lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 27 Feb 2013 16:11:32 -0500
From:	Josef Bacik <josef@...icpanda.com>
To:	Ahmet Inan <ainan@...hematik.uni-freiburg.de>
Cc:	Josef Bacik <jbacik@...ionio.com>, Dave Jones <davej@...hat.com>,
	Linux Kernel <linux-kernel@...r.kernel.org>,
	"linux-btrfs@...r.kernel.org" <linux-btrfs@...r.kernel.org>
Subject: Re: btrfs crash when low on memory.

On Wed, Feb 27, 2013 at 3:10 PM, Ahmet Inan
<ainan@...hematik.uni-freiburg.de> wrote:
> On Wed, Feb 27, 2013 at 7:26 PM, Josef Bacik <jbacik@...ionio.com> wrote:
>> On Wed, Feb 27, 2013 at 07:31:11AM -0700, Ahmet Inan wrote:
>>> > Yeah we have a lot of
>>> >
>>> > ptr = kmalloc();
>>> > BUG_ON(ptr);
>>> >
>>> > everywhere.  I'll fix this one up but I really need to sit down and go through
>>> > all of them and make sure we do the right thing in all these places.  Thanks,
>>>
>>> But what would be the right thing to do when you got no memory?
>>> Spinlock until you can kmalloc? Pre-reserve some memory?
>>>
>>
>> Return ENOMEM?  We have a way to abort transactions now, if it's in a horrible
>> of enough spot we can just abort the transaction and let the user deal with the
>> aftermath, it's nicer than panicing.  Thanks,
>
> youre right. i am only afraid of silent corruption of data on aborts:
> our guys here trigger OOM all the time with their compilers and
> numerical codes (go figure).
> and until now we had no more aborts / panics because of
> "vm.min_free_kbytes = 65536" and thus no corruption.
>
> my point is:
> i like a freezing computer more than an corrupting computer, even if
> its a server. reboot to the rescue.
>

If we're corrupting on abort that is a bug too that needs to be fixed
too.  I've banged on the abort stuff a lot recently when trying to
make it not panic the box and it appears to work fine.  Obviously that
kind of stuff needs to be tested as well, but so far I haven't seen
abort corrupt the file system.  Thanks,

Josef
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