Re: [PATCH] zram: Fix unbalanced idr management at hot removal
A correction, On (11/22/16 10:09), Sergey Senozhatsky wrote: [..] > > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > > > Reported-and-tested-by: David Disseldorp> > > Reviewed-by: David Disseldorp > > > Cc: > > > Signed-off-by: Takashi Iwai > > > > Acked-by: Minchan Kim > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > Cc: [4.5+] 4.4+ > Acked-by: Sergey Senozhatsky but somehow I didn't notice that Takashi Cc'd stable in the original patch. so mine can be dropped. -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
A correction, On (11/22/16 10:09), Sergey Senozhatsky wrote: [..] > > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > > > Reported-and-tested-by: David Disseldorp > > > Reviewed-by: David Disseldorp > > > Cc: > > > Signed-off-by: Takashi Iwai > > > > Acked-by: Minchan Kim > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > Cc: [4.5+] 4.4+ > Acked-by: Sergey Senozhatsky but somehow I didn't notice that Takashi Cc'd stable in the original patch. so mine can be dropped. -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On Tue, 22 Nov 2016 02:39:13 +0100, Sergey Senozhatsky wrote: > > On (11/22/16 10:33), Minchan Kim wrote: > > On Tue, Nov 22, 2016 at 10:28:12AM +0900, Sergey Senozhatsky wrote: > > > On (11/22/16 10:22), Minchan Kim wrote: > > > [..] > > > > > > Acked-by: Minchan Kim> > > > > > > > > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > > > > > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from > > > > > zram_remove()") > > > > > Cc: [4.5+] > > > > > > > > 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as > > > > 4.2+. > > > > > > well, no objections. except that the patch in question was > > > not picked up -stable > > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.2#n1365 > > > > > > the change appears starting from 4.5 > > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.5#n1371 > > > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.4.34#n1370 > > oh, ok. good find. 4.4+ then? there are no affected stable/longterm > kernels older than 4.4.x anyway (4.1 lts has no dynamic zram management). Right, at least, 4.4.x hits the issue (actually the original bug report was for 4.4.x). thanks, Takashi
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On Tue, 22 Nov 2016 02:39:13 +0100, Sergey Senozhatsky wrote: > > On (11/22/16 10:33), Minchan Kim wrote: > > On Tue, Nov 22, 2016 at 10:28:12AM +0900, Sergey Senozhatsky wrote: > > > On (11/22/16 10:22), Minchan Kim wrote: > > > [..] > > > > > > Acked-by: Minchan Kim > > > > > > > > > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > > > > > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from > > > > > zram_remove()") > > > > > Cc: [4.5+] > > > > > > > > 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as > > > > 4.2+. > > > > > > well, no objections. except that the patch in question was > > > not picked up -stable > > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.2#n1365 > > > > > > the change appears starting from 4.5 > > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.5#n1371 > > > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.4.34#n1370 > > oh, ok. good find. 4.4+ then? there are no affected stable/longterm > kernels older than 4.4.x anyway (4.1 lts has no dynamic zram management). Right, at least, 4.4.x hits the issue (actually the original bug report was for 4.4.x). thanks, Takashi
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On (11/22/16 10:33), Minchan Kim wrote: > On Tue, Nov 22, 2016 at 10:28:12AM +0900, Sergey Senozhatsky wrote: > > On (11/22/16 10:22), Minchan Kim wrote: > > [..] > > > > > Acked-by: Minchan Kim> > > > > > > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > > > > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > > > > Cc: [4.5+] > > > > > > 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as > > > 4.2+. > > > > well, no objections. except that the patch in question was > > not picked up -stable > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.2#n1365 > > > > the change appears starting from 4.5 > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.5#n1371 > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.4.34#n1370 oh, ok. good