Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp559626imu; Fri, 9 Nov 2018 02:13:01 -0800 (PST) X-Google-Smtp-Source: AJdET5dWL4iWIKbCQYCjs1Jq0J2BatLlTKVd9d9Dn7Ak/pMNWuBFE2ew9ErRyXmMUomb7bWowdI4 X-Received: by 2002:a62:1416:: with SMTP id 22-v6mr8474573pfu.114.1541758381886; Fri, 09 Nov 2018 02:13:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541758381; cv=none; d=google.com; s=arc-20160816; b=QcOtrod+JAZj5XCOreHjdeTmMhx7hz303GBVuEnQWJvltMTKGBEuwf4+PilvzdQrjQ SZlkE3TfgFUX0fDTEvEFFvJK/x7KZ5s6MdZH6LB6N+DOeXQ7FicphlWXycVd9WcywEJF btaHBTWVAjvD5YTUn22tyafyjM4r7jqTCmJ8IERbQU1u+Z1kMveWhL0pyKQsLJRVAZRx 3lO8tQYAy1rzQ8zdceUjZWSSh78HVHxBPuXlFnKHUXVXxeQm/hMqpjORULjsIy9lHWtI tb0SUR8A3sg+ndBwGa8qdnOKDvMaPux8Dxv/WwJHGMQY79Eez/mSpXdF/SN/aUNSrXYM /jyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:autocrypt:openpgp:from:references:cc:to:subject; bh=mU9y1eIbsKI3ZatVc3o3vfIzPGPZDhbGkQYkJW7WaMo=; b=zv5IerjT+GGCgPBKo3v1ML25zrM35cDSWFwbsCq90uQLngTI2V3j3fi1rvT1BdmlxH 2r+Fc/eg277bYEsile5AfQp+mxHkul0qYKQH7P9/iMGY+33axrRulmzSoAP30ujZDo0o 0xNWEcL42cXQZTzcxGPSF7B3ZHS/kXsChgWV9LICOCyTyt7HJgIQFSdulq5q4PWF4SYc AOd6nTw+rLbuv4PUy0xYiaHNRu+svXbLCzc9dXwcye0pzEG3X4DlkAlFm4D1OjW3ZvhX 8KrL6IT374j7SSHBRk22Th/1y0hP7T3uWHjxz9vU5wn+3Dbmg5uRUdgLvS0d0r5JiUsC claA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u8-v6si7239764plh.188.2018.11.09.02.12.46; Fri, 09 Nov 2018 02:13:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728178AbeKITt4 (ORCPT + 99 others); Fri, 9 Nov 2018 14:49:56 -0500 Received: from mx2.suse.de ([195.135.220.15]:48504 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727663AbeKITt4 (ORCPT ); Fri, 9 Nov 2018 14:49:56 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 0BCFFABDC; Fri, 9 Nov 2018 10:10:01 +0000 (UTC) Subject: Re: UBSAN: Undefined behaviour in mm/page_alloc.c To: Michal Hocko , Tetsuo Handa Cc: Kyungtae Kim , akpm@linux-foundation.org, pavel.tatashin@microsoft.com, osalvador@suse.de, rppt@linux.vnet.ibm.com, aaron.lu@intel.com, iamjoonsoo.kim@lge.com, alexander.h.duyck@linux.intel.com, mgorman@techsingularity.net, lifeasageek@gmail.com, threeearcat@gmail.com, syzkaller@googlegroups.