lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 24 Sep 2013 10:11:34 +0900
From:	Minchan Kim <minchan@...nel.org>
To:	Weijie Yang <weijie.yang@...sung.com>
Cc:	akpm@...ux-foundation.org, sjenning@...ux.vnet.ibm.com,
	bob.liu@...cle.com, weijie.yang.kh@...il.com, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	d.j.shin@...sung.com, heesub.shin@...sung.com,
	kyungmin.park@...sung.com, hau.chen@...sung.com,
	bifeng.tong@...sung.com, rui.xie@...sung.com
Subject: Re: [PATCH v3 0/3] mm/zswap bugfix: memory leaks and other problems

On Mon, Sep 23, 2013 at 04:19:36PM +0800, Weijie Yang wrote:
> This patch series fix a few bugs in mm/zswap based on Linux-3.11.
> 
> v2 --> v3
> 	- keep GFP_KERNEL flag

Why do you drop this?

It's plain BUG. I read Bob's reply but it couldn't justify to let the pain
remain. First of all, let's fix it and better idea could come later.

> 
> v1 --> v2
> 	- free memory in zswap_frontswap_invalidate_area(in patch 1)
> 	- fix whitespace corruption (line wrapping)
> 	
> Corresponding mail thread: https://lkml.org/lkml/2013/8/18/59
> 
> These issues fixed/optimized are:
> 
>  1. memory leaks when re-swapon
>  
>  2. memory leaks when invalidate and reclaim occur concurrently
>  
>  3. avoid unnecessary page scanning
> 
> 
> Issues discussed in that mail thread NOT fixed as it happens rarely or
> not a big problem or controversial:
> 
>  1. a "theoretical race condition" when reclaim page
> When a handle alloced from zbud, zbud considers this handle is used
> validly by upper(zswap) and can be a candidate for reclaim. But zswap has
> to initialize it such as setting swapentry and adding it to rbtree.
> so there is a race condition, such as:
>  thread 0: obtain handle x from zbud_alloc
>  thread 1: zbud_reclaim_page is called
>  thread 1: callback zswap_writeback_entry to reclaim handle x
>  thread 1: get swpentry from handle x (it is random value now)
>  thread 1: bad thing may happen
>  thread 0: initialize handle x with swapentry
> 
> 2. frontswap_map bitmap not cleared after zswap reclaim
> Frontswap uses frontswap_map bitmap to track page in "backend" implementation,
> when zswap reclaim a page, the corresponding bitmap record is not cleared.
> 
> 3. the potential that zswap store and reclaim functions called recursively
> 
> 
>  mm/zswap.c |   28 ++++++++++++++++++++--------
>  1 file changed, 20 insertions(+), 8 deletions(-)
> 
> --
> To unsubscribe, send a message with 'unsubscribe linux-mm' in
> the body to majordomo@...ck.org.  For more info on Linux MM,
> see: http://www.linux-mm.org/ .
> Don't email: <a href=mailto:"dont@...ck.org"> email@...ck.org </a>

-- 
Kind regards,
Minchan Kim
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