lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4BD05900.7040203@cn.fujitsu.com>
Date:	Thu, 22 Apr 2010 22:11:12 +0800
From:	Miao Xie <miaox@...fujitsu.com>
To:	David Rientjes <rientjes@...gle.com>,
	Nick Piggin <npiggin@...e.de>, Paul Menage <menage@...gle.com>,
	Lee Schermerhorn <lee.schermerhorn@...com>
CC:	Andrew Morton <akpm@...ux-foundation.org>,
	Linux-Kernel <linux-kernel@...r.kernel.org>,
	Linux-MM <linux-mm@...ck.org>
Subject: [PATCH 0/2] fix oom happening when changing cpuset'mems(was: [regression]
 cpuset,mm: update tasks' mems_allowed in time (58568d2))

Nick Piggin reported that the allocator may see an empty nodemask when
changing cpuset's mems.

The problem is that:
Cpuset updates task->mems_allowed and mempolicy by setting all new bits
in the nodemask first, and clearing all old unallowed bits later.
But the allocator may load a word of the mask before setting all new bits
and then load another word of the mask after clearing all old unallowed
bits, in this way, the allocator sees an empty nodemask.

It happens only on the kernel that do not do atomic nodemask_t stores.
(MAX_NUMNODES > BITS_PER_LONG)

But I found that there is also a problem on the kernel that can do atomic
nodemask_t stores. The problem is that the allocator can't find a node to
alloc page when changing cpuset's mems though there is a lot of free memory.

I can use the attached program reproduce it by the following step:
# mkdir /dev/cpuset
# mount -t cpuset cpuset /dev/cpuset
# mkdir /dev/cpuset/1
# echo `cat /dev/cpuset/cpus` > /dev/cpuset/1/cpus
# echo `cat /dev/cpuset/mems` > /dev/cpuset/1/mems
# echo $$ > /dev/cpuset/1/tasks
# numactl --membind=`cat /dev/cpuset/mems` ./cpuset_mem_hog <nr_tasks> &
   <nr_tasks> = max(nr_cpus - 1, 1)
# killall -s SIGUSR1 cpuset_mem_hog
# ./change_mems.sh

several hours later, oom will happen though there is a lot of free memory.

The problem is following:
	task1					task2
	mmap()				mems=1
	  Can alloc page on node0? NO	mems=1
					mems=0	change mems from 1 to 0
					mems=0-1  set all new bits
					mems=0	  clear all disallowed bits
	  Can alloc page on node1? NO	mems=0
	  ...
	can't alloc page
	  goto oom

this patchset fixes those problems.

Thanks
Miao

Download attachment "reproduce_prog.tar.gz" of type "application/gzip" (1190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