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Konstantin Khlebnikov References: <20181109084353.GA5321@dhcp22.suse.cz> <20181109095604.GC5321@dhcp22.suse.cz> From: Vlastimil Babka Openpgp: preference=signencrypt Autocrypt: addr=vbabka@suse.cz; prefer-encrypt=mutual; keydata= xsFNBFZdmxYBEADsw/SiUSjB0dM+vSh95UkgcHjzEVBlby/Fg+g42O7LAEkCYXi/vvq31JTB KxRWDHX0R2tgpFDXHnzZcQywawu8eSq0LxzxFNYMvtB7sV1pxYwej2qx9B75qW2plBs+7+YB 87tMFA+u+L4Z5xAzIimfLD5EKC56kJ1CsXlM8S/LHcmdD9Ctkn3trYDNnat0eoAcfPIP2OZ+ 9oe9IF/R28zmh0ifLXyJQQz5ofdj4bPf8ecEW0rhcqHfTD8k4yK0xxt3xW+6Exqp9n9bydiy tcSAw/TahjW6yrA+6JhSBv1v2tIm+itQc073zjSX8OFL51qQVzRFr7H2UQG33lw2QrvHRXqD Ot7ViKam7v0Ho9wEWiQOOZlHItOOXFphWb2yq3nzrKe45oWoSgkxKb97MVsQ+q2SYjJRBBH4 8qKhphADYxkIP6yut/eaj9ImvRUZZRi0DTc8xfnvHGTjKbJzC2xpFcY0DQbZzuwsIZ8OPJCc LM4S7mT25NE5kUTG/TKQCk922vRdGVMoLA7dIQrgXnRXtyT61sg8PG4wcfOnuWf8577aXP1x 6mzw3/jh3F+oSBHb/GcLC7mvWreJifUL2gEdssGfXhGWBo6zLS3qhgtwjay0Jl+kza1lo+Cv BB2T79D4WGdDuVa4eOrQ02TxqGN7G0Biz5ZLRSFzQSQwLn8fbwARAQABzSFWbGFzdGltaWwg QmFia2EgPHZiYWJrYUBzdXNlLmNvbT7CwZcEEwEKAEECGwMFCwkIBwMFFQoJCAsFFgIDAQAC HgECF4ACGQEWIQSpQNQ0mSwujpkQPVAiT6fnzIKmZAUCWi/zTwUJBbOLuQAKCRAiT6fnzIKm ZIpED/4jRN/6LKZZIT4R2xoou0nJkBGVA3nfb+mUMgi3uwn/zC+o6jjc3ShmP0LQ0cdeuSt/ t2ytstnuARTFVqZT4/IYzZgBsLM8ODFY5vGfPw00tsZMIfFuVPQX3xs0XgLEHw7/1ZCVyJVr mTzYmV3JruwhMdUvIzwoZ/LXjPiEx1MRdUQYHAWwUfsl8lUZeu2QShL3KubR1eH6lUWN2M7t VcokLsnGg4LTajZzZfq2NqCKEQMY3JkAmOu/ooPTrfHCJYMF/5dpi8YF1CkQF/PVbnYbPUuh dRM0m3NzPtn5DdyfFltJ7fobGR039+zoCo6dFF9fPltwcyLlt1gaItfX5yNbOjX3aJSHY2Vc A5T+XAVC2sCwj0lHvgGDz/dTsMM9Ob/6rRJANlJPRWGYk3WVWnbgW8UejCWtn1FkiY/L/4qJ UsqkId8NkkVdVAenCcHQmOGjRQYTpe6Cf4aQ4HGNDeWEm3H8Uq9vmHhXXcPLkxBLRbGDSHyq vUBVaK+dAwAsXn/5PlGxw1cWtur1ep7RDgG3vVQDhIOpAXAg6HULjcbWpBEFaoH720oyGmO5 kV+yHciYO3nPzz/CZJzP5Ki7Q1zqBb/U6gib2at5Ycvews+vTueYO+rOb9sfD8BFTK386LUK uce7E38owtgo/V2GV4LMWqVOy1xtCB6OAUfnGDU2EM7ATQRbGTU1AQgAn0H6UrFiWcovkh6E XVcl+SeqyO6JHOPm+e9Wu0Vw+VIUvXZVUVVQLa1PQDUi6j00ChlcR66g9/V0sPIcSutacPKf dKYOBvzd4rlhL8rfrdEsQw5ApZxrA8kYZVMhFmBRKAa6wos25moTlMKpCWzTH84+WO5+ziCT sTUZASAToz3RdunTD+vQcHj0GqNTPAHK63sfbAB2I0BslZkXkY1RLb/YhuA6E7JyEd2pilZO rIuBGl/5q2qSakgnAVFWFBR/DO27JuAksYnq+aH8vI0xGvwn75KqSk4UzAkDzWSmO4ZHuahK tQgZNsMYV+PGayRBX9b9zbldzopoLBdqHc4njQARAQABwsF8BBgBCgAmFiEEqUDUNJksLo6Z ED1QIk+n58yCpmQFAlsZNTUCGwwFCQPCZwAACgkQIk+n58yCpmQ83g/9Frg1sRMdGPn98zV+ O2eC3h0p5f/oxxQ8MhG5znwHoW4JDG2TuxfcQuz7X7Dd5JWscjlw4VFJ2DD+IrDAGLHwPhCr RyfKalnrbYokvbClM9EuU1oUuh7k+Sg5ECNXEsamW9AiWGCaKWNDdHre3Lf4xl+RJWxghOVW RiUdpLA/a3yDvJNVr6rxkDHQ1P24ZZz/VKDyP+6g8aty2aWEU0YFNjI+rqYZb2OppDx6fdma YnLDcIfDFnkVlDmpznnGCyEqLLyMS3GH52AH13zMT9L9QYgT303+r6QQpKBIxAwn8Jg8dAlV OLhgeHXKr+pOQdFf6iu2sXlUR4MkO/5KWM1K0jFR2ug8Pb3aKOhowVMBT64G0TXhQ/kX4tZ2 ZF0QZLUCHU3Cigvbu4AWWVMNDEOGD/4sn9OoHxm6J04jLUHFUpFKDcjab4NRNWoHLsuLGjve