Received: by 10.213.65.68 with SMTP id h4csp3193662imn;
        Mon, 9 Apr 2018 16:11:27 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/6LQH1nUNRNJ79/AeqnbHaGR9FFyRicj+4ZDIduazfqW3GeuNepAuwpuDrQLCTA2DeE1bb
X-Received: by 2002:a17:902:bc82:: with SMTP id bb2-v6mr11415678plb.369.1523315487281;
        Mon, 09 Apr 2018 16:11:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523315487; cv=none;
        d=google.com; s=arc-20160816;
        b=vYjNh/F66rEbwGQHdD1JIJ4pmgyGGpO6ixQLRSds9LAv67CobSNUiJzh1KF8Px0FMP
         OYkpImMWghQzS5T9zmS3GngNvM5iPbzYRU8SKp1sUKybxE7DA8WofTfVrm01Rm+UhKoA
         bY6HDbz0uDQsiBlQ4nfz/6NU8RUEfgYrxLmxamboJoc+I8XEMiR6teIjmNGRKRwI0pXl
         nmcnDdY6axWeRG2y0AKMdfYdYqGEcCtj/++kQo1k1uVUINY92+vHUAn/hujbbaJ0a9Ty
         5PugBTQonuGoznGocnjp3AsVj3y0p5LNE+QGJQAlGw6caClqhGqNdO7V+ALoPv5Ksybr
         ATiQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=5kFBTVWhjST3hjdx0VvMMnAVxXFawdl/xPyuzS9agmQ=;
        b=zTH5Gs1DQ2xXatXHGtJGTLtdEUD5+Yw5lsma0cHT7Ja4UtXMDOm6AtNPfDg71ys3EO
         hV/ZXo9BvD7BNLLKpxxEzcRTsLjSwa5NTeUczJEgn0INeaLzUDgdI5otPFsRqKSxCVqt
         jBnk7qKd+uiVJHqhz7V+NXXoEp4SZadgkQnbHQtOLTICw0fXA8rI0ENeXXjhwYM/zKrz
         D6slFzgE6ZlJBdOIlvakvYoXpXqfpClc/4hzh8QL53o9GiawN+EbPseCGgJgcUkfsm0s
         CJIiwG02Lp96DGsr1+nEaM311NYu17IGkpn6DjEjuT0556il351PUTFVo4IFtkCVglMj
         inSw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=UARamrqi;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 3si909374pfl.175.2018.04.09.16.10.50;
        Mon, 09 Apr 2018 16:11:27 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=UARamrqi;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752648AbeDIXES (ORCPT <rfc822;rao.subba.venkata@gmail.com>
        + 99 others); Mon, 9 Apr 2018 19:04:18 -0400
Received: from mail-pf0-f194.google.com ([209.85.192.194]:45487 "EHLO
        mail-pf0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751367AbeDIXEQ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 9 Apr 2018 19:04:16 -0400
Received: by mail-pf0-f194.google.com with SMTP id l27so6629368pfk.12;
        Mon, 09 Apr 2018 16:04:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=sender:date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=5kFBTVWhjST3hjdx0VvMMnAVxXFawdl/xPyuzS9agmQ=;
        b=UARamrqin9GiZrvobtWij5XSBUcKgQ2dGBPjDRr3B20PZeB/rz+3gkTbVPpdT8qLsA
         VDTFN7v2+kCWB0XDLIQ+wOYQWoa1UvsH9t83AU8xiIotdEGVrOlED01kniT/N6GUEkrV
         e+z+3jl0IDclAo4FWvOKjmMT8B+UkuqfekMmMjy+y+KDoJLFUEMsqxRvIn1V+hUqlv/z
         pRvG0n6klff8DNw3XYHjFZxWM/Jo2dAR2/9SkmrRZSm/DKSq0LNJZL8dvlzaG8WbdVaz
         DJMNHZqR6hYSlVpjcQ1nu4jF5yceXrMRWtQWJwpzzXIodEGm6SDZwihn8WLoAFPeWdZT
         ureQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:date:from:to:cc:subject:message-id
         :references:mime-version:content-disposition:in-reply-to:user-agent;
        bh=5kFBTVWhjST3hjdx0VvMMnAVxXFawdl/xPyuzS9agmQ=;
        b=ONZJhUEIBF5bFgEBZVvpKrccBeU74P65uBcIdYpYonYPwg4ozeRi6fx0rfEulksoVd
         GQIbJMW2Ju+ktvBl6lMmGovzT05Yk6eMN+EH0ZTkYymw+QPeztM1PcTdGqTvl16JWag5
         DyOOk3MyEzfAZSlIlOj+rBHXkJF3kIgnSkjwHDCj7cBUSFlB/8iQd7unifFia9B77yQg
         0tJhxkh9vx/GnUVY390B3P8gN/L7orS/W35389RyO5JJdV9dBnMkh0balv3UbgOVFoZG
         CWgT/GZpD6QobNsqZa1XetzWxWeceNLlkj+vZE+P54muEzv1D994ReIO5bI9yh11C/Bs
         bRSA==
X-Gm-Message-State: AElRT7EsoTOCqGVC8rvV6oE2ePrEIcm867ikOPfI9oFTZ9kqx+DPEcnl
        NKRT1sJSwgFS5jBNXJxMaBA=
X-Received: by 10.101.74.9 with SMTP id s9mr21370549pgq.91.1523315055401;
        Mon, 09 Apr 2018 16:04:15 -0700 (PDT)
Received: from rodete-desktop-imager.corp.google.com ([2401:fa00:d:0:7630:de9:f6f2:276f])
        by smtp.gmail.com with ESMTPSA id j83sm3416381pfe.178.2018.04.09.16.04.11
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Mon, 09 Apr 2018 16:04:14 -0700 (PDT)
Date:   Tue, 10 Apr 2018 08:04:09 +0900
From:   Minchan Kim <minchan@kernel.org>
To:     Matthew Wilcox <willy@infradead.org>
Cc:     Chao Yu <yuchao0@huawei.com>, Jaegeuk Kim <jaegeuk@kernel.org>,
        Christopher Lameter <cl@linux.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        linux-mm <linux-mm@kvack.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Johannes Weiner <hannes@cmpxchg.org>, Jan Kara <jack@suse.cz>,
        Chris Fries <cfries@google.com>,
        linux-f2fs-devel@lists.sourceforge.net,
        linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] mm: workingset: fix NULL ptr dereference
Message-ID: <20180409230409.GA214542@rodete-desktop-imager.corp.google.com>
References: <20180409015815.235943-1-minchan@kernel.org>
 <20180409024925.GA21889@bombadil.infradead.org>
 <20180409030930.GA214930@rodete-desktop-imager.corp.google.com>
 <20180409111403.GA31652@bombadil.infradead.org>
 <20180409112514.GA195937@rodete-laptop-imager.corp.google.com>
 <7706245c-2661-f28b-f7f9-8f11e1ae932b@huawei.com>
 <20180409144958.GA211679@rodete-laptop-imager.corp.google.com>
 <20180409152032.GB11756@bombadil.infradead.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180409152032.GB11756@bombadil.infradead.org>
User-Agent: Mutt/1.9.2 (2017-12-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Apr 09, 2018 at 08:20:32AM -0700, Matthew Wilcox wrote:
> On Mon, Apr 09, 2018 at 11:49:58PM +0900, Minchan Kim wrote:
> > On Mon, Apr 09, 2018 at 08:25:06PM +0800, Chao Yu wrote:
> > > On 2018/4/9 19:25, Minchan Kim wrote:
> > > > On Mon, Apr 09, 2018 at 04:14:03AM -0700, Matthew Wilcox wrote:
> > > >> On Mon, Apr 09, 2018 at 12:09:30PM +0900, Minchan Kim wrote:
> > > >>> Look at fs/f2fs/inode.c
> > > >>> mapping_set_gfp_mask(inode->i_mapping, GFP_F2FS_ZERO);
> > > >>>
> > > >>> __add_to_page_cache_locked
> > > >>>   radix_tree_maybe_preload
> > > >>>
> > > >>> add_to_page_cache_lru
> > > 
> > > No, sometimes, we need to write meta data to new allocated block address,
> > > then we will allocate a zeroed page in inner inode's address space, and
> > > fill partial data in it, and leave other place with zero value which means
> > > some fields are initial status.
> > 
> > Thanks for the explaining.
> > 
> > > There are two inner inodes (meta inode and node inode) setting __GFP_ZERO,
> > > I have just checked them, for both of them, we can avoid using __GFP_ZERO,
> > > and do initialization by ourselves to avoid unneeded/redundant zeroing
> > > from mm.
> > 
> > Yub, it would be desirable for f2fs. Please go ahead for f2fs side.
> > However, I think current problem is orthgonal. Now, the problem is
> > radix_tree_node allocation is bind to page cache allocation.
> > Why does FS cannot allocate page cache with __GFP_ZERO?
> > I agree if the concern is only performance matter as Matthew mentioned.
> > But it is beyond that because it shouldn't do due to limitation
> > of workingset shadow entry implementation. I think such coupling is
> > not a good idea.
> > 
> > I think right approach to abstract shadow entry in radix_tree is
> > to mask off __GFP_ZERO in radix_tree's allocation APIs.
> 
> I don't think this is something the radix tree should know about.

