From nobody Wed Jan 22 10:09:48 2025
Received: from SHSQR01.spreadtrum.com (mx1.unisoc.com [222.66.158.135])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 751A533E4
	for <linux-kernel@vger.kernel.org>; Wed, 22 Jan 2025 01:29:15 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=222.66.158.135
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1737509360; cv=none;
 b=g2CcuGNsiNrsdHutHh5izsgJTun0KX836jA6ZFJm34TnASEkg5rxSaj3cMJ+IjMFyKAcuJwZveP5K1keA2vESi9wsW0YMpml+0hfvih+Q6zzC1gS89ZNFx2J4a3DkCxb0G8Rj8SowoIhw3mzHMMIvkHH5s3r41UwBy9rQRpczAI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1737509360; c=relaxed/simple;
	bh=hrNJmgUkUPDxWSlSNrdiruNLBB5tXHjJGPuC+RSi/u0=;
	h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type;
 b=BMpJCvftmhrJGtBZ1XUuJTQUORsWa3pnpdd+yj6qDnQYrs9XhilE/TTb4V2ZQweZUjS+6aEq2SWxPopdcE8W8qOHUPjsDUKWXy4v46C+R9pmcElW5C2nZqAPjTrzKuo0Tp7BT84dUcn+cUwd1dPzMtvwTKjUm83bqqDigL6pCbY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=unisoc.com;
 spf=pass smtp.mailfrom=unisoc.com; arc=none smtp.client-ip=222.66.158.135
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=unisoc.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=unisoc.com
Received: from dlp.unisoc.com ([10.29.3.86])
	by SHSQR01.spreadtrum.com with ESMTP id 50M1QGxK046972;
	Wed, 22 Jan 2025 09:26:16 +0800 (+08)
	(envelope-from zhaoyang.huang@unisoc.com)
Received: from SHDLP.spreadtrum.com (bjmbx01.spreadtrum.com [10.0.64.7])
	by dlp.unisoc.com (SkyGuard) with ESMTPS id 4Yd5t2458bz2P2yJ5;
	Wed, 22 Jan 2025 09:22:50 +0800 (CST)
Received: from bj03382pcu01.spreadtrum.com (10.0.73.40) by
 BJMBX01.spreadtrum.com (10.0.64.7) with Microsoft SMTP Server (TLS) id
 15.0.1497.23; Wed, 22 Jan 2025 09:26:12 +0800
From: "zhaoyang.huang" <zhaoyang.huang@unisoc.com>
To: Andrew Morton <akpm@linux-foundation.org>,
        Alistair Popple
	<apopple@nvidia.com>,
        John Hubbard <jhubbard@nvidia.com>, <linux-mm@kvack.org>,
        <linux-kernel@vger.kernel.org>,
        Zhaoyang Huang
	<huangzhaoyang@gmail.com>, <steve.kang@unisoc.com>,
        <aijun.sun@unisoc.com>
Subject: [PATCH v3] mm: gup: fix infinite loop within __get_longterm_locked
Date: Wed, 22 Jan 2025 09:26:04 +0800
Message-ID: <20250122012604.3654667-1-zhaoyang.huang@unisoc.com>
X-Mailer: git-send-email 2.25.1
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ClientProxiedBy: SHCAS03.spreadtrum.com (10.0.1.207) To
 BJMBX01.spreadtrum.com (10.0.64.7)
X-MAIL: SHSQR01.spreadtrum.com 50M1QGxK046972
Content-Type: text/plain; charset="utf-8"

From: Zhaoyang Huang <zhaoyang.huang@unisoc.com>

We can run into an infinite loop in __get_longterm_locked() when
collect_longterm_unpinnable_folios() finds only folios that are isolated
from the LRU or were never added to the LRU. This can happen when all
folios to be pinned are never added to the LRU, for example when
vm_ops->fault allocated pages using cma_alloc() and never added them to
the LRU.

Fix it by simply taking a look at the list in the single caller, to see
if anything was added.

Fixes: 67e139b02d99 ("mm/gup.c: refactor check_and_migrate_movable_pages()")

Reviewed-by: John Hubbard <jhubbard@nvidia.com>
Suggested-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Zhaoyang Huang <zhaoyang.huang@unisoc.com>
---
v2: judge if there are unpinnable pages via list_empty and update commit
message
v3: update commit message
---
---
 mm/gup.c | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/mm/gup.c b/mm/gup.c
index 3b75e631f369..569a4d82012d 100644
--- a/mm/gup.c
+++ b/mm/gup.c
@@ -2323,13 +2323,13 @@ static void pofs_unpin(struct pages_or_folios *pofs)
 /*
  * Returns the number of collected folios. Return value is always >=3D 0.
  */
-static unsigned long collect_longterm_unpinnable_folios(
+static void collect_longterm_unpinnable_folios(
 		struct list_head *movable_folio_list,
 		struct pages_or_folios *pofs)
 {
-	unsigned long i, collected =3D 0;
 	struct folio *prev_folio =3D NULL;
 	bool drain_allow =3D true;
+	unsigned long i;
=20
 	for (i =3D 0; i < pofs->nr_entries; i++) {
 		struct folio *folio =3D pofs_get_folio(pofs, i);
@@ -2341,8 +2341,6 @@ static unsigned long collect_longterm_unpinnable_foli=
os(
 		if (folio_is_longterm_pinnable(folio))
 			continue;
=20
-		collected++;
-
 		if (folio_is_device_coherent(folio))
 			continue;
=20
@@ -2364,8 +2362,6 @@ static unsigned long collect_longterm_unpinnable_foli=
os(
 				    NR_ISOLATED_ANON + folio_is_file_lru(folio),
 				    folio_nr_pages(folio));
 	}
-
-	return collected;
 }
=20
 /*
@@ -2442,11 +2438,9 @@ static long
 check_and_migrate_movable_pages_or_folios(struct pages_or_folios *pofs)
 {
 	LIST_HEAD(movable_folio_list);
-	unsigned long collected;
=20
-	collected =3D collect_longterm_unpinnable_folios(&movable_folio_list,
-						       pofs);
-	if (!collected)
+	collect_longterm_unpinnable_folios(&movable_folio_list, pofs);
+	if (list_empty(&movable_folio_list))
 		return 0;
=20
 	return migrate_longterm_unpinnable_folios(&movable_folio_list, pofs);
--=20
2.25.1