From: Sergey Senozhatsky <senozhatsky@chromium.org>
To: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Cc: Minchan Kim <minchan@kernel.org>,
Sergey Senozhatsky <senozhatsky@chromium.org>,
Jens Axboe <axboe@kernel.dk>,
Andrew Morton <akpm@linux-foundation.org>,
linux-kernel@vger.kernel.org, linux-block@vger.kernel.org,
stable@vger.kernel.org
Subject: Re: [PATCH] zram: don't free statically defined names
Date: Tue, 24 Sep 2024 00:34:49 +0900 [thread overview]
Message-ID: <20240923153449.GC38742@google.com> (raw)
In-Reply-To: <20240923080211.820185-1-andrej.skvortzov@gmail.com>
On (24/09/23 11:02), Andrey Skvortsov wrote:
> The change is similar to that is used in comp_algorithm_set.
> This is detected by KASAN.
>
> ==================================================================
---8<---
> Unable to handle kernel paging request at virtual address ffffffffc1edc3c8
> KASAN: maybe wild-memory-access in range
> [0x0003fffe0f6e1e40-0x0003fffe0f6e1e47]
> Mem abort info:
> ESR = 0x0000000096000006
> EC = 0x25: DABT (current EL), IL = 32 bits
> SET = 0, FnV = 0
> EA = 0, S1PTW = 0
> FSC = 0x06: level 2 translation fault
> Data abort info:
> ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000
> CM = 0, WnR = 0, TnD = 0, TagAccess = 0
> GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
> swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000000427dc000
> [ffffffffc1edc3c8] pgd=00000000430e7003, p4d=00000000430e7003,
> pud=00000000430e8003, pmd=0000000000000000
> Internal error: Oops: 0000000096000006 [#1] SMP
>
> Tainted: [W]=WARN, [C]=CRAP, [N]=TEST
> Hardware name: Pine64 PinePhone (1.2) (DT)
> pstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
> pc : kfree+0x60/0x3a0
> lr : zram_destroy_comps+0x98/0x198 [zram]
> sp : ffff800089b57450
> x29: ffff800089b57460 x28: 0000000000000004 x27: ffff800082833010
> x26: 1fffe00000c8039c x25: 1fffe00000ba5004 x24: ffff000005d28000
> x23: ffff800082533178 x22: ffff80007b71eaa8 x21: ffff000006401ce8
> x20: ffff80007b70f7a0 x19: ffffffffc1edc3c0 x18: 1ffff00010506d6b
> x17: 0000000000000000 x16: 0000000000000000 x15: ffff8000808e85e4
> x14: ffff8000808e8478 x13: ffff80008003fa50 x12: ffff80008003f87c
> x11: ffff800080011550 x10: ffff800081ee63f0 x9 : ffff80007b71eaa8
> x8 : ffff80008003fa50 x7 : ffff80008003f87c x6 : 00000018a10e2f30
> x5 : 00ffffffffffffff x4 : ffff00000ec93200 x3 : ffff00000bbee6e0
> x2 : 0000000000000000 x1 : 0000000000000000 x0 : fffffdffc0000000
---8<---
The above is not needed in the commit message (not even sure if the
backtrace below is relevant).
> Call trace:
> kfree+0x60/0x3a0
> zram_destroy_comps+0x98/0x198 [zram]
> zram_reset_device+0x22c/0x4a8 [zram]
> reset_store+0x1bc/0x2d8 [zram]
> dev_attr_store+0x44/0x80
> sysfs_kf_write+0xfc/0x188
> kernfs_fop_write_iter+0x28c/0x428
> vfs_write+0x4dc/0x9b8
> ksys_write+0x100/0x1f8
> __arm64_sys_write+0x74/0xb8
> invoke_syscall+0xd8/0x260
> el0_svc_common.constprop.0+0xb4/0x240
> do_el0_svc+0x48/0x68
> el0_svc+0x40/0xc8
> el0t_64_sync_handler+0x120/0x130
> el0t_64_sync+0x190/0x198
[..]
> diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
> index c3d245617083d..d9d2c36658f59 100644
> --- a/drivers/block/zram/zram_drv.c
> +++ b/drivers/block/zram/zram_drv.c
> @@ -2116,7 +2116,9 @@ static void zram_destroy_comps(struct zram *zram)
> }
>
> for (prio = ZRAM_SECONDARY_COMP; prio < ZRAM_MAX_COMPS; prio++) {
> - kfree(zram->comp_algs[prio]);
> + /* Do not free statically defined compression algorithms */
We probably don't really need this comment.
> + if (zram->comp_algs[prio] != default_compressor)
> + kfree(zram->comp_algs[prio]);
> zram->comp_algs[prio] = NULL;
> }
OK, so... I wonder how do you get a `default_compressor` on a
non-ZRAM_PRIMARY_COMP prio. May I ask what's your reproducer?
I didn't expect `default_compressor` on ZRAM_SECONDARY_COMP
and below. As far as I can tell, we only do this:
comp_algorithm_set(zram, ZRAM_PRIMARY_COMP, default_compressor);
in zram_reset_device() and zram_add(). So, how does it end up in
ZRAM_SECONDARY_COMP...
next prev parent reply other threads:[~2024-09-23 15:34 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-23 8:02 [PATCH] zram: don't free statically defined names Andrey Skvortsov
2024-09-23 15:34 ` Sergey Senozhatsky [this message]
2024-09-23 15:47 ` Sergey Senozhatsky
2024-09-23 15:55 ` Andrey Skvortsov
2024-09-23 16:07 ` Sergey Senozhatsky
2024-09-23 16:43 ` Andrey Skvortsov
2024-09-23 16:47 ` Christophe JAILLET
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240923153449.GC38742@google.com \
--to=senozhatsky@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=andrej.skvortzov@gmail.com \
--cc=axboe@kernel.dk \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=minchan@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.