find. 4.4+ then? there are no affected stable/longterm kernels older than 4.4.x anyway (4.1 lts has no dynamic zram management). -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On (11/22/16 10:33), Minchan Kim wrote: > On Tue, Nov 22, 2016 at 10:28:12AM +0900, Sergey Senozhatsky wrote: > > On (11/22/16 10:22), Minchan Kim wrote: > > [..] > > > > > Acked-by: Minchan Kim > > > > > > > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > > > > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > > > > Cc: [4.5+] > > > > > > 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as > > > 4.2+. > > > > well, no objections. except that the patch in question was > > not picked up -stable > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.2#n1365 > > > > the change appears starting from 4.5 > > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.5#n1371 > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.4.34#n1370 oh, ok. good find. 4.4+ then? there are no affected stable/longterm kernels older than 4.4.x anyway (4.1 lts has no dynamic zram management). -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On Tue, Nov 22, 2016 at 10:28:12AM +0900, Sergey Senozhatsky wrote: > On (11/22/16 10:22), Minchan Kim wrote: > [..] > > > > Acked-by: Minchan Kim> > > > > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > > > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > > > Cc: [4.5+] > > > > 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as > > 4.2+. > > well, no objections. except that the patch in question was > not picked up -stable > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.2#n1365 > > the change appears starting from 4.5 > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.5#n1371 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.4.34#n1370
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On Tue, Nov 22, 2016 at 10:28:12AM +0900, Sergey Senozhatsky wrote: > On (11/22/16 10:22), Minchan Kim wrote: > [..] > > > > Acked-by: Minchan Kim > > > > > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > > > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > > > Cc: [4.5+] > > > > 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as > > 4.2+. > > well, no objections. except that the patch in question was > not picked up -stable > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.2#n1365 > > the change appears starting from 4.5 > https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.5#n1371 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.4.34#n1370
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On (11/22/16 10:22), Minchan Kim wrote: [..] > > > Acked-by: Minchan Kim> > > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > > Cc: [4.5+] > > 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as > 4.2+. well, no objections. except that the patch in question was not picked up -stable https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.2#n1365 the change appears starting from 4.5 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.5#n1371 -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On (11/22/16 10:22), Minchan Kim wrote: [..] > > > Acked-by: Minchan Kim > > > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > > Cc: [4.5+] > > 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as > 4.2+. well, no objections. except that the patch in question was not picked up -stable https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.2#n1365 the change appears starting from 4.5 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/drivers/block/zram/zram_drv.c?id=refs/tags/v4.5#n1371 -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
Hi Sergey, On Tue, Nov 22, 2016 at 10:09:30AM +0900, Sergey Senozhatsky wrote: > Cc Andrew > > On (11/22/16 09:11), Minchan Kim wrote: > [..] > > > This patch adds the proper error check in hot_remove_store() not to > > > call idr_remove() unconditionally. > > > > > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > > > Reported-and-tested-by: David Disseldorp> > > Reviewed-by: David Disseldorp > > > Cc: > > > Signed-off-by: Takashi Iwai > > > > Acked-by: Minchan Kim > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > Cc: [4.5+] 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as 4.2+. Thanks. > > Acked-by: Sergey Senozhatsky > > -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
