lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1203473339.3248.45.camel@ymzhang>
Date:	Wed, 20 Feb 2008 10:08:59 +0800
From:	"Zhang, Yanmin" <yanmin_zhang@...ux.intel.com>
To:	Pekka Enberg <penberg@...helsinki.fi>
Cc:	Ingo Molnar <mingo@...e.hu>,
	Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca>,
	Torsten Kaiser <just.for.lkml@...glemail.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Christoph Lameter <clameter@....com>
Subject: Re: Linux 2.6.25-rc2

On Wed, 2008-02-20 at 08:36 +0800, Zhang, Yanmin wrote:
> On Tue, 2008-02-19 at 17:52 +0200, Pekka Enberg wrote:
> > Ingo Molnar wrote:
> > > * Pekka Enberg <penberg@...helsinki.fi> wrote:
> > > 
> > >>> Yes, this can happen. Are you saying it is not safe to be in the 
> > >>> lockless path when an IRQ triggers?
> > >> Hmm. The barrier() in slab_free() looks fishy. The comment says it's 
> > >> there to make sure we've retrieved c->freelist before c->page but then 
> > >> it uses a _compiler barrier_ which doesn't affect the CPU and the 
> > >> reads may still be re-ordered... Not sure if that matters here though.
> > > 
> > > find a fix patch for that below - most systems affected seem to be SMP 
> > > ones.
> > > 
> > > If this (or my other patch) indeed solves the problem i'd still favor a 
> > > full revert of the SLUB_FASTPATH (commit 1f84260c8ce3b1ce26d4), it looks 
> > > quite un-cooked and quite un-tested for multiple independent reasons.
> > > 
> > > Sigh, why do i again have to be the messenger who brings the bad news to 
> > > SLUB land, and again when poor Christoph went on vacation? :-/
> > > 
> > > 	Ingo
> > > 
> > > -------------------------->
> > > Subject: SLUB: barrier fix
> > > From: Ingo Molnar <mingo@...e.hu>
> > > 
> > > ---
> > >  mm/slub.c |    2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > Index: linux/mm/slub.c
> > > ===================================================================
> > > --- linux.orig/mm/slub.c
> > > +++ linux/mm/slub.c
> > > @@ -1862,7 +1862,7 @@ static __always_inline void slab_free(st
> > >  	debug_check_no_locks_freed(object, s->objsize);
> > >  	do {
> > >  		freelist = c->freelist;
> > > -		barrier();
> > > +		smp_mb();
> > >  		/*
> > >  		 * If the compiler would reorder the retrieval of c->page to
> > >  		 * come before c->freelist then an interrupt could
> > 
> > Torsten/Yamin, does this fix things for you? What about reverting commit 
> > 1f84260c8ce3b1ce26d4c1d6dedc2f33a3a29c0c ("SLUB: Alternate fast paths 
> > using cmpxchg_local")?
> I'm busy in another issue and will test it ASAP. Sorry.
I tested it on my 3 x86-64 machines. The small fix to use smp_mb to replace
barrier in slab_free doesn't work. Kernel still crashed at the same place.

I will test the reverting patch.

-yanmin


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