From patchwork Fri Nov 8 20:44:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qian Cai X-Patchwork-Id: 11235519 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2B0421515 for ; Fri, 8 Nov 2019 20:44:21 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id E31E220674 for ; Fri, 8 Nov 2019 20:44:20 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=lca.pw header.i=@lca.pw header.b="rKeQu1Zi" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E31E220674 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=lca.pw Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 282D26B0003; Fri, 8 Nov 2019 15:44:20 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 234096B0006; Fri, 8 Nov 2019 15:44:20 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 149F56B0007; Fri, 8 Nov 2019 15:44:20 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0153.hostedemail.com [216.40.44.153]) by kanga.kvack.org (Postfix) with ESMTP id 007536B0003 for ; Fri, 8 Nov 2019 15:44:19 -0500 (EST) Received: from smtpin21.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with SMTP id A672F2DFA for ; Fri, 8 Nov 2019 20:44:19 +0000 (UTC) X-FDA: 76134287838.21.rifle39_7d069646b3303 X-Spam-Summary: 2,0,0,b79d6cf194e68249,d41d8cd98f00b204,cai@lca.pw,:akpm@linux-foundation.org:mhocko@suse.com:hannes@cmpxchg.org:guro@fb.com::cgroups@vger.kernel.org:linux-kernel@vger.kernel.org:cai@lca.pw,RULES_HIT:41:355:379:541:800:960:967:973:988:989:1260:1311:1314:1345:1437:1515:1534:1541:1711:1730:1747:1777:1792:2393:2525:2559:2563:2682:2685:2859:2933:2937:2939:2942:2945:2947:2951:2954:3022:3138:3139:3140:3141:3142:3352:3865:3866:3867:3868:3870:3871:3934:3936:3938:3941:3944:3947:3950:3953:3956:3959:4321:4605:5007:6261:6653:7904:8603:8660:8784:8957:9025:9163:10004:11026:11473:11658:11914:12043:12291:12296:12297:12438:12517:12519:12555:12683:12740:12895:12986:13069:13148:13161:13229:13230:13311:13357:13894:14018:14110:14181:14384:14394:14721:21080:21444:21451:21611:21627:21740:21749:21811:30029:30054:30056:30065:30080,0,RBL:209.85.160.196:@lca.pw:.lbl8.mailshell.net-62.14.0.100 66.201.201.201,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:f p,MSBL:0 X-HE-Tag: rifle39_7d069646b3303 X-Filterd-Recvd-Size: 4730 Received: from mail-qt1-f196.google.com (mail-qt1-f196.google.com [209.85.160.196]) by imf42.hostedemail.com (Postfix) with ESMTP for ; Fri, 8 Nov 2019 20:44:19 +0000 (UTC) Received: by mail-qt1-f196.google.com with SMTP id y39so8008143qty.0 for ; Fri, 08 Nov 2019 12:44:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lca.pw; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=+x5g1UVg7HX2xGAQ0OJa7E0znsv6MEg8H6qRGEA46KQ=; b=rKeQu1ZisiH1z4nG/Spx3Hk5NI7OH7ghWVVE4sJnGjupBFTUb0/cXDmc9WqVGLNgsG 9xiS6GWqUeOvlke3Xd8+2imV2vlrx4dxiG5s7/4la0ZDYNCrhcC084LahTpo0+lwN85G K5U6U0mLGthyDy/l6qk4yji+GJEmXY4OaFD527GpqiJy/F83NKDgRM6+NiD9xiaeOa2S JOTXb6/dyb+AcZipK9q1SMW/PGTQ+KV0XtGZB9Nfs/u/0wSc+Sl7Bg1VfBkVE16Qtp7O saY+Ml0JLyAYbZiW/eX2UOIVkAcpv2AQ0O+WSAzhRvqUjpyNVq9oJR6OUGdkXzeWlk7w eYeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=+x5g1UVg7HX2xGAQ0OJa7E0znsv6MEg8H6qRGEA46KQ=; b=lPNnA5Lmfts4QzgtY1nCxywJXfb5RP71M0lDPSldlQ7XwYrI8q6hsHgizVedVBFawv SKn2HwT5iaZCw+XpmW7/YOHbHN7RAHxpNGwTqsBVfQW9Qgh3T2hxIS4mlvK8V3zWkQ0+ SqXjM+E6i8Rn+AjSShNv1XZPe48z9lgMU0ImyUrjJRxfRNfZMAbDxPQaQCBxD9ayjl2m OdQ+88HEEe/rjfswq6UuSsuVQDId3Zmrc6qQ66Z9ouGlxuCnluM3Uxeb4OSBw+OVurIW XvbP5Sn23ysXXYLQ1ZDvOOkvFpsG8/ZRtbB2624Nu0XbVSnZ7Eg+myyIu5wz1U5dZLi5 TLnw== X-Gm-Message-State: APjAAAXpVorl66a9DQLmZKqAso4ZWSTHA0x9Qs6CgxFa7MegnMBgD0W6 R6nII4BU6l2FPWLBGs2BMr+BwQ== X-Google-Smtp-Source: APXvYqw//vDNtVmESgIvld+GVVJAa8OFASSIYuyNEbIaC229uB5fxFRo2kZDfigEVv3+zsL1IKATgw== X-Received: by 2002:ac8:2fda:: with SMTP id m26mr13159952qta.374.1573245858287; Fri, 08 Nov 2019 12:44:18 -0800 (PST) Received: from ovpn-124-239.rdu2.redhat.com (pool-71-184-117-43.bstnma.fios.verizon.net. [71.184.117.43]) by smtp.gmail.com with ESMTPSA id s75sm3602579qke.14.2019.11.08.12.44.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 Nov 2019 12:44:17 -0800 (PST) From: Qian Cai To: akpm@linux-foundation.org Cc: mhocko@suse.com, hannes@cmpxchg.org, guro@fb.com, linux-mm@kvack.org, cgroups@vger.kernel.org, linux-kernel@vger.kernel.org, Qian Cai Subject: [PATCH -next] mm/vmscan: fix an undefined behavior for zone id Date: Fri, 8 Nov 2019 15:44:07 -0500 Message-Id: <20191108204407.1435-1-cai@lca.pw> X-Mailer: git-send-email 2.21.0 (Apple Git-122.2) MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000024, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The -next commit "mm: vmscan: simplify lruvec_lru_size()" [1] introduced an undefined behavior as zone_idx could equal to MAX_NR_ZONES, and then zid is then out of range. [ 5399.483257] LTP: starting mtest01w (mtest01 -p80 -w) [ 5400.245051] ================================================================================ [ 5400.255784] UBSAN: Undefined behaviour in ./include/linux/memcontrol.h:536:26 [ 5400.265235] index 5 is out of range for type 'long unsigned int [5][5]' [ 5400.273925] CPU: 28 PID: 455 Comm: kswapd7 Tainted: G W 5.4.0-rc6-next-20191108 #3 [ 5400.285461] Hardware name: HPE ProLiant DL385 Gen10/ProLiant DL385 Gen10, BIOS A40 07/10/2019 [ 5400.295784] Call Trace: [ 5400.299483] dump_stack+0x7a/0xaa [ 5400.304052] ubsan_epilogue+0x9/0x26 [ 5400.309180] __ubsan_handle_out_of_bounds.cold.13+0x2b/0x36 [ 5400.316192] inactive_list_is_low+0x8bb/0x9f0 [ 5400.321952] balance_pgdat+0x252/0x7d0 [ 5400.327006] kswapd+0x251/0x590 [ 5400.331725] ? finish_wait+0x90/0x90 [ 5400.336574] kthread+0x12a/0x140 [ 5400.341102] ? balance_pgdat+0x7d0/0x7d0 [ 5400.346330] ? kthread_create_worker_on_cpu+0x70/0x70 [ 5400.352810] ret_from_fork+0x27/0x50 [1] https://lore.kernel.org/linux-mm/20191022144803.302233-2-hannes@cmpxchg.org/ Signed-off-by: Qian Cai Acked-by: Chris Down Reported-by: Qian Cai Reported-by: Chris Down Signed-off-by: Johannes Weiner Reported-by: Qian Cai Reported-by: Chris Down Signed-off-by: Johannes Weiner --- mm/vmscan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/vmscan.c b/mm/vmscan.c index d97985262dda..9485b80d6b5b 100644 --- a/mm/vmscan.c +++ b/mm/vmscan.c @@ -317,7 +317,7 @@ unsigned long lruvec_lru_size(struct lruvec *lruvec, enum lru_list lru, int zone unsigned long size = 0; int zid; - for (zid = 0; zid <= zone_idx; zid++) { + for (zid = 0; zid < zone_idx; zid++) { struct zone *zone = &lruvec_pgdat(lruvec)->node_zones[zid]; if (!managed_zone(zone))