Gdbr2RKO2oJ5qZj81K7os0/5vTAA4qHDP2EETAQcunTn6aPlkUnJ8aw6I1Rwyg7/XsU7gQHF IM/cUMuWWm7OUUPtJeR8loxZiZciU7SMvN1/B9ycPMFs/A6EEzyG+2zKryWry8k7G/pcPrFx O2PkDPy3YmN1RfpIX2HEmnCEFTTCsKgYORangFu/qOcXvM83N+2viXxG4mjLAMiIml1o2lKV cqmP8roqufIAj+Ohhzs= Message-ID: Date: Fri, 9 Nov 2018 11:10:00 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1 MIME-Version: 1.0 In-Reply-To: <20181109095604.GC5321@dhcp22.suse.cz> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/9/18 10:56 AM, Michal Hocko wrote: > On Fri 09-11-18 18:41:53, Tetsuo Handa wrote: >> On 2018/11/09 17:43, Michal Hocko wrote: >>> @@ -4364,6 +4353,17 @@ __alloc_pages_nodemask(gfp_t gfp_mask, unsigned int order, int preferred_nid, >>> gfp_t alloc_mask; /* The gfp_t that was actually used for allocation */ >>> struct alloc_context ac = { }; >>> >>> + /* >>> + * In the slowpath, we sanity check order to avoid ever trying to >> >> Please keep the comment up to dated. > > Does this following look better? > > diff --git a/mm/page_alloc.c b/mm/page_alloc.c > index 9fc10a1029cf..bf9aecba4222 100644 > --- a/mm/page_alloc.c > +++ b/mm/page_alloc.c > @@ -4354,10 +4354,8 @@ __alloc_pages_nodemask(gfp_t gfp_mask, unsigned int order, int preferred_nid, > struct alloc_context ac = { }; > > /* > - * In the slowpath, we sanity check order to avoid ever trying to > - * reclaim >= MAX_ORDER areas which will never succeed. Callers may > - * be using allocators in order of preference for an area that is > - * too large. > + * There are several places where we assume that the order value is sane > + * so bail out early if the request is out of bound. > */ > if (order >= MAX_ORDER) { > WARN_ON_ONCE(!(gfp_mask & __GFP_NOWARN)); Looks ok, but I'd add unlikely(), although it doesn't currently seem to make any difference. You can add Acked-by: Vlastimil Babka >> I don't like that comments in OOM code is outdated. >> >>> + * reclaim >= MAX_ORDER areas which will never succeed. Callers may >>> + * be using allocators in order of preference for an area that is >>> + * too large. >>> + */ >>> + if (order >= MAX_ORDER) { >> >> Also, why not to add BUG_ON(gfp_mask & __GFP_NOFAIL); here? > > Because we do not want to blow up the kernel just because of a stupid > usage of the allocator. Can you think of an example where it would > actually make any sense? > > I would argue that such a theoretical abuse would blow up on an > unchecked NULL ptr access. Isn't that enough? Agreed.