lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 14 Sep 2011 16:55:19 +0800
From:	Shaohua Li <shaohua.li@...el.com>
To:	Eric Dumazet <eric.dumazet@...il.com>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Hugh Dickins <hughd@...gle.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel <linux-kernel@...r.kernel.org>,
	Rik van Riel <riel@...hat.com>
Subject: Re: [BUG] infinite loop in find_get_pages()

On Wed, 2011-09-14 at 16:43 +0800, Eric Dumazet wrote:
> Le mercredi 14 septembre 2011 à 16:20 +0800, Shaohua Li a écrit :
> > 2011/9/14 Shaohua Li <shli@...nel.org>:
> > > it appears we didn't account skipped swap entry in find_get_pages().
> > > does the attached patch help?
> > I can easily reproduce the issue. Just cp files in tmpfs, trigger swap and
> > drop caches. The debug patch fixes it at my side.
> > Eric, please try it.
> > 
> 
> Hello Shaohua
> 
> I tried it with added traces :
> 
> 
> [  277.077855] mv used greatest stack depth: 3336 bytes left
> [  310.558012] nr_found=2 nr_skip=2
> [  310.558139] nr_found=14 nr_skip=14
> [  332.195162] nr_found=2 nr_skip=2
> [  332.195274] nr_found=14 nr_skip=14
> [  352.315273] nr_found=14 nr_skip=14
> [  372.673575] nr_found=14 nr_skip=14
> [  397.115463] nr_found=14 nr_skip=14
> [  403.391694] cc1 used greatest stack depth: 3184 bytes left
> [  404.761194] cc1 used greatest stack depth: 2640 bytes left
> [  417.306510] nr_found=14 nr_skip=14
> [  440.198051] nr_found=14 nr_skip=14
> 
> I also used :
> 
> -	if (unlikely(!ret && nr_found))
> +	if (unlikely(!ret && nr_found > nr_skip))
>  		goto restart;
nr_found > nr_skip is better

> It seems to fix the bug. I suspect it also aborts
> invalidate_mapping_pages() if we skip 14 pages, but existing comment
> states its OK :
> 
>         /*
>          * Note: this function may get called on a shmem/tmpfs mapping:
>          * pagevec_lookup() might then return 0 prematurely (because it
>          * got a gangful of swap entries); but it's hardly worth worrying
>          * about - it can rarely have anything to free from such a mapping
>          * (most pages are dirty), and already skips over any difficulties.
>          */
that might be a problem, let Hugh answer if it is.

Thanks,
Shaohua

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