Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2405114imu; Thu, 10 Jan 2019 13:39:56 -0800 (PST) X-Google-Smtp-Source: ALg8bN7dxs7jbvOcxA+pMhnHYoFGsZBOwzK6ryt14xE/0rJEbt5XGo7owy96SKMoc6kYajeBaClZ X-Received: by 2002:a63:2b01:: with SMTP id r1mr10827707pgr.432.1547156396087; Thu, 10 Jan 2019 13:39:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1547156396; cv=none; d=google.com; s=arc-20160816; b=mQLscc/2uomMDIN5kDopfUmfKZVCZXkFDhe9b4w7Xn/SYjBrZ8iKJYR3afmicY5f7Y U9OEcg7EJFb4l6/TdDhwSWSjY/TlTLhum8LY4sxi/Gq92mHvgjFeyMo8yO32fgckxkFz FqstDAxaWRPYIhLL+TIkyKLCTENMmGcTISIjy33Nf2lzpq003JHsLJeFl/NRwaQyTWn+ 2WwNWyg+IU4+Yv8uI5H0gZ0RxHYQjUnK70ZJuFkjG3FF+a7di8Zvkv+D96VYASCwIsAY VFkrBh9jADAwEVA6IIdPqIPsiB0KLI5zbG5Gam1uubvz40r8Xf+AvYlsfWW3IBdD2Zd6 VZYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id :dkim-signature; bh=OXxi4LpotewKcbwhtpBFqBYFbJcIWyjKfbxyYrg91F4=; b=gdvlQVMly7kEIJV/CAI6OpBFunNugBrrenpaPkKL4TNe0adzjtXwcdk0fhsgMZ10Qd tyXSsYf8ShNLuNXDyL2Lx42eaTKjOfIFPLdqHBTuEBLPnl5dcIzy/daHJiHhQXaZoHrt sBxiTUml/W9Dp8YidkjAXnwUClCqQeJu/OsMzObZ4Qe9w+pbg6BUkHTiOqGky56gmzmk IqVTMoWTnleKLFUlh+6O5ndqYs8mzBbLc6qCSsAR/eoxDHMY1Vq9uHr79IYsJOAcWO8w 4O5RoxyvP1fu7fbFiyvvdIvLVYTonMUTGWGxUxuUb2ZUquEnJDrxb55akaxuRIYqtE/N g2vQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lca.pw header.s=google header.b=eTlo852s; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k33si72977170pld.374.2019.01.10.13.39.39; Thu, 10 Jan 2019 13:39:55 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@lca.pw header.s=google header.b=eTlo852s; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731035AbfAJVDy (ORCPT + 99 others); Thu, 10 Jan 2019 16:03:54 -0500 Received: from mail-qt1-f182.google.com ([209.85.160.182]:40470 "EHLO mail-qt1-f182.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727846AbfAJVDy (ORCPT ); Thu, 10 Jan 2019 16:03:54 -0500 Received: by mail-qt1-f182.google.com with SMTP id k12so15396266qtf.7 for ; Thu, 10 Jan 2019 13:03:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lca.pw; s=google; h=message-id:subject:from:to:cc:date:in-reply-to:references :mime-version:content-transfer-encoding; bh=OXxi4LpotewKcbwhtpBFqBYFbJcIWyjKfbxyYrg91F4=; b=eTlo852sejUP6PowKTen0wMZLaPZVqcK3KdfyurWNkkhrbN16wwy1sgqt6PgteL6LT si0BhzeGhHqfMReEc/5ARGGNpz4MHE1w/z3hkyQKRQEfAS/fs5MSHIGY7nk4sI5Rf5gH x2fHDGKbdvpo0hA2oSIC9IpqKEI4Eu5/FuOIpcAICEUwBCftrqy7zMwM/y8Ym5pKVXug 5gOzDAw92r4ntNAoc70tH/o6YUoliJe99vFUccwhTNupghsLAFKZ0uA+yTz/EnZY9Pjs wQISs9iQNBT747tewQ4a60SFxFJptYyX8WjxWIapcd0Nk33mr0W5jPttgNMeBhiJxAOS 9KiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:mime-version:content-transfer-encoding; bh=OXxi4LpotewKcbwhtpBFqBYFbJcIWyjKfbxyYrg91F4=; b=Vqt6/N8gadPfSfzgPGGKj8w6k6vWn4/7RB+7VVSQo82kPvYNZDcpWYPhSd7D3CQu2r 