On Thu, Aug 18, 2022 at 09:00:11PM +0800, Miaohe Lin wrote:
> When hwpoison_filter() refuses to hwpoison a hugetlb page, the refcnt of
> the page would have been incremented if res == 1. Using put_page() to fix
> the refcnt leaking in this case.
>
> Fixes: 405ce051236c ("mm/hwpoison: fix race between hugetlb free/demotion and memory_failure_hugetlb()")
> Signed-off-by: Miaohe Lin <linmiaohe@xxxxxxxxxx>
Looks good to me, thank you.
Acked-by: Naoya Horiguchi <naoya.horiguchi@xxxxxxx>
> ---
> mm/memory-failure.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/mm/memory-failure.c b/mm/memory-failure.c
> index e48f6f6a259d..22840cd5fe59 100644
> --- a/mm/memory-failure.c
> +++ b/mm/memory-failure.c
> @@ -1860,8 +1860,10 @@ static int try_memory_failure_hugetlb(unsigned long pfn, int flags, int *hugetlb
>
> if (hwpoison_filter(p)) {
> hugetlb_clear_page_hwpoison(head);
> - res = -EOPNOTSUPP;
> - goto out;
> + unlock_page(head);
> + if (res == 1)
> + put_page(head);
> + return -EOPNOTSUPP;
> }
>
> /*
> --
> 2.23.0
