From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0FA4CC05027 for ; Wed, 1 Feb 2023 17:21:43 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5F21F6B0073; Wed, 1 Feb 2023 12:21:42 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 5A2446B0074; Wed, 1 Feb 2023 12:21:42 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4910E6B0075; Wed, 1 Feb 2023 12:21:42 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 3BB8D6B0073 for ; Wed, 1 Feb 2023 12:21:42 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 168AC160696 for ; Wed, 1 Feb 2023 17:21:42 +0000 (UTC) X-FDA: 80419390044.01.8637523 Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) by imf17.hostedemail.com (Postfix) with ESMTP id 5509840013 for ; Wed, 1 Feb 2023 17:21:40 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=Ex03OYIc; spf=pass (imf17.hostedemail.com: domain of shy828301@gmail.com designates 209.85.210.179 as permitted sender) smtp.mailfrom=shy828301@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1675272100; a=rsa-sha256; cv=none; b=YiEM0BG0x7xLIaMJZzZz0YwyVSnWfaOjbfdoe9cfPRi1tOlhaqps4abtDfKa6sLwedAN5z B4yF2V+REef4+pgiRXTyZiKcjttYzjkakjmzC18yQt43Rc1aJBi4DFpd6wGZbh4r0LMrKT 5OqV4vFtEyMX7RL7NpGyorQbzgq1Yt4= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=Ex03OYIc; spf=pass (imf17.hostedemail.com: domain of shy828301@gmail.com designates 209.85.210.179 as permitted sender) smtp.mailfrom=shy828301@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1675272100; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=QEUPSJlkUP9dP+KzLmG+nyeDxD6BwlDPsnj8Snmv2ws=; b=XrIzUehL3Db0UiisvBdECM/6zPNJ+6IbsbMlVLWRAqrrtoswOKTa/yEcjwBdOjRr6/yLZk ZSfm5udGukFvXxtMPN2ka0Hh7tVuaVjONz6piUydnAKXdjRHUulvPOy8mufv9rc+9lsV4+ ORl/vQbDuDeVIgws7RG7co+9WgTl/8E= Received: by mail-pf1-f179.google.com with SMTP id t17so1787848pfj.0 for ; Wed, 01 Feb 2023 09:21:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=QEUPSJlkUP9dP+KzLmG+nyeDxD6BwlDPsnj8Snmv2ws=; b=Ex03OYIcKcLRt/ukAP8p9G4Pv5YM9g6dThlCpBKf09d0qZNK6RXJXyypR0RTSMhPH7 WxJk/TGr7cHUKLiGJCLM3Q/mgiZbx7tJ28cPI7/G+qZdTwZW5MTwEZ7MIl6GTbDuL8k1 GYQOwnhwbVHTe04xNjwUOEVDM/quba8VfyqUFDTuHeG2nnp0gS1Q42BdMVQ6eI1pN2sA Nto596Cd3lqTjCdoq4BoYTKJuLV8lYGBDWeM/3cN4B5mQTBlWTWJuFFt4GL4YZGTxf6Q jx2juFHTxdHPAYyVL4/bKf/G1263qkIeeC4ZUXsfn2yrXL3MwRLWX/aOiTlvNj3aaEn3 IylA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=QEUPSJlkUP9dP+KzLmG+nyeDxD6BwlDPsnj8Snmv2ws=; b=sE82GnuBadSmA1L37jtBh9ld7l3KoaiXz+LkXA+t13FGqf3KEb3+CxpnIkdcZPQ/VG tU6oXtGdbQ1HpdtP3HK3+l56i4ODPp2miRGJpGgrM2FZRCbBDu1fZlvcUdV/wXrC16Rt FM5bsz327tiVkURpqGk5uI5zlOWwrZxhrGO657QfvgGIfreh0HlgTkXxWTfsUyE6VIIk iBwDsD/kgIk48UEAmATnQes7SZUrZrgZmynLLmCN9EhHTWAglcqJJ9+jjjNO07J1jpbK