View Issue Details

IDProjectCategoryView StatusLast Update
0015954CentOS-7cryptsetuppublic2019-09-29 20:07
Reporterrfs 
PrioritynormalSeveritycrashReproducibilityalways
Status newResolutionopen 
PlatformIntel SR1625URROSCentOS OS Version7.6.1810
Product Version 
Target VersionFixed in Version 
Summary0015954: When encrypted swap is enabled, using enough memory to activate swap crashes the entire system
DescriptionAll works well when swap not encrypted.
When swap encrypted as below, running the program below (which just mallocs memory and writes to it all) causes a total system crash soon after it starts accessing swap space, with no disc activity going on, i.e. no swapping.
No messages are left in /var/log/messages . Typically filesystems are left with multiple orphaned inodes.
Steps To ReproducePut the following in /etc/crypttab (where <hostname> is replaced with the hostname or other name of a volume group):
swap /dev/vg_<hostname>/lv_swap /dev/urandom plain,cipher=aes-xts-essiv:sha256,swap

Put the following line in /etc/fstab, with no other swap space:
/dev/mapper/swap none swap defaults 0 0

Reboot the system to effect those changes.
Confirm that swap is configured as expected by
swapon -s
Filename Type Size Used Priority
/dev/dm-2 partition 24707068 0 -2

# cryptsetup status swap
/dev/mapper/swap is active and is in use.
  type: PLAIN
  cipher: aes-xts-essiv:sha256
  keysize: 256 bits
  key location: dm-crypt
  device: /dev/mapper/vg_<hostname>-lv_swap
  sector size: 512
  offset: 0 sectors
  size: 49414144 sectors
  mode: read/write

Put the following program into domalloc.c in some directory:
/* Program that does mallocs to order, freeing each one when the next one is requested. */

#include <stdio.h>
#include <stdlib.h>

int
main(int argc, char **argv)
{
  long int Nlongs = 0;
  long int *longs = NULL;
  long int nlong;
  printf("How many longs to malloc ?\n");
  do
    {
      scanf("%ld", &Nlongs);
      free(longs);
      if ((longs = malloc(Nlongs * sizeof(long int))) == NULL)
        printf("malloc of %ld failed\n", Nlongs * 8);
      else
        {
          printf("malloc of %ld bytes succeeded\n", Nlongs * 8);
          printf("Writing (long int) ones into allocated memory\n");
          for (nlong = 0; nlong < Nlongs; nlong++)
            longs[nlong] = 1;
          printf("Writing finished\n");
        }
      printf("How many longs to malloc ?\n");
    }
  while (Nlongs != 0);
  exit(0);
}

Compile it with
gcc -o domalloc domalloc.c

Run it with
domalloc

When it asks for a number of longs to allocate, enter a number slightly larger than the amount of memory you have divided by sizeof(long int).

In another window run top and watch the memory in use creep up over the total physical RAM level; the system then crashes, without reporting completion of writing ones into the allocated memory.

Rerunning the whole thing with an empty /etc/crypttab file and /etc/fstab containing
/dev/mapper/vg_<hostname>-lv_swap none swap defaults 0 0
and rebooting then running domalloc in the same way leads to swap activity in the appropriate manner and successful conclusion with completion of writing message and a request to try a different amount to allocate.

Note that to use swap at all, /proc/sys/vm/overcommit-memory should contain 0
If it contains 2, then one just gets malloc failed.
Additional InformationTypical output of domalloc:

$ domalloc
How many longs to malloc ?
500
malloc of 4000 bytes succeeded
Writing (long int) ones into allocated memory
Writing finished
How many longs to malloc ?
7000000000
malloc of 56000000000 bytes succeeded
Writing (long int) ones into allocated memory
<whole system crashes>
TagsNo tags attached.
abrt_hash
URL

Activities

rfs

rfs

2019-04-02 09:33

reporter   ~0034149

Should have said that system has 48GiBytes of RAM, and if trying this out on a system with a different amount of RAM, then the number 7000000000 in the "typical output of domalloc" above should be set to something in between the total available size of RAM divided by 8 and the (total RAM plus total swap) divided by 8.
rfs

rfs

2019-09-29 20:07

reporter   ~0035267

Same problem still present in CentOS 7.7 (1908).

Issue History

Date Modified Username Field Change
2019-03-25 22:46 rfs New Issue
2019-04-02 09:33 rfs Note Added: 0034149
2019-09-29 20:07 rfs Note Added: 0035267