread: Huang, Ying: "Re: [PATCH v2] mm/migrate_device: fix pgtable leak in migrate_vma_insert_huge_pmd_page"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Hildenbrand (Arm)

Date: Mon Apr 27 2026 - 03:42:02 EST

On 4/27/26 08:37, Sunny Patel wrote:
> When migrate_vma_insert_huge_pmd_page() jumps to unlock_abort due
> to a PMD check failure, the pgtable allocated earlier via
> pte_alloc_one() is never freed, causing a memory leak.
>
> Add a pte_free() call in the unlock_abort error path to release
> the pgtable before returning.Also included before goto abort in the
> folio check path.
>
> Signed-off-by: Sunny Patel <nueralspacetech@xxxxxxxxx>
> ---

Fixes: a30b48bf1b24 ("mm/migrate_device: implement THP migration of zone device
pages")
Cc: <stable@xxxxxxxxxxxxxxx>

Sashiko moans about a lot of unrelated stuff, one of them fixed by your other
fix, and one of them to be cleaned up by your other patch.

There is another thing about migrate_vma_split_folio() and temporary
split_folio() failures which I think we can ignore.

Acked-by: David Hildenbrand (Arm) <david@xxxxxxxxxx>

--
Cheers,

David