Because shadow entry implementation is hidden by radix tree implemetation.
IOW, radix tree user cannot know how it works.

> SLAB should be checking for it (the patch I posted earlier in this

I don't think it's right approach. SLAB constructor can initialize
some metadata for slab page populated as well as page zeroing.
However, __GFP_ZERO means only clearing pages, not metadata.
So it's different semantic. No need to mix out.

> thread), but the right place to filter this out is in the caller of
> radix_tree_maybe_preload -- it's already filtering out HIGHMEM pages,
> and should filter out GFP_ZERO too.

radix_tree_[maybe]_preload is exported API, which are error-prone
for out of modules or upcoming customers.

More proper place is __radix_tree_preload.

> 
> diff --git a/mm/filemap.c b/mm/filemap.c
> index c2147682f4c3..a87a523eea8e 100644
> --- a/mm/filemap.c
> +++ b/mm/filemap.c
> @@ -785,7 +785,7 @@ int replace_page_cache_page(struct page *old, struct page *new, gfp_t gfp_mask)
>  	VM_BUG_ON_PAGE(!PageLocked(new), new);
>  	VM_BUG_ON_PAGE(new->mapping, new);
>  
> -	error = radix_tree_preload(gfp_mask & ~__GFP_HIGHMEM);
> +	error = radix_tree_preload(gfp_mask & ~(__GFP_HIGHMEM | __GFP_ZERO));
>  	if (!error) {
>  		struct address_space *mapping = old->mapping;
>  		void (*freepage)(struct page *);
> @@ -841,7 +841,8 @@ static int __add_to_page_cache_locked(struct page *page,
>  			return error;
>  	}
>  
> -	error = radix_tree_maybe_preload(gfp_mask & ~__GFP_HIGHMEM);
> +	error = radix_tree_maybe_preload(gfp_mask &
> +			~(__GFP_HIGHMEM | __GFP_ZERO));
>  	if (error) {
>  		if (!huge)
>  			mem_cgroup_cancel_charge(page, memcg, false);