From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A9FF6C021A0 for ; Sat, 15 Feb 2025 08:24:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E67A1280004; Sat, 15 Feb 2025 03:24:13 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id E16B6280003; Sat, 15 Feb 2025 03:24:13 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D051C280004; Sat, 15 Feb 2025 03:24:13 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id B31C8280003 for ; Sat, 15 Feb 2025 03:24:13 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 2455E81646 for ; Sat, 15 Feb 2025 08:24:13 +0000 (UTC) X-FDA: 83121491586.01.BE6C433 Received: from out-177.mta0.migadu.com (out-177.mta0.migadu.com [91.218.175.177]) by imf10.hostedemail.com (Postfix) with ESMTP id 1AEE8C0002 for ; Sat, 15 Feb 2025 08:24:10 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=ONDnj+DW; spf=pass (imf10.hostedemail.com: domain of yosry.ahmed@linux.dev designates 91.218.175.177 as permitted sender) smtp.mailfrom=yosry.ahmed@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739607851; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=rdSKbbowuaC1k0JdIAz968nF++zG2YTQpuC1grZhOhc=; b=c9z1HShE+V48o5v76n4YEsq76tXTXvIX5ITpwkjNGK9X56uocOgYyQCQJJK7MP4y0+TGcK RD8rYYFcL/ODK9XPiykU9K8a0PIyKYnErDjDz9ianHjvIw1NEdh3xOWxPrGQGvGwSEfxU1 ykn+yggmz/D4r/Fv9uHC1lE3CT0fgYw= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=ONDnj+DW; spf=pass (imf10.hostedemail.com: domain of yosry.ahmed@linux.dev designates 91.218.175.177 as permitted sender) smtp.mailfrom=yosry.ahmed@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739607851; a=rsa-sha256; cv=none; b=Vcxgkm5h4Il8r+KOg0pIvGyOWrN1kwC+8myPVYWrpiu47vtLpEvMdzvvXM0F668JO2/xd6 0cnph6UDKr20YmcyL6j1RaXTAY2OBh2IDpze3jIkGsmbJ8buEI2yx0+xEIF8Tp61ZWPZj/ h191EYfJRN6WKhkYVS+6juGICVwgGnY= MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1739607848; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rdSKbbowuaC1k0JdIAz968nF++zG2YTQpuC1grZhOhc=; b=ONDnj+DW0Vk+1xIOKRX2gMsrKjF7m0YXCLxenLBymWKk3cm4A4jncD3elBlF9/i55HR33o 8RMxKFdurvaBGlhVgsL6TFMoDG+PenGnCJgUVr23zt9xANhxbBwNyu2P1ot9TAufkbg6Pa 3KKLOhMxGbwJtvebL/0xEmWkDjqBiWs= Date: Sat, 15 Feb 2025 08:24:07 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: "Yosry Ahmed" Message-ID: <8bda689f466f7426df696ec52648592f262091bb@linux.dev> TLS-Required: No Subject: Re: [PATCH v2] mm: Fix possible NULL pointer dereference in __swap_duplicate To: "gaoxu" , "Andrew Morton" , linux-mm@kvack.org Cc: linux-kernel@vger.kernel.org, "Suren Baghdasaryan" , "Barry Song" <21cnbao@gmail.com>, "yipengxiang" In-Reply-To: References: X-Migadu-Flow: FLOW_OUT X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 1AEE8C0002 X-Stat-Signature: 1rs1b8wec5pfddipiipmxakkre4buo7k X-Rspam-User: X-HE-Tag: 1739607850-923976 X-HE-Meta: U2FsdGVkX1/Kb6t1ZXGJeHSspL6JyP5fhsbBVYU8AqC8KcS2MB/YBL23U23im8/8q+JvmjPqNw5osB5Bztz/QQLfyKEZ4/mvue3knmqrmE7l9BvT0zXN+UpcmZouEay73iqhRKjWeYWPQ6Z5yTdTxt2xB1zPMuuiw0Cm2aeJybVJ12PUEbN8UUsBQaTipOnhqxu/ISeZlBOE3ZZtWopr9lqAH/YEh/W5c6HdudT4PxU9VFDeBawr2df5LnuQX2PvrIAXND/587ORtm3VYfOjJpBPMib9fbBLYSt/Ld3j1inAbf5nxbPtTKkcuRizIFiTqC9db0WgI9+XfVpoow+gwhgX3loAoRB6sPYUAD6YISa0gbmf6Vfnl/cEbZ0Z/s7TmR8WgyAHFcl4FWuaLr7ncLITYcRzcHmzuBDYKkKzzH7jvDjuv34FaXuMu+o6lDgdtIq/LywV+a3vqOmS6vaeCEhUvyLE6uVShJ0kUqt8rMI/WMsROk53gumwWiGshPc627Bs4H2B+Ypp76vvq0h7j4/RNxXhazPCVb0hXdUFRePHF1LcnTGxSwVGhxUwCWuUIV1oDQrf6kJ7gi0VVzobjQgPggJOPzNjyST+sJzymwwSTRL2y8Y2hwTrcbXREXQxNDtL0etOcUm26+jY25oVOZhBrNj66s63gFox6yRDRzXTaTru8vH4lkxWU5b7abftUMmN+nopYK4fYPvXxx9Kg0ZnV5r0PXJbYtTEz4D00Jz5kekN/a3jgdT/E4dc0HbQJm76Zw9ka0mXtWuaUjA0aTEHafK0I3s/i3qutKeUqVOWPatSWENL+X2vQV1UVYKqx6ZW1jdOmn3Z2l3dFirW7expp6qT32tmiCIg103d40wPGMu0CRYq5w730vGOomuE5jKotwK9PsCOV7rhWrK2DYUJc5Fuc5Zr1i5nVCdsEHcY1cJJp6xr7jKP73IRu7nMu93vXhbUPbbXs6jIGJL AHNd0orz OtAcVaZD7KT6hBoFWabLfBISGRABG3Y4qFoTdy0IjF52mEIBQUqYV62GbYn8m30sONkj4pPRHBNYaoRo672rMVV/3kjqXqfWWNNQ8yCHEPZF9Y/bbd2HktEuD1O+gTTdc9f7Igfu2fDgU6TxRDaEF+gFgEFtlbFvAmw38GxGS8rnrgxnQsw6G+09+8/vdWdPkioiGrF4EdorSLCSaH+au13Fjse1NFtCH+WPBUxxRXvfMJmbDDRM3PaNB+jGQzk1TXRWJo0uam/th2LbQx235Rla/ksfcEnsRRBCh X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: February 14, 2025 at 10:52 PM, "gaoxu" wrote: >=20 >=20Add a NULL check on the return value of swp_swap_info in __swap_dupli= cate >=20 >=20to prevent crashes caused by NULL pointer dereference. >=20 >=20The reason why swp_swap_info() returns NULL is unclear; it may be due= to >=20 >=20CPU cache issues or DDR bit flips. The probability of this issue is v= ery >=20 >=20small, and the stack info we encountered is as follows=EF=BC=9A >=20 >=20Unable to handle kernel NULL pointer dereference at virtual address >=20 >=200000000000000058 >=20 >=20[RB/E]rb_sreason_str_set: sreason_str set null_pointer >=20 >=20Mem abort info: >=20 >=20 ESR =3D 0x0000000096000005 >=20 >=20 EC =3D 0x25: DABT (current EL), IL =3D 32 bits >=20 >=20 SET =3D 0, FnV =3D 0 >=20 >=20 EA =3D 0, S1PTW =3D 0 >=20 >=20 FSC =3D 0x05: level 1 translation fault >=20 >=20Data abort info: >=20 >=20 ISV =3D 0, ISS =3D 0x00000005, ISS2 =3D 0x00000000 >=20 >=20 CM =3D 0, WnR =3D 0, TnD =3D 0, TagAccess =3D 0 >=20 >=20 GCS =3D 0, Overlay =3D 0, DirtyBit =3D 0, Xs =3D 0 >=20 >=20user pgtable: 4k pages, 39-bit VAs, pgdp=3D00000008a80e5000 >=20 >=20[0000000000000058] pgd=3D0000000000000000, p4d=3D0000000000000000, >=20 >=20pud=3D0000000000000000 >=20 >=20Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP >=20 >=20Skip md ftrace buffer dump for: 0x1609e0 >=20 >=20... >=20 >=20pc : swap_duplicate+0x44/0x164 >=20 >=20lr : copy_page_range+0x508/0x1e78 >=20 >=20sp : ffffffc0f2a699e0 >=20 >=20x29: ffffffc0f2a699e0 x28: ffffff8a5b28d388 x27: ffffff8b06603388 >=20 >=20x26: ffffffdf7291fe70 x25: 0000000000000006 x24: 0000000000100073 >=20 >=20x23: 00000000002d2d2f x22: 0000000000000008 x21: 0000000000000000 >=20 >=20x20: 00000000002d2d2f x19: 18000000002d2d2f x18: ffffffdf726faec0 >=20 >=20x17: 0000000000000000 x16: 0010000000000001 x15: 0040000000000001 >=20 >=20x14: 0400000000000001 x13: ff7ffffffffffb7f x12: ffeffffffffffbff >=20 >=20x11: ffffff8a5c7e1898 x10: 0000000000000018 x9 : 0000000000000006 >=20 >=20x8 : 1800000000000000 x7 : 0000000000000000 x6 : ffffff8057c01f10 >=20 >=20x5 : 000000000000a318 x4 : 0000000000000000 x3 : 0000000000000000 >=20 >=20x2 : 0000006daf200000 x1 : 0000000000000001 x0 : 18000000002d2d2f >=20 >=20Call trace: >=20 >=20 swap_duplicate+0x44/0x164 >=20 >=20 copy_page_range+0x508/0x1e78 >=20 >=20 copy_process+0x1278/0x21cc >=20 >=20 kernel_clone+0x90/0x438 >=20 >=20 __arm64_sys_clone+0x5c/0x8c >=20 >=20 invoke_syscall+0x58/0x110 >=20 >=20 do_el0_svc+0x8c/0xe0 >=20 >=20 el0_svc+0x38/0x9c >=20 >=20 el0t_64_sync_handler+0x44/0xec >=20 >=20 el0t_64_sync+0x1a8/0x1ac >=20 >=20Code: 9139c35a 71006f3f 54000568 f8797b55 (f9402ea8) >=20 >=20---[ end trace 0000000000000000 ]--- >=20 >=20Kernel panic - not syncing: Oops: Fatal exception >=20 >=20SMP: stopping secondary CPUs >=20 >=20The patch seems to only provide a workaround, but there are no more >=20 >=20effective software solutions to handle the bit flips problem. This pa= th >=20 >=20will change the issue from a system crash to a process exception, the= reby >=20 >=20reducing the impact on the entire machine. >=20 >=20Signed-off-by: gaoxu >=20 >=20Reviewed-by: Yosry Ahmed I did not review this patch, I only made a suggestion. Please only add Re= view tags when explicitly given.