lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <nycvar.YSQ.7.76.1711191525450.16045@knanqh.ubzr>
Date:   Sun, 19 Nov 2017 15:36:36 -0500 (EST)
From:   Nicolas Pitre <nicolas.pitre@...aro.org>
To:     Guenter Roeck <linux@...ck-us.net>
cc:     Tejun Heo <tj@...nel.org>, Christoph Lameter <cl@...ux.com>,
        linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        Mikael Starvik <starvik@...s.com>,
        Jesper Nilsson <jesper.nilsson@...s.com>,
        linux-cris-kernel@...s.com
Subject: Re: mm/percpu.c: use smarter memory allocation for struct pcpu_alloc_info
 (crisv32 hang)

On Sat, 18 Nov 2017, Guenter Roeck wrote:

> Hi,
> 
> On Tue, Oct 03, 2017 at 06:29:49PM -0400, Nicolas Pitre wrote:
> > On Tue, 3 Oct 2017, Tejun Heo wrote:
> > 
> > > On Tue, Oct 03, 2017 at 04:57:44PM -0400, Nicolas Pitre wrote:
> > > > This can be much smaller than a page on very small memory systems. 
> > > > Always rounding up the size to a page is wasteful in that case, and 
> > > > required alignment is smaller than the memblock default. Let's round 
> > > > things up to a page size only when the actual size is >= page size, and 
> > > > then it makes sense to page-align for a nicer allocation pattern.
> > > 
> > > Isn't that a temporary area which gets freed later during boot?
> > 
> > Hmmm...
> > 
> > It may get freed through 3 different paths where 2 of them are error 
> > paths. What looks like a non-error path is in pcpu_embed_first_chunk() 
> > called from setup_per_cpu_areas(). But there are two versions of 
> > setup_per_cpu_areas(): one for SMP and one for !SMP. And the !SMP case 
> > never calls pcpu_free_alloc_info() currently.
> > 
> > I'm not sure i understand that code fully, but maybe the following patch 
> > could be a better fit:
> > 
> > ----- >8
> > Subject: [PATCH] percpu: don't forget to free the temporary struct pcpu_alloc_info
> > 
> > Unlike the SMP case, the !SMP case does not free the memory for struct 
> > pcpu_alloc_info allocated in setup_per_cpu_areas(). And to give it a 
> > chance of being reused by the page allocator later, align it to a page 
> > boundary just like its size.
> > 
> > Signed-off-by: Nicolas Pitre <nico@...aro.org>
> 
> This patch causes my crisv32 qemu emulation to hang with no console output.
> 
> > 
> > diff --git a/mm/percpu.c b/mm/percpu.c
> > index 434844415d..caab63375b 100644
> > --- a/mm/percpu.c
> > +++ b/mm/percpu.c
> > @@ -1416,7 +1416,7 @@ struct pcpu_alloc_info * __init pcpu_alloc_alloc_info(int nr_groups,
> >  			  __alignof__(ai->groups[0].cpu_map[0]));
> >  	ai_size = base_size + nr_units * sizeof(ai->groups[0].cpu_map[0]);
> >  
> > -	ptr = memblock_virt_alloc_nopanic(PFN_ALIGN(ai_size), 0);
> > +	ptr = memblock_virt_alloc_nopanic(PFN_ALIGN(ai_size), PAGE_SIZE);
> >  	if (!ptr)
> >  		return NULL;
> >  	ai = ptr;
> > @@ -2295,6 +2295,7 @@ void __init setup_per_cpu_areas(void)
> >  
> >  	if (pcpu_setup_first_chunk(ai, fc) < 0)
> >  		panic("Failed to initialize percpu areas.");
> > +	pcpu_free_alloc_info(ai);
> 
> This is the culprit. Everything works fine if I remove this line.

Without this line, the memory at the ai pointer is leaked. Maybe this is 
modifying the memory allocation pattern and that triggers a bug later on 
in your case.

At that point the console driver is not yet initialized and any error 
message won't be printed. You should enable the early console mechanism 
in your kernel (see arch/cris/arch-v32/kernel/debugport.c) and see what 
that might tell you.


Nicolas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