Re: [PATCH v2] mm/gup.c: Fix return value for __gup_longterm_locked()

Shigeru Yoshida <syoshida@xxxxxxxxxx> · Tue, 23 Aug 2022 18:05:36 +0900 (JST)

On Tue, 23 Aug 2022 11:15:29 +1000, Alistair Popple wrote:
> 
> Shigeru Yoshida <syoshida@xxxxxxxxxx> writes:
> 
>> __get_user_pages_locked() may return the number of pages less than
>> nr_pages.  So __gup_longterm_locked() have to return the number of
>> pages __get_user_pages_locked() returns if it succeeded, not nr_pages
>> requested.
> 
> Thanks for fixing this, I've been out the last few days so just catching
> up. I think I missed that 'rc' was passed as nr_pages into
> check_and_migrate_movable_pages(). Will double check that I don't make
> the same mistake in my latest series.

Thank you so much for your review.  Andrew has already applied the patch.

>> Fixes: 61c63c2076d9 (mm/gup.c: simplify and fix check_and_migrate_movable_pages() return codes)
> 
> I couldn't find that SHA1, I'm guessing due to rebasing, etc. of
> mm-unstable? Not sure how that is dealt with, but feel free to also add:

Yes, actually this hash is from from linux-next tree.

Thanks,
Shigeru

> Reviewed-by: Alistair Popple <apopple@xxxxxxxxxx>
> 
>> CC: Alistair Popple <apopple@xxxxxxxxxx>
>> Reported-by: syzbot+616ff0452fec30f4dcfd@xxxxxxxxxxxxxxxxxxxxxxxxx
>> Reviewed-by: John Hubbard <jhubbard@xxxxxxxxxx>
>> Signed-off-by: Shigeru Yoshida <syoshida@xxxxxxxxxx>
>> ---
>>  mm/gup.c | 14 ++++++++------
>>  1 file changed, 8 insertions(+), 6 deletions(-)
>>
>> diff --git a/mm/gup.c b/mm/gup.c
>> index 5aa7531a703b..66582203220a 100644
>> --- a/mm/gup.c
>> +++ b/mm/gup.c
>> @@ -2068,22 +2068,24 @@ static long __gup_longterm_locked(struct mm_struct *mm,
>>  				  unsigned int gup_flags)
>>  {
>>  	unsigned int flags;
>> -	long rc;
>> +	long rc, nr_pinned_pages;
>>
>>  	if (!(gup_flags & FOLL_LONGTERM))
>>  		return __get_user_pages_locked(mm, start, nr_pages, pages, vmas,
>>  					       NULL, gup_flags);
>>  	flags = memalloc_pin_save();
>>  	do {
>> -		rc = __get_user_pages_locked(mm, start, nr_pages, pages, vmas,
>> -					     NULL, gup_flags);
>> -		if (rc <= 0)
>> +		nr_pinned_pages =
>> +			__get_user_pages_locked(mm, start, nr_pages, pages,
>> +						vmas, NULL, gup_flags);
>> +		if (nr_pinned_pages <= 0)
>>  			break;
>> -		rc = check_and_migrate_movable_pages(rc, pages, gup_flags);
>> +		rc = check_and_migrate_movable_pages(nr_pinned_pages, pages,
>> +						     gup_flags);
>>  	} while (rc == -EAGAIN);
>>  	memalloc_pin_restore(flags);
>>
>> -	return rc ? rc : nr_pages;
>> +	return rc ? rc : nr_pinned_pages;
>>  }
>>
>>  static bool is_valid_gup_flags(unsigned int gup_flags)
> 