Received: by 10.223.185.111 with SMTP id b44csp156513wrg;
        Fri, 9 Mar 2018 02:52:26 -0800 (PST)
X-Google-Smtp-Source: AG47ELvxXF/lN1zuiTUxEqMAhOSDdtPQmmCGsvB1hAJh434ClpLan679jPhBCoHt42+Disr/OJsK
X-Received: by 10.99.111.137 with SMTP id k131mr24110039pgc.11.1520592746178;
        Fri, 09 Mar 2018 02:52:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1520592746; cv=none;
        d=google.com; s=arc-20160816;
        b=qPRhU+0aP+zKJH1zI35lxXwW8USZ7DRTHAG43B0IDkutX6C6QQdSkNgx6hYqP2McKi
         xPApv6/p98aCRJNXw+v3TPRkjpaNm7fPQUqXnl3kM3FKVDzD5hi7NUOQ6eLxvAN2/anB
         4NfP8ApVdFm7wgU4n+foPijw7MnzhKAkjNmEpHYCM7wDAuDkPJBFVWdomnXw8owY+n2H
         EqoRk5KIjqx2Eyzni6OMoBjiS43yTZCJtbt0Mm5tqGdXuuyzSn4uLEpEBQBopi2v+saZ
         6ObXTcIn+DtGUOFblWnWP5YMku+rfLwDNS7okJNcrATWgj8O1MmlJnJ5XaEle9LIrM09
         j4OA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject
         :message-id:date:from:references:in-reply-to:mime-version
         :dkim-signature:arc-authentication-results;
        bh=fr/EBs3BeoHChO0rXBiBCeMQxqVmv+GtLYrrfIRJAxs=;
        b=YWRLVJnbnCV6ptaLnVIK41h/vqBc42MHCVf2GCf5GSu1QfxFY1LHm3Ve5BMiBLyMdM
         Siyt1YE1wwftDl3rKbDpDRlgYHjd9cXQu6Sb0dtkHLLrOXHrT7f5KJoW/D7u3ZnlSLiR
         H9TOXqQXJrLu/Iy8XJulTJ9F47KSobMDyxtLWZFtNcptGKNqq81dvFgO1GdSUZWuz9xb
         BPs64YIuZDLkGsaJA1Wmo0Ts/N5vxf95oXdGOAF/uQ5LwXlvxJ5lzbz5xb7+qYHk+DJo
         GAcjIvUc23W9GcBq2tn9v1xyjLSOoxbHlWeQvZDaIh3VBLWWlSd35qg1ooZor+xjPc78
         7ACg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=owGGfjzw;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g11si648019pfd.272.2018.03.09.02.52.12;
        Fri, 09 Mar 2018 02:52:26 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=owGGfjzw;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751249AbeCIKtt (ORCPT <rfc822;arandomawesomegeek@gmail.com>
        + 99 others); Fri, 9 Mar 2018 05:49:49 -0500
Received: from mail-ua0-f194.google.com ([209.85.217.194]:42740 "EHLO
        mail-ua0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751211AbeCIKtq (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 9 Mar 2018 05:49:46 -0500
Received: by mail-ua0-f194.google.com with SMTP id b23so1922621uak.9
        for <linux-kernel@vger.kernel.org>; Fri, 09 Mar 2018 02:49:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc:content-transfer-encoding;
        bh=fr/EBs3BeoHChO0rXBiBCeMQxqVmv+GtLYrrfIRJAxs=;
        b=owGGfjzwA9IYXu86KF/kpWVXaNWkLMoO+y3EoVm1pGIJqLW3yq+Dm9SH4HwlpWITB5
         uRgHXlf3qTKY9Xo6s0p7IfrBare+UHGby9S6x0o7Yb1loHmtWKPhw593eUCX0kKf8aAo
         tSvjo6odzLnVTlhDMjinRe51yXnF5p+C/tNnO58n4lZxWzIMmP3cHmOPIIwICJczWKLn
         61LmUqdQt25BXJFLeYB8zqo+YodH4kjzm80EG9c/TMDBCw6iFnseT/zsw6HP54x7JFOu
         uBbsh+g12PalO7WZi3jabTEZsP9nsOSvBmCxSUO18x1wpBpq+KxJ39ekOjKhM5x8GKs6
         nrqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc:content-transfer-encoding;
        bh=fr/EBs3BeoHChO0rXBiBCeMQxqVmv+GtLYrrfIRJAxs=;
        b=UydiCFDWEb9I4vof//9aJs5i5+rHmm6nHjR3y+WsBAHIR41g2w+Ii1+K+CiFqi8X+k