hxNjgKpxtDro4tjp3ePlEYx+OPyMRZ77R6+gf1851nqSjdMyLSwU0GUMFCfJDIxpkHLJ YJJQ== X-Gm-Message-State: AO0yUKWVoVsPAyJrohyX64y6tLDbsJGBmN80A8hmgyg/u/KK0KqgzRd6 k5xsa7ZH8pqoECIS2/kSe3QegZVa7qe/AOMQg1c= X-Google-Smtp-Source: AK7set9TYOV9y/Db1jjJk3sL/H6qBCOPgxHDegUIq93V7cq6hcS822WZObGfwWSwZTk9VVvc8YK/MCEzKqrCqrX44jM= X-Received: by 2002:a05:6a00:1589:b0:592:7c9a:1236 with SMTP id u9-20020a056a00158900b005927c9a1236mr670346pfk.26.1675272099190; Wed, 01 Feb 2023 09:21:39 -0800 (PST) MIME-Version: 1.0 References: <20230129024451.121590-1-wangkefeng.wang@huawei.com> <20230129134815.21083b65ef3ae4c3e7fae8eb@linux-foundation.org> <568c10e8-c225-b3c4-483a-5bb3329de4c5@huawei.com> <13e4e6ee-414e-7e36-5ac1-fa0fa555ba41@huawei.com> In-Reply-To: From: Yang Shi Date: Wed, 1 Feb 2023 09:21:27 -0800 Message-ID: Subject: Re: [PATCH] mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty() To: Michal Hocko Cc: Kefeng Wang , Andrew Morton , Tejun Heo , Jens Axboe , Jan Kara , Shakeel Butt , Naoya Horiguchi , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Ma Wupeng Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Queue-Id: 5509840013 X-Rspamd-Server: rspam01 X-Stat-Signature: ues71npbtexg1jggq436x9y15b4p4rdi X-HE-Tag: 1675272100-226838 X-HE-Meta: U2FsdGVkX19TK6eAtL8EvERh9IEtblpMNWOG0ThCWEXcONpmcViNyE02CJqC+pa/wnTm1UgHYEiGQqrc7bw+7b2pdbTD/bMRXxHC4JghjhGPW4+2zxGB2cPX+jGqF18BeTTic+2d0uD+zIOTIEMLqDHHeuyE+yDLdkTPPVPgJBeJ2aVrGuFHe5vPTsmqd/egzbkiM3eLIBuQwEFGesXkmjR4Mz0jCHUC3uJcqyQ6qQaJwoUolpZic/flmLNJxOZ+HMV05rKNQcm0YIy5O6n+9BvLD5X5rn5LJgZFHqAROSt/AeweZNlNjAO1+otxt1nvDzsXEJJBC1lBO5T8Kd+t4sJG3plKEWVhxTPSfrZPfXkntzx+ch1cvyvfWWDMbLmLLbOCTuvFKQDkcPySwcbkk+ZOiBg0ZBiPSGJ7GF8Aq/nnEbGjPWHxS67tZNqN7+335s68iZtk8TENV5tSTD4R7WFmEXbTwG3hDW7GZk++9ns6xC+OPOIpBKGqDjbNQS0SN98TI3RhJtbRrcrwarOVg5V7vyR/qjeJdP+4rH45j39Jdbmn22HaVT0i07I75u4Ehq6Rs/CfhHPqtArxEFR4K1Yxj9Vb3qHv4GwqKbqXSSkJfPBnVLOFL/cBd53fbVSYV+3gZoGdGlAPm4Xi3Wg7xyl8Sqvm7enSXuIdJah4RMEwgDqS2a1Pm79hIS+PxKh5shlNfoAfx5QxinvuehbQLlzgWeDwjUmR48Fd3+G8nIJ44T9yF+n0uYJ8lTG1zLYQEs7IqJ9ckO6p4tKgGGhj4JVlWcpBj2nEp1w4sO0J1JYynrBIakgJ/yHqr/GXkAK0rmL28JmyfOEVwHHZlNWHFt6hJlMVKgz6tqebDonPR9+jLq3ycXIIO8INu6uhygE5nywttqvMJ5FklSzoLVbSzenM8tMc07LUiy0eeM9X6gZmK/UE1phsoTGFSDzLG2JkWFhCZZ8QcgsQPBrF4NH YVlW40PO Ckzl49wCp2+8+4SAB8cOGLfqCBWyafOSWLtLWtORW3b4+LCkf7zw4K3eQD/d2nKFYjxTJAyurbWlfTx4zT0yKiAQQqpAFrlOD55g+ib0wynHVok87PLC/lA+eTLknk1N11o3IJvcSIxJ2dt93e7Cv1GH4YKOhUPW3tzz/YlXmyAb8uGJNGwVOGgEGfHYg9lB6KioJWfwgS+lp471rhIFDYNKlWq6E6m+KeLHAzfATH1EtuIXykW6IazDD5uuNrNyR6KbcNEhEECi/EoqQoqyHEvNNAIN8oJv+SFyDsBaQyw1FWH+pLSvWAQc1EduCJJyyqeD/Cik/gxV9ysHnKmIcijDfWni3aSTxi5pyOtNXuYCPi5uWN4Ii/A8PaQLl+RYd076pr602lRaZrEw3Ip1CTqMmNywMB6N63MSgt5px8XcZ97sVkTLhAAKd8wOR0gnzQsmqwb8jdbzp7M9m7LpxSTS0Ndn8LWzvwfBGMkoUSeikZZ6TbkDy0tytQTxXDdXA2P+eVK/7KpyGIJWTXoL3bi5qO/xEyuUI32+KZJKc2vZYhl8n9Txb8Zmxs3dIavm9k9uzb7NnBtdL1hCasVKWMa9ffeEUpWWryblwzGsmc2PoWdBUIIOxipiLTzia7lUSTuK+ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Feb 