lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 10 Aug 2015 10:19:06 -0700
From:	Guenter Roeck <linux@...ck-us.net>
To:	Tejun Heo <tj@...nel.org>
CC:	Christoph Lameter <cl@...ux-foundation.org>, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org, Guan Xuetao <gxt@...c.pku.edu.cn>
Subject: Re: [RFC PATCH] percpu: Prevent endless loop if there is no unallocated
 region (unicore32 bug)

On 08/10/2015 09:36 AM, Tejun Heo wrote:
> Hello,
>
> On Sun, Aug 09, 2015 at 05:17:39AM -0700, Guenter Roeck wrote:
>> Qemu tests with unicore32 show memory management code entering an endless
>> loop in pcpu_alloc(). Bisect points to commit a93ace487a33 ("percpu: move
>> region iterations out of pcpu_[de]populate_chunk()"). Code analysis
>> identifies the following relevant changes.
>>
>> -       rs = page_start;
>> -       pcpu_next_pop(chunk, &rs, &re, page_end);
>> -
>> -       if (rs != page_start || re != page_end) {
>> +       pcpu_for_each_unpop_region(chunk, rs, re, page_start, page_end) {
>>
>> For unicore32, values were page_start==0, page_end==1, rs==0, re==1.
>> This worked fine with the old code. With the new code, however, the loop
>> is always entered. Debugging information added into the loop shows
>> an endless repetition of
>>
>> in loop chunk c5c53100 populated 0xff rs 1 re 2 page start 0 page end 1
>> in loop chunk c5c53100 populated 0xff rs 1 re 2 page start 0 page end 1
>> in loop chunk c5c53100 populated 0xff rs 1 re 2 page start 0 page end 1
>> in loop chunk c5c53100 populated 0xff rs 1 re 2 page start 0 page end 1
>
> That's a bug in the find bit functions in unicore32.  If @offset >=
> @end, it should return @end, not @offset.
>

Yes, your are right, the find next functions in unicore32 are wrong.

Sorry for the noise - I should have checked more closely. Copying the maintainer.

Thanks,
Guenter

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