         D/OcPb0uWBK0Cjm023HARJCW+JFLxaCK5RUL6JQbJX6X6ZL8vbw0ncL3oAI6DxooUZxK
         AFJTtymjxDMmVvCfER72lQMGEhBmPH+1P0yrVZhGv4Sop3nUy8d3yWaFplPChNUXCXFa
         PgD7wqQBg3qsZi7V4pYHK3CrZYLJH2hPLtz1lS9ovOGLHVRSWahLffjPLhaB43U12T4C
         AXKuHCoxCrKg23iJN2i+JaABazbBDJ55k3GaIRI0ygFxmW2HiUhNO1Hzg4bNgVFuiIlt
         wi0w==
X-Gm-Message-State: APf1xPCP52M96dCgzlBL7K5xORiTKIiBqyIrUL/AvJR0pjyWv8wKTJqR
        nTuvIq8k9+8Wlb5IB9bapnva3jdBDKP4GyXNCWp2kA==
X-Received: by 10.159.57.211 with SMTP id p19mr22103302uag.67.1520592584556;
 Fri, 09 Mar 2018 02:49:44 -0800 (PST)
MIME-Version: 1.0
Received: by 10.103.127.84 with HTTP; Fri, 9 Mar 2018 02:49:43 -0800 (PST)
In-Reply-To: <4ebee1c2-57f6-bcb8-0e2d-1833d1ee0bb7@huawei.com>
References: <CAG_fn=VW5tfzT6cHJd+jF=t3WO6XS3HqSF_TYnKdycX_M_48vw@mail.gmail.com>
 <4ebee1c2-57f6-bcb8-0e2d-1833d1ee0bb7@huawei.com>
From:   Alexander Potapenko <glider@google.com>
Date:   Fri, 9 Mar 2018 11:49:43 +0100
Message-ID: <CAG_fn=XP6X5rqRVBameyU-F2UOc4hpbowUBNxZENf2ZHpMSmfQ@mail.gmail.com>
Subject: Re: [PATCH] mm/mempolicy: Avoid use uninitialized preferred_node
To:     Yisheng Xie <xieyisheng1@huawei.com>
Cc:     Andrew Morton <akpm@linux-foundation.org>,
        Linux Memory Management List <linux-mm@kvack.org>,
        Dmitriy Vyukov <dvyukov@google.com>,
        Vlastimil Babka <vbabka@suse.cz>,
        "mhocko@suse.com" <mhocko@suse.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Mar 9, 2018 at 6:21 AM, Yisheng Xie <xieyisheng1@huawei.com> wrote:
> Alexander reported an use of uninitialized memory in __mpol_equal(),
> which is caused by incorrect use of preferred_node.
>
> When mempolicy in mode MPOL_PREFERRED with flags MPOL_F_LOCAL, it use
> numa_node_id() instead of preferred_node, however, __mpol_equeue() use
> preferred_node without check whether it is MPOL_F_LOCAL or not.
>
> Reported-by: Alexander Potapenko <glider@google.com>
> Signed-off-by: Yisheng Xie <xieyisheng1@huawei.com>
Tested-by: Alexander Potapenko <glider@google.com>

I confirm that the patch fixes the problem. Thanks for the quick turnaround=
!
Any idea which commit had introduced the bug in the first place?
> ---
>  mm/mempolicy.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/mm/mempolicy.c b/mm/mempolicy.c
> index d879f1d..641545e 100644
> --- a/mm/mempolicy.c
> +++ b/mm/mempolicy.c
> @@ -2124,6 +2124,9 @@ bool __mpol_equal(struct mempolicy *a, struct mempo=
licy *b)
>         case MPOL_INTERLEAVE:
>                 return !!nodes_equal(a->v.nodes, b->v.nodes);
>         case MPOL_PREFERRED:
> +               /* a's flags is the same as b's */
> +               if (a->flags & MPOL_F_LOCAL)
> +                       return true;
>                 return a->v.preferred_node =3D=3D b->v.preferred_node;
>         default:
>                 BUG();
> --
> 1.8.3.1
>



--=20
Alexander Potapenko
Software Engineer

Google Germany GmbH
Erika-Mann-Stra=C3=9Fe, 33
80636 M=C3=BCnchen

Gesch=C3=A4ftsf=C3=BChrer: Paul Manicle, Halimah DeLaine Prado
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg