From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CE42EC64E8A for ; Mon, 30 Nov 2020 13:37:32 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 091892087C for ; Mon, 30 Nov 2020 13:37:29 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=bytedance-com.20150623.gappssmtp.com header.i=@bytedance-com.20150623.gappssmtp.com header.b="QaLy8DKI" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 091892087C Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=bytedance.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 463438D0006; Mon, 30 Nov 2020 08:37:29 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 411F38D0001; Mon, 30 Nov 2020 08:37:29 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 301768D0006; Mon, 30 Nov 2020 08:37:29 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0072.hostedemail.com [216.40.44.72]) by kanga.kvack.org (Postfix) with ESMTP id 1768A8D0001 for ; Mon, 30 Nov 2020 08:37:29 -0500 (EST) Received: from smtpin19.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id D05688249980 for ; Mon, 30 Nov 2020 13:37:28 +0000 (UTC) X-FDA: 77541186576.19.wheel48_2708354273a2 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin19.hostedemail.com (Postfix) with ESMTP id 9D2731AD1B1 for ; Mon, 30 Nov 2020 13:37:28 +0000 (UTC) X-HE-Tag: wheel48_2708354273a2 X-Filterd-Recvd-Size: 5737 Received: from mail-pl1-f195.google.com (mail-pl1-f195.google.com [209.85.214.195]) by imf18.hostedemail.com (Postfix) with ESMTP for ; Mon, 30 Nov 2020 13:37:27 +0000 (UTC) Received: by mail-pl1-f195.google.com with SMTP id b23so6479088pls.11 for ; Mon, 30 Nov 2020 05:37:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=qu207Z75WzQUJJHqszmaKTu1R6TkuOOJQys6M2fXiGI=; b=QaLy8DKIRP24xFqCy3J7NDtZmBosZopR/eM0EPzGmgqiL6BrMap3ZWoMFxnbvPI0oZ lyuue7gFrhq+HJbhK+PaVpJYcMjX2xjGdvwJWE4VUnhv5e1QuFp2A+HXu1/0Ozln17fv v/nJ4urZRQDsaUDZytPGxOHVAPc1e+ESjRYfHi3z6zqNV8PVd6xAHJBZCx+3cnr6FY36 8KNV5aFXjivavZVXkj7wsBpCUODW3Leg/5JHMk4wAjW5tOImUTntas1ZIvt0ZCLwuuZQ nWNutIM7vPeebfCo1CR4sUMIqP/EWMkQiYGNf8poGVXt/oFZGPiWIt410Td2tIZGJgr3 TPew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qu207Z75WzQUJJHqszmaKTu1R6TkuOOJQys6M2fXiGI=; b=T8+u5acpfFZcd5LpGxRyx/POriXHSFei8Bm0ZZfkbxKSyCtupK8d3oD24BK0XRFjAQ Hs3JtcZLHcyFUxjmKBR6pitUd9nxlPTcodCFoNqQmPfq5R2jRCi36Q5GX+KQI3VXDr8P kvYMwztuR8cPIzG2Kiykj1Tx3JcgtBngIrM5fTt7lOf9p9EtzRZHaPlYzgZdb+0FJk3o +Ilspo7UG0cO+BrLPquTTQBHZZL/ZTX1KyVi1VQ/t2dv29AfvgFqk8S7xdf7KzqM5lxM KRF72cqjXXCYwwt3XKUR1lz9bka3BgQtSFfj1m6gRNv3sT87zgsTsCQPNj+DWH4bFY1h YPTA== X-Gm-Message-State: AOAM530F8eb/5u3A+oKrP0/VGbVBiCpoBOzXOTN+FHI5IUjc0Z6hGhOm YyUsFiYGLx+GRCMAp2GqHYYGbtFHRmsxiOQxuB+xyg== X-Google-Smtp-Source: ABdhPJwVDB7YDEhOfM/bzPd9hd6ZDyyAWYZcOmV/hmtcR7dwZqYlZZQQ3yhdDZ/6Cn/n3EceqEJ1cqodHjf5k3zDGEs= X-Received: by 2002:a17:90a:c588:: with SMTP id l8mr10957073pjt.147.1606743446276; Mon, 30 Nov 2020 05:37:26 -0800 (PST) MIME-Version: 1.0 References: <20201130131512.6043-1-songmuchun@bytedance.com> <20201130132345.GJ17338@dhcp22.suse.cz> In-Reply-To: <20201130132345.GJ17338@dhcp22.suse.cz> From: Muchun Song Date: Mon, 30 Nov 2020 21:36:49 +0800 Message-ID: Subject: Re: [External] Re: [PATCH] mm/memcg: fix NULL pointer dereference at workingset_eviction To: Michal Hocko Cc: Andrew Morton , Johannes Weiner , Shakeel Butt , Roman Gushchin , Stephen Rothwell , alex.shi@linux.alibaba.com, alexander.h.duyck@linux.intel.com, Yafang Shao , richard.weiyang@gmail.com, LKML , Linux Memory Management List Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Nov 30, 2020 at 9:23 PM Michal Hocko wrote: > > On Mon 30-11-20 21:15:12, Muchun Song wrote: > > We found a case of kernel panic. The stack trace is as follows > > (omit some irrelevant information): > > > > BUG: kernel NULL pointer dereference, address: 00000000000000c8 > > RIP: 0010:workingset_eviction+0x26b/0x450 > > Call Trace: > > __remove_mapping+0x224/0x2b0 > > shrink_page_list+0x8c2/0x14e0 > > shrink_inactive_list+0x1bf/0x3f0 > > ? do_raw_spin_unlock+0x49/0xc0 > > ? _raw_spin_unlock+0xa/0x20 > > shrink_lruvec+0x401/0x640 > > > > This was caused by commit 76761ffa9ea1 ("mm/memcg: bail out early when > > !memcg in mem_cgroup_lruvec"). When the parameter of memcg is NULL, we > > should not use the &pgdat->__lruvec. So this just reverts commit > > 76761ffa9ea1 to fix it. > > > > Fixes: 76761ffa9ea1 ("mm/memcg: bail out early when !memcg in mem_cgroup_lruvec") > > I do not see any commits like that in the current Linus tree. Is this a > commit id from the linux-next? If yes, can we just fold it into the > respective patch in mmotm tree please? Yes. This commit is on the linux-next tree. Of course can. > > > Signed-off-by: Muchun Song > > --- > > include/linux/memcontrol.h | 15 +++++++++------ > > 1 file changed, 9 insertions(+), 6 deletions(-) > > > > diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h > > index f9a496c4eac7..a1416205507c 100644 > > --- a/include/linux/memcontrol.h > > +++ b/include/linux/memcontrol.h > > @@ -610,17 +610,20 @@ mem_cgroup_nodeinfo(struct mem_cgroup *memcg, int nid) > > static inline struct lruvec *mem_cgroup_lruvec(struct mem_cgroup *memcg, > > struct pglist_data *pgdat) > > { > > + struct mem_cgroup_per_node *mz; > > struct lruvec *lruvec; > > > > - if (mem_cgroup_disabled() || !memcg) { > > + if (mem_cgroup_disabled()) { > > lruvec = &pgdat->__lruvec; > > - } else { > > - struct mem_cgroup_per_node *mz; > > - > > - mz = mem_cgroup_nodeinfo(memcg, pgdat->node_id); > > - lruvec = &mz->lruvec; > > + goto out; > > } > > > > + if (!memcg) > > + memcg = root_mem_cgroup; > > + > > + mz = mem_cgroup_nodeinfo(memcg, pgdat->node_id); > > + lruvec = &mz->lruvec; > > +out: > > /* > > * Since a node can be onlined after the mem_cgroup was created, > > * we have to be prepared to initialize lruvec->pgdat here; > > -- > > 2.11.0 > > > > -- > Michal Hocko > SUSE Labs -- Yours, Muchun