1nVy8Exp2LMPKErj6fdgCnHIW7/Y4Mr+/qJOa2tNV07LZ/2w0Wks/WdFliDlds3gdhrL uMuZ5MhoYUt+XAGJCIu5KbEcWI/a9wXrEZgXGMM6LZRq5dx2cRzEQoxQokqMQXQchwQT XsX21ai8oQMK26yXYID3XOd8JPxQjnVg8hKajuVMqCHGDD1/iybmYd2NfZQlj94OhCgP vw8cpFtEWBVE8W+p7dpJE+jcHVoctZAOfF+QObHvDRKO7yqQybl5AbXVZEaYSEajjZCB aOmw== X-Gm-Message-State: AJcUukfzCo4PFzZIqfKbEkq7oaMcMPlr5G5wTOSZ7xLL0JIrN/AqjA7K OxbX56aRq8DMXJ3zZ8t1uUUoFg== X-Received: by 2002:a37:bdc6:: with SMTP id n189mr10531567qkf.330.1547154232628; Thu, 10 Jan 2019 13:03:52 -0800 (PST) Received: from dhcp-41-57.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id v32sm49325749qta.37.2019.01.10.13.03.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 10 Jan 2019 13:03:51 -0800 (PST) Message-ID: <1547154231.6911.10.camel@lca.pw> Subject: Re: PROBLEM: syzkaller found / pool corruption-overwrite / page in user-area or NULL From: Qian Cai To: Esme Cc: James Bottomley , "dgilbert@interlog.com" , "martin.petersen@oracle.com" , "linux-scsi@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-mm@kvack.org" Date: Thu, 10 Jan 2019 16:03:51 -0500 In-Reply-To: <4u36JfbOrbu9CXLDErzQKvorP0gc2CzyGe60rBmZsGAGIw6RacZnIfoSsAF0I0TCnVx0OvcqCZFN6ntbgicJ66cWew9cOXRgcuWxSPdL3ko=@protonmail.ch> References: <1547150339.2814.9.camel@linux.ibm.com> <1547153074.6911.8.camel@lca.pw> <4u36JfbOrbu9CXLDErzQKvorP0gc2CzyGe60rBmZsGAGIw6RacZnIfoSsAF0I0TCnVx0OvcqCZFN6ntbgicJ66cWew9cOXRgcuWxSPdL3ko=@protonmail.ch> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.22.6 (3.22.6-10.el7) Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2019-01-10 at 20:47 +0000, Esme wrote: > Sure thing; > > cmdline; > qemu-system-x86_64 -kernel linux//arch/x86/boot/bzImage -append console=ttyS0 > root=/dev/sda debug earlyprintk=serial slub_debug=QUZ -hda stretch.img -net > user,hostfwd=tcp::10021-:22 -net nic -enable-kvm -nographic -m 2G -smp 2 > -pidfile > > CONFIG_PAGE*; (full file attached); > > # CONFIG_DEBUG_PAGEALLOC is not set > CONFIG_PAGE_POISONING=y > CONFIG_PAGE_POISONING_NO_SANITY=y > # CONFIG_PAGE_POISONING_ZERO is not set > # CONFIG_DEBUG_PAGE_REF is not set > CONFIG_FAIL_PAGE_ALLOC=y Confused. https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1896410.html It said 5.0.0-rc1+ https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1896410/repro.repor t It said 4.20.0+, and it also have, "general protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI" which indicated CONFIG_DEBUG_PAGEALLOC=y but your .config said NO. However, it looks like a mess that KASAN does not play well with all those SLUB_DEBUG, CONFIG_DEBUG_PAGEALLOC etc, because it essentially step into each others' toes by redzoning, poisoning in allocate and free pages.