Hi Sergey, On Tue, Nov 22, 2016 at 10:09:30AM +0900, Sergey Senozhatsky wrote: > Cc Andrew > > On (11/22/16 09:11), Minchan Kim wrote: > [..] > > > This patch adds the proper error check in hot_remove_store() not to > > > call idr_remove() unconditionally. > > > > > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > > > Reported-and-tested-by: David Disseldorp > > > Reviewed-by: David Disseldorp > > > Cc: > > > Signed-off-by: Takashi Iwai > > > > Acked-by: Minchan Kim > > Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de > Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") > Cc: [4.5+] 17ec4cd98578 marked as stable: [4.2+] so we should mark this patch as 4.2+. Thanks. > > Acked-by: Sergey Senozhatsky > > -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
Cc Andrew On (11/22/16 09:11), Minchan Kim wrote: [..] > > This patch adds the proper error check in hot_remove_store() not to > > call idr_remove() unconditionally. > > > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > > Reported-and-tested-by: David Disseldorp> > Reviewed-by: David Disseldorp > > Cc: > > Signed-off-by: Takashi Iwai > Acked-by: Minchan Kim Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") Cc: [4.5+] Acked-by: Sergey Senozhatsky -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
Cc Andrew On (11/22/16 09:11), Minchan Kim wrote: [..] > > This patch adds the proper error check in hot_remove_store() not to > > call idr_remove() unconditionally. > > > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > > Reported-and-tested-by: David Disseldorp > > Reviewed-by: David Disseldorp > > Cc: > > Signed-off-by: Takashi Iwai > Acked-by: Minchan Kim Link: lkml.kernel.org/r/20161121132140.12683-1-ti...@suse.de Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") Cc: [4.5+] Acked-by: Sergey Senozhatsky -ss
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On Mon, Nov 21, 2016 at 02:21:40PM +0100, Takashi Iwai wrote: > The zram hot removal code calls idr_remove() even when zram_remove() > returns an error (typically -EBUSY). This results in a leftover at > the device release, eventually leading to a crash when the module is > reloaded. > > As described in the bug report below, the following procedure would > cause an Oops with zram: > > - provision three zram devices via modprobe zram num_devices=3 > - configure a size for each device > + echo "1G" > /sys/block/$zram_name/disksize > - mkfs and mount zram0 only > - attempt to hot remove all three devices > + echo 2 > /sys/class/zram-control/hot_remove > + echo 1 > /sys/class/zram-control/hot_remove > + echo 0 > /sys/class/zram-control/hot_remove > - zram0 removal fails with EBUSY, as expected > - unmount zram0 > - try zram0 hot remove again > + echo 0 > /sys/class/zram-control/hot_remove > - fails with ENODEV (unexpected) > - unload zram kernel module > + completes successfully > - zram0 device node still exists > - attempt to mount /dev/zram0 > + mount command is killed > + following BUG is encountered > > BUG: unable to handle kernel paging request at a0002ba0 > IP: [] get_disk+0x16/0x50 > Oops: [#1] SMP > CPU: 0 PID: 252 Comm: mount Not tainted 4.9.0-rc6 #176 > task: 88001a9f2800 task.stack: c930 > RIP: 0010:[] [] get_disk+0x16/0x50 > Call Trace: > [] exact_lock+0xc/0x20 > [] kobj_lookup+0xdc/0x160 > [] ? disk_map_sector_rcu+0x70/0x70 > [] ? blkdev_get_by_dev+0x50/0x50 > [] get_gendisk+0x2f/0x110 > [] ? blkdev_get_by_dev+0x50/0x50 > [] __blkdev_get+0x10c/0x3c0 > [] ? blkdev_get_by_dev+0x50/0x50 > [] blkdev_get+0x19d/0x2e0 > [] ? blkdev_get_by_dev+0x50/0x50 > [] blkdev_open+0x56/0x70 > [] do_dentry_open.isra.19+0x1ff/0x310 > [] vfs_open+0x43/0x60 > [] path_openat+0x2c9/0xf30 > [] ? __save_stack_trace+0x40/0xd0 > [] do_filp_open+0x79/0xd0 > [] ? kmemleak_alloc+0x49/0xa0 > [] do_sys_open+0x114/0x1e0 > [] SyS_open+0x19/0x20 > [] entry_SYSCALL_64_fastpath+0x13/0x94 > > This patch adds the proper error check in hot_remove_store() not to > call idr_remove() unconditionally. > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > Reported-and-tested-by: David Disseldorp> Reviewed-by: David Disseldorp > Cc: > Signed-off-by: Takashi Iwai Acked-by: Minchan Kim Thanks!
