Subject: Re: [PATCH] hugetlb: fix hugetlb cgroup refcounting during mremap To: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Bui Quang Minh <minhquangbui99@xxxxxxxxx> Cc: Miaohe Lin <linmiaohe@xxxxxxxxxx>, Michal Hocko <mhocko@xxxxxxxx>, Muchun Song <songmuchun@xxxxxxxxxxxxx>, Mina Almasry <almasrymina@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-mm@xxxxxxxxx Bcc: -=-=-=-=-=-=-=-=-=# Don't remove this line #=-=-=-=-=-=-=-=-=- On 11/15/21 1:16 PM, Andrew Morton wrote: > On Sat, 13 Nov 2021 22:44:10 +0700 Bui Quang Minh <minhquangbui99@xxxxxxxxx> wrote: > >> When hugetlb_vm_op_open() is called during copy_vma(), we may take the >> reference to resv_map->css. Later, when clearing the reservation pointer >> of old_vma after transferring it to new_vma, we forget to drop the >> reference to resv_map->css. This leads to a reference leak of css. >> >> Fixes this by adding a check to drop reservation css reference in >> clear_vma_resv_huge_pages() Good catch! Sorry I missed this in my review. Reviewed-by: Mike Kravetz <mike.kravetz@xxxxxxxxxx > Thanks. I added cc:stable to this (550a7d60bd5e35a was merged a year > ago) and I've queued it for 5.16-rc2, pending suitable reviewer feedback. I may be confused, but 550a7d60bd5e35a was just merged in 5.16-rc1 so no need for cc:stable. -- Mike Kravetz
