From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from out-173.mta1.migadu.com (out-173.mta1.migadu.com [95.215.58.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 91D613E024B for ; Wed, 25 Mar 2026 14:25:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=95.215.58.173 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774448711; cv=none; b=X7yoZ/DkYcG2KWDe2xykFxNdQLLM/51KbHLvXpvxcTT1PDW40A2SFrMzk/dyMs0L1OtRCQYHj1S56tKPD+IsxJoHS6Tsww/DiebY3yY7s00zcTRcxGMlye8uwebwoCKOY5W2vDh5UocGWZzrpQAW7UYFyYejCUtSMnTiRtzPf4w= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774448711; c=relaxed/simple; bh=5RXJlVTlB7vuWFnOo+/1geyusXsovMNy0bmMRBZllSo=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=snuM4JKvBb4sgVse4OfRw69KHz/qIk4Jtx5gdCaNqQ6+QgQdhdqh/jJs2xYy9wJSR2GBtnjrkIrEePVka0b4PdPXc/XjgfBb5NZKrM2z7N5GUFikQ8Dp1O7QIpgnIV5UjdZai6ERSrzMpgxWuiUbP0yGQMq3VeXbspEfj3rsRjA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=mGFjNcJD; arc=none smtp.client-ip=95.215.58.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="mGFjNcJD" Message-ID: <19e8a328-d4c2-4809-a42d-e46d2a994d5d@linux.dev> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1774448704; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jpB4rzY1tUTs7SaigWeg5qoTE99gD+o6MD5fMH/+Tv0=; b=mGFjNcJD0uYEJwAeKxfMsFPSiUNxxi73p+sEDOn20KVqO8vXUnQx4ZpFKc2WX5PvgW3fIx O2qQisaWFU8hHm8gUyQ+KvGCiSSqa/rJ5JCAJCJDvW10Uq8YXROxffBt4A/wS2CCWyTDeY 7+fKmj/9uM2HhhV4pZbaF6vK8AHq1mQ= Date: Wed, 25 Mar 2026 22:24:37 +0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Subject: Re: [PATCH v2 0/4] fix unexpected type conversions and potential overflows To: hannes@cmpxchg.org, hughd@google.com, mhocko@suse.com, roman.gushchin@linux.dev, shakeel.butt@linux.dev, muchun.song@linux.dev, david@kernel.org, ljs@kernel.org, ziy@nvidia.com, harry.yoo@oracle.com, yosry.ahmed@linux.dev, imran.f.khan@oracle.com, kamalesh.babulal@oracle.com, axelrasmussen@google.com, yuanchu@google.com, weixugc@google.com, chenridong@huaweicloud.com, mkoutny@suse.com, akpm@linux-foundation.org, hamzamahfooz@linux.microsoft.com, apais@linux.microsoft.com, lance.yang@linux.dev, bhe@redhat.com, usamaarif642@gmail.com, Qi Zheng Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org References: X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Qi Zheng In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Migadu-Flow: FLOW_OUT Forgot to include the changelog: Changes in v2: - modified all commit messages. (suggested-by Lorenzo Stoakes) - added a fix patch to resolve the unexpected massive positive number (pointed-by Harry Yoo and sashiko) - fix the print type mismatch in [PATCH 3/3] - collect Reviewed-by On 3/25/26 10:13 PM, Qi Zheng wrote: > From: Qi Zheng > > Hi all, > > As Harry Yoo pointed out [1], in scenarios where massive state updates occur > (e.g., during the reparenting of LRU folios), the values passed to memcg stat > update functions can accumulate and exceed the upper limit of a 32-bit integer. > > If the parameter types are not large enough (like 'int') or are handled > incorrectly, it can lead to severe truncation, potential overflow issues, > and unexpected type conversion bugs. > > This series aims to address these issues by correcting the parameter types > in the relevant functions, and fixing an implicit conversion bug in > memcg_state_val_in_pages(). > > This series is based on the next-20260323. > > Comments and suggestions are welcome! > > Thanks, > Qi > > [1]. https://lore.kernel.org/all/acDxaEgnqPI-Z4be@hyeyoo/ > > Qi Zheng (4): > mm: memcontrol: correct the type of stats_updates to unsigned long > mm: memcontrol: change val type to long in > __mod_memcg_{lruvec_}state() > mm: memcontrol: correct the nr_pages parameter type of > mem_cgroup_update_lru_size() > mm: memcontrol: fix unexpected massive positive number in > memcg_state_val_in_pages() > > include/linux/memcontrol.h | 2 +- > include/trace/events/memcg.h | 10 +++++----- > mm/memcontrol.c | 37 +++++++++++++++++++----------------- > 3 files changed, 26 insertions(+), 23 deletions(-) >