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On Mon, Nov 21, 2016 at 02:21:40PM +0100, Takashi Iwai wrote: > The zram hot removal code calls idr_remove() even when zram_remove() > returns an error (typically -EBUSY). This results in a leftover at > the device release, eventually leading to a crash when the module is > reloaded. > > As described in the bug report below, the following procedure would > cause an Oops with zram: > > - provision three zram devices via modprobe zram num_devices=3 > - configure a size for each device > + echo "1G" > /sys/block/$zram_name/disksize > - mkfs and mount zram0 only > - attempt to hot remove all three devices > + echo 2 > /sys/class/zram-control/hot_remove > + echo 1 > /sys/class/zram-control/hot_remove > + echo 0 > /sys/class/zram-control/hot_remove > - zram0 removal fails with EBUSY, as expected > - unmount zram0 > - try zram0 hot remove again > + echo 0 > /sys/class/zram-control/hot_remove > - fails with ENODEV (unexpected) > - unload zram kernel module > + completes successfully > - zram0 device node still exists > - attempt to mount /dev/zram0 > + mount command is killed > + following BUG is encountered > > BUG: unable to handle kernel paging request at a0002ba0 > IP: [] get_disk+0x16/0x50 > Oops: [#1] SMP > CPU: 0 PID: 252 Comm: mount Not tainted 4.9.0-rc6 #176 > task: 88001a9f2800 task.stack: c930 > RIP: 0010:[] [] get_disk+0x16/0x50 > Call Trace: > [] exact_lock+0xc/0x20 > [] kobj_lookup+0xdc/0x160 > [] ? disk_map_sector_rcu+0x70/0x70 > [] ? blkdev_get_by_dev+0x50/0x50 > [] get_gendisk+0x2f/0x110 > [] ? blkdev_get_by_dev+0x50/0x50 > [] __blkdev_get+0x10c/0x3c0 > [] ? blkdev_get_by_dev+0x50/0x50 > [] blkdev_get+0x19d/0x2e0 > [] ? blkdev_get_by_dev+0x50/0x50 > [] blkdev_open+0x56/0x70 > [] do_dentry_open.isra.19+0x1ff/0x310 > [] vfs_open+0x43/0x60 > [] path_openat+0x2c9/0xf30 > [] ? __save_stack_trace+0x40/0xd0 > [] do_filp_open+0x79/0xd0 > [] ? kmemleak_alloc+0x49/0xa0 > [] do_sys_open+0x114/0x1e0 > [] SyS_open+0x19/0x20 > [] entry_SYSCALL_64_fastpath+0x13/0x94 > > This patch adds the proper error check in hot_remove_store() not to > call idr_remove() unconditionally. > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > Reported-and-tested-by: David Disseldorp > Reviewed-by: David Disseldorp > Cc: > Signed-off-by: Takashi Iwai Acked-by: Minchan Kim Thanks!
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On Mon, 21 Nov 2016 14:21:40 +0100, Takashi Iwai wrote: > > The zram hot removal code calls idr_remove() even when zram_remove() > returns an error (typically -EBUSY). This results in a leftover at > the device release, eventually leading to a crash when the module is > reloaded. > > As described in the bug report below, the following procedure would > cause an Oops with zram: > > - provision three zram devices via modprobe zram num_devices=3 > - configure a size for each device > + echo "1G" > /sys/block/$zram_name/disksize > - mkfs and mount zram0 only > - attempt to hot remove all three devices > + echo 2 > /sys/class/zram-control/hot_remove > + echo 1 > /sys/class/zram-control/hot_remove > + echo 0 > /sys/class/zram-control/hot_remove > - zram0 removal fails with EBUSY, as expected > - unmount zram0 > - try zram0 hot remove again > + echo 0 > /sys/class/zram-control/hot_remove > - fails with ENODEV (unexpected) > - unload zram