lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.64.0701260437090.11888@p34.internal.lan>
Date:	Fri, 26 Jan 2007 04:37:55 -0500 (EST)
From:	Justin Piszcz <jpiszcz@...idpixels.com>
To:	Andrew Morton <akpm@...l.org>
cc:	Chuck Ebbert <cebbert@...hat.com>, linux-kernel@...r.kernel.org,
	linux-raid@...r.kernel.org, xfs@....sgi.com,
	Neil Brown <neilb@...e.de>
Subject: Re: Kernel 2.6.19.2 New RAID 5 Bug (oops when writing Samba -> RAID5)



On Fri, 26 Jan 2007, Andrew Morton wrote:

> On Wed, 24 Jan 2007 18:37:15 -0500 (EST)
> Justin Piszcz <jpiszcz@...idpixels.com> wrote:
> 
> > > Without digging too deeply, I'd say you've hit the same bug Sami Farin and
> > > others
> > > have reported starting with 2.6.19: pages mapped with kmap_atomic() become
> > > unmapped
> > > during memcpy() or similar operations.  Try disabling preempt -- that seems to
> > > be the
> > > common factor.
> > > 
> > > 
> > > -
> > > To unsubscribe from this list: send the line "unsubscribe linux-raid" in
> > > the body of a message to majordomo@...r.kernel.org
> > > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > > 
> > > 
> > 
> > After I run some other tests, I am going to re-run this test and see if it 
> > OOPSes again with PREEMPT off.
> 
> Strange.  The below debug patch might catch it - please run with this
> applied.  
> 
> 
> --- a/arch/i386/mm/highmem.c~kmap_atomic-debugging
> +++ a/arch/i386/mm/highmem.c
> @@ -30,7 +30,43 @@ void *kmap_atomic(struct page *page, enu
>  {
>  	enum fixed_addresses idx;
>  	unsigned long vaddr;
> +	static unsigned warn_count = 10;
>  
> +	if (unlikely(warn_count == 0))
> +		goto skip;
> +
> +	if (unlikely(in_interrupt())) {
> +		if (in_irq()) {
> +			if (type != KM_IRQ0 && type != KM_IRQ1 &&
> +			    type != KM_BIO_SRC_IRQ && type != KM_BIO_DST_IRQ &&
> +			    type != KM_BOUNCE_READ) {
> +				WARN_ON(1);
> +				warn_count--;
> +			}
> +		} else if (!irqs_disabled()) {	/* softirq */
> +			if (type != KM_IRQ0 && type != KM_IRQ1 &&
> +			    type != KM_SOFTIRQ0 && type != KM_SOFTIRQ1 &&
> +			    type != KM_SKB_SUNRPC_DATA &&
> +			    type != KM_SKB_DATA_SOFTIRQ &&
> +			    type != KM_BOUNCE_READ) {
> +				WARN_ON(1);
> +				warn_count--;
> +			}
> +		}
> +	}
> +
> +	if (type == KM_IRQ0 || type == KM_IRQ1 || type == KM_BOUNCE_READ) {
> +		if (!irqs_disabled()) {
> +			WARN_ON(1);
> +			warn_count--;
> +		}
> +	} else if (type == KM_SOFTIRQ0 || type == KM_SOFTIRQ1) {
> +		if (irq_count() == 0 && !irqs_disabled()) {
> +			WARN_ON(1);
> +			warn_count--;
> +		}
> +	}
> +skip:
>  	/* even !CONFIG_PREEMPT needs this, for in_atomic in do_page_fault */
>  	pagefault_disable();
>  	if (!PageHighMem(page))
> _
> 
> 

The RAID5 bug may be hard to trigger, I have only made it happen once so 
far (but only tried it once, don't like locking up the raid :)), I will 
re-run the test after applying this patch.

Justin.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