1, 2023 at 12:07 AM Michal Hocko wrote: > > On Mon 30-01-23 11:30:47, Yang Shi wrote: > > On Mon, Jan 30, 2023 at 4:20 AM Kefeng Wang wrote: > > > > > > > > > > > > On 2023/1/30 16:48, Michal Hocko wrote: > > > > On Mon 30-01-23 09:16:13, Kefeng Wang wrote: > > > >> > > > >> > > > >> On 2023/1/30 5:48, Andrew Morton wrote: > > > >>> On Sun, 29 Jan 2023 10:44:51 +0800 Kefeng Wang wrote: > > > >>> > > > >>>> As commit 18365225f044 ("hwpoison, memcg: forcibly uncharge LRU pages"), > > > >>> > > > >>> Merged in 2017. > > > >>> > > > >>>> hwpoison will forcibly uncharg a LRU hwpoisoned page, the folio_memcg > > > >>>> could be NULl, then, mem_cgroup_track_foreign_dirty_slowpath() could > > > >>>> occurs a NULL pointer dereference, let's do not record the foreign > > > >>>> writebacks for folio memcg is null in mem_cgroup_track_foreign() to > > > >>>> fix it. > > > >>>> > > > >>>> Reported-by: Ma Wupeng > > > >>>> Fixes: 97b27821b485 ("writeback, memcg: Implement foreign dirty flushing") > > > >>> > > > >>> Merged in 2019. > > > >>> > > > ... > > > > > > > > Just to make sure I understand. The page has been hwpoisoned, uncharged > > > > but stayed in the page cache so a next page fault on the address has blowned > > > > up? > > > > > > > > Say we address the NULL memcg case. What is the resulting behavior? > > > > Doesn't userspace access a poisoned page and get a silend memory > > > > corruption? > > > > > > + Yang Shi > > > > > > Check previous link[1], seems that it is a known issue, and there is a > > > TODO list for storage backed filesystems from Yang. > > > > For tmpfs and hugetlbfs, the page cache still stay in page cache, the > > later page fault will handle the case gracefully. Other real storage > > backed filesystem will have page cache truncated. > > > > The page cache will be uncharged before truncate. If the truncate > > fails, we may end up in this case. > > This would be a good addendum to the changelog. What would be a typical > failure in the truncation path? For memory failure path, there may be a couple of cases, for example, page is not for a regular file (maybe directory), fail to release buffers, etc. > > > > > > > > > > [1] > > > https://lore.kernel.org/all/20211020210755.23964-6-shy828301@gmail.com/T/#m1d40559ca2dcf94396df5369214288f69dec379b > > -- > Michal Hocko > SUSE Labs