kernel module > + completes successfully > - zram0 device node still exists > - attempt to mount /dev/zram0 > + mount command is killed > + following BUG is encountered > > BUG: unable to handle kernel paging request at a0002ba0 > IP: [] get_disk+0x16/0x50 > Oops: [#1] SMP > CPU: 0 PID: 252 Comm: mount Not tainted 4.9.0-rc6 #176 > task: 88001a9f2800 task.stack: c930 > RIP: 0010:[] [] get_disk+0x16/0x50 > Call Trace: > [] exact_lock+0xc/0x20 > [] kobj_lookup+0xdc/0x160 > [] ? disk_map_sector_rcu+0x70/0x70 > [] ? blkdev_get_by_dev+0x50/0x50 > [] get_gendisk+0x2f/0x110 > [] ? blkdev_get_by_dev+0x50/0x50 > [] __blkdev_get+0x10c/0x3c0 > [] ? blkdev_get_by_dev+0x50/0x50 > [] blkdev_get+0x19d/0x2e0 > [] ? blkdev_get_by_dev+0x50/0x50 > [] blkdev_open+0x56/0x70 > [] do_dentry_open.isra.19+0x1ff/0x310 > [] vfs_open+0x43/0x60 > [] path_openat+0x2c9/0xf30 > [] ? __save_stack_trace+0x40/0xd0 > [] do_filp_open+0x79/0xd0 > [] ? kmemleak_alloc+0x49/0xa0 > [] do_sys_open+0x114/0x1e0 > [] SyS_open+0x19/0x20 > [] entry_SYSCALL_64_fastpath+0x13/0x94 > > This patch adds the proper error check in hot_remove_store() not to > call idr_remove() unconditionally. > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > Reported-and-tested-by: David Disseldorp> Reviewed-by: David Disseldorp > Cc: > Signed-off-by: Takashi Iwai Forgot to add Fixes tag: Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") Takashi > --- > drivers/block/zram/zram_drv.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c > index 04365b17ee67..5163c8f918cb 100644 > --- a/drivers/block/zram/zram_drv.c > +++ b/drivers/block/zram/zram_drv.c > @@ -1403,7 +1403,8 @@ static ssize_t hot_remove_store(struct class *class, > zram = idr_find(_index_idr, dev_id); > if (zram) { > ret = zram_remove(zram); > - idr_remove(_index_idr, dev_id); > + if (!ret) > + idr_remove(_index_idr, dev_id); > } else { > ret = -ENODEV; > } > -- > 2.10.2 >
Re: [PATCH] zram: Fix unbalanced idr management at hot removal
On Mon, 21 Nov 2016 14:21:40 +0100, Takashi Iwai wrote: > > The zram hot removal code calls idr_remove() even when zram_remove() > returns an error (typically -EBUSY). This results in a leftover at > the device release, eventually leading to a crash when the module is > reloaded. > > As described in the bug report below, the following procedure would > cause an Oops with zram: > > - provision three zram devices via modprobe zram num_devices=3 > - configure a size for each device > + echo "1G" > /sys/block/$zram_name/disksize > - mkfs and mount zram0 only > - attempt to hot remove all three devices > + echo 2 > /sys/class/zram-control/hot_remove > + echo 1 > /sys/class/zram-control/hot_remove > + echo 0 > /sys/class/zram-control/hot_remove > - zram0 removal fails with EBUSY, as expected > - unmount zram0 > - try zram0 hot remove again > + echo 0 > /sys/class/zram-control/hot_remove > - fails with ENODEV (unexpected) > - unload zram kernel module > + completes successfully > - zram0 device node still exists > - attempt to mount /dev/zram0 > + mount command is killed > + following BUG is encountered > > BUG: unable to handle kernel paging request at a0002ba0 > IP: [] get_disk+0x16/0x50 > Oops: [#1] SMP > CPU: 0 PID: 252 Comm: mount Not tainted 4.9.0-rc6 #176 > task: 88001a9f2800 task.stack: c930 > RIP: 0010:[] [] get_disk+0x16/0x50 > Call Trace: > [] exact_lock+0xc/0x20 > [] kobj_lookup+0xdc/0x160 > [] ? disk_map_sector_rcu+0x70/0x70 > [] ? blkdev_get_by_dev+0x50/0x50 > [] get_gendisk+0x2f/0x110 > [] ? blkdev_get_by_dev+0x50/0x50 > [] __blkdev_get+0x10c/0x3c0 > [] ? blkdev_get_by_dev+0x50/0x50 > [] blkdev_get+0x19d/0x2e0 > [] ? blkdev_get_by_dev+0x50/0x50 > [] blkdev_open+0x56/0x70 > [] do_dentry_open.isra.19+0x1ff/0x310 > [] vfs_open+0x43/0x60 > [] path_openat+0x2c9/0xf30 > [] ? __save_stack_trace+0x40/0xd0 > [] do_filp_open+0x79/0xd0 > [] ? kmemleak_alloc+0x49/0xa0 > [] do_sys_open+0x114/0x1e0 > [] SyS_open+0x19/0x20 > [] entry_SYSCALL_64_fastpath+0x13/0x94 > > This patch adds the proper error check in hot_remove_store() not to > call idr_remove() unconditionally. > > Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 > Reported-and-tested-by: David Disseldorp > Reviewed-by: David Disseldorp > Cc: > Signed-off-by: Takashi Iwai Forgot to add Fixes tag: Fixes: 17ec4cd98578 ("zram: don't call idr_remove() from zram_remove()") Takashi > --- > drivers/block/zram/zram_drv.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c > index 04365b17ee67..5163c8f918cb 100644 > --- a/drivers/block/zram/zram_drv.c > +++ b/drivers/block/zram/zram_drv.c > @@ -1403,7 +1403,8 @@ static ssize_t hot_remove_store(struct class *class, > zram = idr_find(_index_idr, dev_id); > if (zram) { > ret = zram_remove(zram); > - idr_remove(_index_idr, dev_id); > + if (!ret) > + idr_remove(_index_idr, dev_id); > } else { > ret = -ENODEV; > } > -- > 2.10.2 >
[PATCH] zram: Fix unbalanced idr management at hot removal
The zram hot removal code calls idr_remove() even when zram_remove() returns an error (typically -EBUSY). This results in a leftover at the device release, eventually leading to a crash when the module is reloaded. As described in the bug report below, the following procedure would cause an Oops with zram: - provision three zram devices via modprobe zram num_devices=3 - configure a size for each device + echo "1G" > /sys/block/$zram_name/disksize - mkfs and mount zram0 only - attempt to hot remove all three devices + echo 2 > /sys/class/zram-control/hot_remove + echo 1 > /sys/class/zram-control/hot_remove + echo 0 > /sys/class/zram-control/hot_remove - zram0 removal fails with EBUSY, as expected - unmount zram0 - try zram0 hot remove again + echo 0 > /sys/class/zram-control/hot_remove - fails with ENODEV (unexpected) - unload zram kernel module + completes successfully - zram0 device node still exists - attempt to mount /dev/zram0 + mount command is killed + following BUG is encountered BUG: unable to handle kernel paging request at a0002ba0 IP: [] get_disk+0x16/0x50 Oops: [#1] SMP CPU: 0 PID: 252 Comm: mount Not tainted 4.9.0-rc6 #176 task: 88001a9f2800 task.stack: c930 RIP: 0010:[] [] get_disk+0x16/0x50 Call Trace: [] exact_lock+0xc/0x20 [] kobj_lookup+0xdc/0x160 [] ? disk_map_sector_rcu+0x70/0x70 [] ? blkdev_get_by_dev+0x50/0x50 [] get_gendisk+0x2f/0x110 [] ? blkdev_get_by_dev+0x50/0x50 [] __blkdev_get+0x10c/0x3c0 [] ? blkdev_get_by_dev+0x50/0x50 [] blkdev_get+0x19d/0x2e0 [] ? blkdev_get_by_dev+0x50/0x50 [] blkdev_open+0x56/0x70 [] do_dentry_open.isra.19+0x1ff/0x310 [] vfs_open+0x43/0x60 [] path_openat+0x2c9/0xf30 [] ? __save_stack_trace+0x40/0xd0 [] do_filp_open+0x79/0xd0 [] ? kmemleak_alloc+0x49/0xa0 [] do_sys_open+0x114/0x1e0 [] SyS_open+0x19/0x20 [] entry_SYSCALL_64_fastpath+0x13/0x94 This patch adds the proper error check in hot_remove_store() not to call idr_remove() unconditionally. Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 Reported-and-tested-by: David DisseldorpReviewed-by: David Disseldorp Cc: Signed-off-by: Takashi Iwai --- drivers/block/zram/zram_drv.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c index 04365b17ee67..5163c8f918cb 100644 --- a/drivers/block/zram/zram_drv.c +++ b/drivers/block/zram/zram_drv.c @@ -1403,7 +1403,8 @@ static ssize_t hot_remove_store(struct class *class, zram = idr_find(_index_idr, dev_id); if (zram) { ret = zram_remove(zram); - idr_remove(_index_idr, dev_id); + if (!ret) + idr_remove(_index_idr, dev_id); } else { ret = -ENODEV; } -- 2.10.2
[PATCH] zram: Fix unbalanced idr management at hot removal
The zram hot removal code calls idr_remove() even when zram_remove() returns an error (typically -EBUSY). This results in a leftover at the device release, eventually leading to a crash when the module is reloaded. As described in the bug report below, the following procedure would cause an Oops with zram: - provision three zram devices via modprobe zram num_devices=3 - configure a size for each device + echo "1G" > /sys/block/$zram_name/disksize - mkfs and mount zram0 only - attempt to hot remove all three devices + echo 2 > /sys/class/zram-control/hot_remove + echo 1 > /sys/class/zram-control/hot_remove + echo 0 > /sys/class/zram-control/hot_remove - zram0 removal fails with EBUSY, as expected - unmount zram0 - try zram0 hot remove again + echo 0 > /sys/class/zram-control/hot_remove - fails with ENODEV (unexpected) - unload zram kernel module + completes successfully - zram0 device node still exists - attempt to mount /dev/zram0 + mount command is killed + following BUG is encountered BUG: unable to handle kernel paging request at a0002ba0 IP: [] get_disk+0x16/0x50 Oops: [#1] SMP CPU: 0 PID: 252 Comm: mount Not tainted 4.9.0-rc6 #176 task: 88001a9f2800 task.stack: c930 RIP: 0010:[] [] get_disk+0x16/0x50 Call Trace: [] exact_lock+0xc/0x20 [] kobj_lookup+0xdc/0x160 [] ? disk_map_sector_rcu+0x70/0x70 [] ? blkdev_get_by_dev+0x50/0x50 [] get_gendisk+0x2f/0x110 [] ? blkdev_get_by_dev+0x50/0x50 [] __blkdev_get+0x10c/0x3c0 [] ? blkdev_get_by_dev+0x50/0x50 [] blkdev_get+0x19d/0x2e0 [] ? blkdev_get_by_dev+0x50/0x50 [] blkdev_open+0x56/0x70 [] do_dentry_open.isra.19+0x1ff/0x310 [] vfs_open+0x43/0x60 [] path_openat+0x2c9/0xf30 [] ? __save_stack_trace+0x40/0xd0 [] do_filp_open+0x79/0xd0 [] ? kmemleak_alloc+0x49/0xa0 [] do_sys_open+0x114/0x1e0 [] SyS_open+0x19/0x20 [] entry_SYSCALL_64_fastpath+0x13/0x94 This patch adds the proper error check in hot_remove_store() not to call idr_remove() unconditionally. Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1010970 Reported-and-tested-by: David Disseldorp Reviewed-by: David Disseldorp Cc: Signed-off-by: Takashi Iwai --- drivers/block/zram/zram_drv.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c index 04365b17ee67..5163c8f918cb 100644 --- a/drivers/block/zram/zram_drv.c +++ b/drivers/block/zram/zram_drv.c @@ -1403,7 +1403,8 @@ static ssize_t hot_remove_store(struct class *class, zram = idr_find(_index_idr, dev_id); if (zram) { ret = zram_remove(zram); - idr_remove(_index_idr, dev_id); + if (!ret) + idr_remove(_index_idr, dev_id); } else { ret = -ENODEV; } -- 2.10.2