Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp71660ybp; Thu, 3 Oct 2019 10:19:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqws93EQUdqBEPlEtYrm+NydQjM1Bt2ICiExPdCSJmMhX1D7kaUU+GpipdGoyk62Yh4fcdld X-Received: by 2002:a17:906:b2d9:: with SMTP id cf25mr1109171ejb.316.1570123154227; Thu, 03 Oct 2019 10:19:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570123154; cv=none; d=google.com; s=arc-20160816; b=EyixB5gagJBidBaPlzIocPWI8pPl+XcmVo5RF721x4W0Oav7ZpNZill29oZ6fX2YSv 81dBWzY7SzDwRPIDG0J1R3Oa+z3D03kpYXOja8vLc61aQW49vhFxrhbRFqVeljEjICai RXeRulF9ZhUl2wCrtLY3yYz7bdOCKr8wxfd7zscWVMHQ8uccwZlIg4PdTTTk9rJLQRxQ H6Gr82Qf8RpLhUhH2qvKQ9PslvR218dIUcCkS8qs6vKTqHaTGOAYW6ZHNFadg99e0hpw nXudJFTC9mp1WJK+caJyJroZMcr+6+bVTAHFBqTWcqCbtgoY9LA0eEf9Ex2oXV6PPmoa q2GQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=k5aOGiqdCo9H8cdtkZiMs4XbtCMDD2o6d58D2rA3KZM=; b=GXwPcpI9EYEfo5YP/hnX91qZXFslhncj4QKzIpe+SrQtE3i5eQIgrpb0B5o09Xl1pB ReKL3gongtlrTZcEtP1W35fq5KZmobkYp/OzcA9cTnpd7txTOhqKNDZBcupHYYJ2BkcR HFMweZqMhvHYQ9xj/XOsJ1FliT62VmQtIiCmvIoTXrchjKdqOLjlA6tjSNQjbqeSWJvl 1STANQtAIJ/soBT9zh6dK7BT03BVItqlRiRuzSG5wSE/WRLNmcbJW5rx/KGnUY/vQd96 HaPCbONFvc7R7KhiRAk2cgD17N8CH0TOH3waR9142R+0Y/KV+IBzDYq3hKu/YQcGg0uu 2JcQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=eULCaA7E; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e46si1914946eda.401.2019.10.03.10.18.49; Thu, 03 Oct 2019 10:19:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=eULCaA7E; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390588AbfJCRRV (ORCPT + 99 others); Thu, 3 Oct 2019 13:17:21 -0400 Received: from mail.kernel.org ([198.145.29.99]:51602 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390373AbfJCQWr (ORCPT ); Thu, 3 Oct 2019 12:22:47 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 321E0215EA; Thu, 3 Oct 2019 16:22:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1570119766; bh=czvX1wbkCejc6EHOLQVri//U8JXIKpvlnKwm/gt/y24=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=eULCaA7EabYZazFhFsGDK/DfolhGZrIAfnxbANKncX8bFGYFcFSpe2GHh5XxtjR4c MbdSjWhGkrbn+5z36zOnru9mfLYgb6oYB4YocFETf2ZDUHVtIxa1Pso+wCq59uHMGe VmFvdRk1fntHWqmQe8lCXFLrsFw91JY5YOSCOEG0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Michal Hocko , Thomas Lindroth , Johannes Weiner , Vladimir Davydov , Andrey Ryabinin , Shakeel Butt , Andrew Morton , Linus Torvalds , Tetsuo Handa Subject: [PATCH 4.19 184/211] memcg, kmem: do not fail __GFP_NOFAIL charges Date: Thu, 3 Oct 2019 17:54:10 +0200 Message-Id: <20191003154527.764396117@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191003154447.010950442@linuxfoundation.org> References: <20191003154447.010950442@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Michal Hocko commit e55d9d9bfb69405bd7615c0f8d229d8fafb3e9b8 upstream. Thomas has noticed the following NULL ptr dereference when using cgroup v1 kmem limit: BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 16923 Comm: gtk-update-icon Not tainted 4.19.51 #42 Hardware name: Gigabyte Technology Co., Ltd. Z97X-Gaming G1/Z97X-Gaming G1, BIOS F9 07/31/2015 RIP: 0010:create_empty_buffers+0x24/0x100 Code: cd 0f 1f 44 00 00 0f 1f 44 00 00 41 54 49 89 d4 ba 01 00 00 00 55 53 48 89 fb e8 97 fe ff ff 48 89 c5 48 89 c2 eb 03 48 89 ca <48> 8b 4a 08 4c 09 22 48 85 c9 75 f1 48 89 6a 08 48 8b 43 18 48 8d RSP: 0018:ffff927ac1b37bf8 EFLAGS: 00010286 RAX: 0000000000000000 RBX: fffff2d4429fd740 RCX: 0000000100097149 RDX: 0000000000000000 RSI: 0000000000000082 RDI: ffff9075a99fbe00 RBP: 0000000000000000 R08: fffff2d440949cc8 R09: 00000000000960c0 R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000000 R13: ffff907601f18360 R14: 0000000000002000 R15: 0000000000001000 FS: 00007fb55b288bc0(0000) GS:ffff90761f8c0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 000000007aebc002 CR4: 00000000001606e0 Call Trace: create_page_buffers+0x4d/0x60 __block_write_begin_int+0x8e/0x5a0 ? ext4_inode_attach_jinode.part.82+0xb0/0xb0 ? jbd2__journal_start+0xd7/0x1f0 ext4_da_write_begin+0x112/0x3d0 generic_perform_write+0xf1/0x1b0 ? file_update_time+0x70/0x140 __generic_file_write_iter+0x141/0x1a0 ext4_file_write_iter+0xef/0x3b0 __vfs_write+0x17e/0x1e0 vfs_write+0xa5/0x1a0 ksys_write+0x57/0xd0 do_syscall_64+0x55/0x160 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Tetsuo then noticed that this is because the __memcg_kmem_charge_memcg fails __GFP_NOFAIL charge when the kmem limit is reached. This is a wrong behavior because nofail allocations are not allowed to fail. Normal charge path simply forces the charge even if that means to cross the limit. Kmem accounting should be doing the same. Link: http://lkml.kernel.org/r/20190906125608.32129-1-mhocko@kernel.org Signed-off-by: Michal Hocko Reported-by: Thomas Lindroth Debugged-by: Tetsuo Handa Cc: Johannes Weiner Cc: Vladimir Davydov Cc: Andrey Ryabinin Cc: Thomas Lindroth Cc: Shakeel Butt Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- mm/memcontrol.c | 10 ++++++++++ 1 file changed, 10 insertions(+) --- a/mm/memcontrol.c +++ b/mm/memcontrol.c @@ -2637,6 +2637,16 @@ int memcg_kmem_charge_memcg(struct page if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) && !page_counter_try_charge(&memcg->kmem, nr_pages, &counter)) { + + /* + * Enforce __GFP_NOFAIL allocation because callers are not + * prepared to see failures and likely do not have any failure + * handling code. + */ + if (gfp & __GFP_NOFAIL) { + page_counter_charge(&memcg->kmem, nr_pages); + return 0; + } cancel_charge(memcg, nr_pages); return -ENOMEM; }