From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id F17E1C77B7F for ; Wed, 3 May 2023 15:57:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7002D6B0072; Wed, 3 May 2023 11:57:07 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 689F26B0075; Wed, 3 May 2023 11:57:07 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 551736B0078; Wed, 3 May 2023 11:57:07 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by kanga.kvack.org (Postfix) with ESMTP id 2CD5D6B0072 for ; Wed, 3 May 2023 11:57:07 -0400 (EDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id B7ABB20516; Wed, 3 May 2023 15:57:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1683129426; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=b5qLOBoOgZMOLtrRy7NkkeKNcsJlIk5ADh/xeQl9ea0=; b=JPvf/96owqKct4k1M23vwQ/J4TBbrVpVgqRd52atixHWxbTrSDPsR+lNbiEOJZt53oqfZW wZmZ8Oc2rKdduYYH0zpZDR5L9TBnuzfJMlhN4K9yCVpqJ5cJS50E9JJtUOvPJJUbX3sIiD gE8OFzgWNU/ud/QM1kjVTjAmrRtBFH0= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1683129426; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=b5qLOBoOgZMOLtrRy7NkkeKNcsJlIk5ADh/xeQl9ea0=; b=0tWzV85a4/6lyxK9FvB0R567kFPvxVdYQ7iI9FQg16bbVRckUHr5V7bvq3b3eDf9xJrvGi 2pV/wh8QNwoDttCw== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id AA38113584; Wed, 3 May 2023 15:57:06 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id hqKGKVKEUmSzdQAAMHmgww (envelope-from ); Wed, 03 May 2023 15:57:06 +0000 Received: by quack3.suse.cz (Postfix, from userid 1000) id 334A9A0744; Wed, 3 May 2023 17:57:06 +0200 (CEST) Date: Wed, 3 May 2023 17:57:06 +0200 From: Jan Kara To: Christoph Hellwig Cc: akpm@linux-foundation.org, jack@suse.cz, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, dhowells@redhat.com, marc.dionne@auristor.com, linux-afs@lists.infradead.org, syzbot+48011b86c8ea329af1b9@syzkaller.appspotmail.com Subject: Re: [PATCH 1/2] filemap: fix the conditional folio_put in filemap_fault Message-ID: <20230503155706.3j3y3nlfh6aglhhm@quack3> References: <20230503154526.1223095-1-hch@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230503154526.1223095-1-hch@lst.de> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed 03-05-23 17:45:25, Christoph Hellwig wrote: > folio can't be NULL here now that __filemap_get_folio returns an > ERR_PTR. Remove the conditional folio_put after the out_retry > label and add a new label for the cases where we have a valid folio. > > Fixes: 66dabbb65d67 ("mm: return an ERR_PTR from __filemap_get_folio") > Reported-by: syzbot+48011b86c8ea329af1b9@syzkaller.appspotmail.com > Signed-off-by: Christoph Hellwig Looks good to me. Feel free to add: Reviewed-by: Jan Kara Honza > --- > mm/filemap.c | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > > diff --git a/mm/filemap.c b/mm/filemap.c > index a34abfe8c65430..ae597f63a9bc54 100644 > --- a/mm/filemap.c > +++ b/mm/filemap.c > @@ -3298,7 +3298,7 @@ vm_fault_t filemap_fault(struct vm_fault *vmf) > } > > if (!lock_folio_maybe_drop_mmap(vmf, folio, &fpin)) > - goto out_retry; > + goto out_retry_put_folio; > > /* Did it get truncated? */ > if (unlikely(folio->mapping != mapping)) { > @@ -3334,7 +3334,7 @@ vm_fault_t filemap_fault(struct vm_fault *vmf) > */ > if (fpin) { > folio_unlock(folio); > - goto out_retry; > + goto out_retry_put_folio; > } > if (mapping_locked) > filemap_invalidate_unlock_shared(mapping); > @@ -3363,7 +3363,7 @@ vm_fault_t filemap_fault(struct vm_fault *vmf) > fpin = maybe_unlock_mmap_for_io(vmf, fpin); > error = filemap_read_folio(file, mapping->a_ops->read_folio, folio); > if (fpin) > - goto out_retry; > + goto out_retry_put_folio; > folio_put(folio); > > if (!error || error == AOP_TRUNCATED_PAGE) > @@ -3372,14 +3372,14 @@ vm_fault_t filemap_fault(struct vm_fault *vmf) > > return VM_FAULT_SIGBUS; > > +out_retry_put_folio: > + folio_put(folio); > out_retry: > /* > * We dropped the mmap_lock, we need to return to the fault handler to > * re-find the vma and come back and find our hopefully still populated > * page. > */ > - if (folio) > - folio_put(folio); > if (mapping_locked) > filemap_invalidate_unlock_shared(mapping); > if (fpin) > -- > 2.39.2 > -- Jan Kara SUSE Labs, CR