APPLIED/cmnt: [B][C][SRU][PATCH 0/1] z3fold: fix possible reclaim races

Kleber Souza kleber.souza at canonical.com
Tue Apr 23 15:38:15 UTC 2019 

On 4/17/19 5:30 AM, Po-Hsu Lin wrote:
> https://bugs.launchpad.net/bugs/1814874
> 
> == Justification ==
> When using z3fold and zswap on a VM under overcommitted memory stress,
> z3fold will complains about an "unknown buddy id 0" and fail to get a
> pointer to the mapped allocation in z3fold_map().
> 
>  z3fold: unknown buddy id 0
>  WARNING: CPU: 2 PID: 1584 at mm/z3fold.c:971 z3fold_zpool_map+0xce/0x100 [z3fold]
> 
> And it will leads to a null pointer dereference in zswap
> 
>  BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
>  PGD 0 P4D 0
>  Oops: 0000 [#1] SMP PTI
>  CPU: 2 PID: 1584 Comm: stress Tainted: G        W         4.18.0-17-generic #18-Ubuntu
>  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.1-1ubuntu1 04/01/2014
>  RIP: 0010:zswap_writeback_entry+0x4d/0x360
> 
> == Fix ==
> ca0246bb (z3fold: fix possible reclaim races)
> 
> This patch has already in Disco, and can be cherry-picked into B/C.
> Not needed for Xenial and older kernels as z3fold is not supported.
> 
> == Test ==
> Test kernels for Bionic / Cosmic could be found here:
> http://people.canonical.com/~phlin/kernel/lp-1814874-z3fold-zswap/Bionic/
> http://people.canonical.com/~phlin/kernel/lp-1814874-z3fold-zswap/Cosmic/
> 
> This issue can be reproduced easily in a KVM with the following setup:
>  * 8G disk, 4G RAM, 4 CPUs
>  * 1G swap
>  * "zswap.enabled=1 zswap.zpool=z3fold zswap.max_pool_percent=7" added to grub
>  * "z3fold" module added into /etc/initramfs-tools/modules
> 
> Stress it with two childs running:
>  * stress --vm-bytes 512M --vm 4 --vm-hang 3
>  * stress --vm-bytes 512M --vm 4 --vm-hang 7
> 
> The VM is expected to crash within 5 minutes.
> 
> With the patched kernel, the VM can withstand this stress for over an
> hour with crashing with this issue
> 
> == Regression potential ==
> Small.
> 
> Fix limited to z3fold. User needs to enable it explicitly for this
> feature.
> 
> 
> Vitaly Wool (1):
>   z3fold: fix possible reclaim races
> 
>  mm/z3fold.c | 101 +++++++++++++++++++++++++++++++++++++-----------------------
>  1 file changed, 62 insertions(+), 39 deletions(-)
> 

Applied to bionic/master-next and cosmic/master-next branches,
with the "BugLink" keyword added.

Thanks,
Kleber

More information about the kernel-team mailing list