tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

mm/memfd_luo: remove folio from page cache when accounting fails

In memfd_luo_retrieve_folios(), when shmem_inode_acct_blocks() fails
after successfully adding the folio to the page cache, the code jumps
to unlock_folio without removing the folio from the page cache.

While the folio eventually will be freed when the file is released by
memfd_luo_retrieve(), it is a good idea to directly remove a folio that
was not fully added to the file. This avoids the possibility of
accounting mismatches in shmem or filemap core.

Fix by adding a remove_from_cache label that calls
filemap_remove_folio() before unlocking, matching the error handling
pattern in shmem_alloc_and_add_folio().

This issue was identified by AI review:
https://sashiko.dev/#/patchset/20260323110747.193569-1-duanchenghao@kylinos.cn

[pratyush@kernel.org: changelog alterations]
Link: https://lore.kernel.org/2vxzzf3lfujq.fsf@kernel.org
Link: https://lore.kernel.org/20260326084727.118437-7-duanchenghao@kylinos.cn
Signed-off-by: Chenghao Duan <duanchenghao@kylinos.cn>
Reviewed-by: Pasha Tatashin <pasha.tatashin@soleen.com>
Reviewed-by: Pratyush Yadav <pratyush@kernel.org>
Cc: Haoran Jiang <jianghaoran@kylinos.cn>
Cc: Mike Rapoport (Microsoft) <rppt@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Chenghao Duan and committed by
Andrew Morton dc44f32f 3538f90a

+3 -1
+3 -1
mm/memfd_luo.c
··· 461 461 if (err) { 462 462 pr_err("shmem: failed to account folio index %ld(%ld pages): %d\n", 463 463 i, npages, err); 464 - goto unlock_folio; 464 + goto remove_from_cache; 465 465 } 466 466 467 467 nr_added_pages += npages; ··· 474 474 475 475 return 0; 476 476 477 + remove_from_cache: 478 + filemap_remove_folio(folio); 477 479 unlock_folio: 478 480 folio_unlock(folio); 479 481 folio_put(folio);