Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp1687790pxb; Wed, 2 Feb 2022 10:13:42 -0800 (PST) X-Google-Smtp-Source: ABdhPJzQZ6jctndDJsqmTDiivJJygc1wtMfE0JTTkV+MqxzpHTKxRniF2FJ+yxF5p2IsCUWqlqvz X-Received: by 2002:aa7:c258:: with SMTP id y24mr31613196edo.288.1643825621751; Wed, 02 Feb 2022 10:13:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643825621; cv=none; d=google.com; s=arc-20160816; b=K0IFKyTKjiOwPM18BGbLXJR7kBjLR8evorXMQXftKttmhEra0Ul2SnvjudO3t3GPGc HdqYxsloDESOtNYH1fQymAhhPA+LMqogeUFKtcTD1Eq65NtFH7hE4rnRkJtBe3MNpGCG kDose/74rGESmu8oMVwb9lt8Nf3Znx4pfv9ivwsGOa4/085k86zqDZJvOch61A8brokt yCa7rErJ4itvcnmMu6jevJlnXpZMi9UcwrNYV3bb2E/sXjSg49uWDFm2iNzC44reb+zs HCGlPxzKqGgMLf1N1Pv+jh1MwK3Kc6dyVSzP945eHB3wamTL6Qohi6pja4IkyQTYPfZw OHeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=Z0hTDzuWOS7apcsYfrwqzj6tWZ+3Nz3rf5rMqSgwuN4=; b=EyeY4QoutGkSEVUtvApX5k49APzbugSCQu3JpAMYOAa9t6W5lXejrsmDvjc8q/3fkF N2bDl/uYySpM1XMMTeWGRLrZ+BUXdJyKfW6BH2llL2aruF2IvreMGa8KqefyL0kRlcmm zP/fkP6KU98jvLBCQgnJFCcld+X00F5ijVXg+5suZEDL073uxYaFgr1vDpPa07DYcwuX YW7Qe8zZQsJgJPsMpwiGYxwvmWcL+7TGr5tRpOFjTTwDV0mWUrCrRQX5KB/OCHY4Q0lN CCYXwpsuJMw3bnZgXyf7s5aU1Vvke64N71o+/VXr9UGlvJhkN2rNjAjIwNNLP79MlUbK XFQA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 13si11423005ejg.306.2022.02.02.10.13.14; Wed, 02 Feb 2022 10:13:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345297AbiBBOzv (ORCPT + 99 others); Wed, 2 Feb 2022 09:55:51 -0500 Received: from www62.your-server.de ([213.133.104.62]:47160 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345299AbiBBOzh (ORCPT ); Wed, 2 Feb 2022 09:55:37 -0500 Received: from sslproxy06.your-server.de ([78.46.172.3]) by www62.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from ) id 1nFH2i-0000p7-Hf; Wed, 02 Feb 2022 15:55:32 +0100 Received: from [85.1.206.226] (helo=linux.home) by sslproxy06.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nFH2i-000EP4-1r; Wed, 02 Feb 2022 15:55:32 +0100 Subject: Re: [syzbot] KASAN: vmalloc-out-of-bounds Write in ringbuf_map_alloc To: Marco Elver , syzbot Cc: akpm@linux-foundation.org, andreyknvl@google.com, andrii@kernel.org, ast@kernel.org, bpf@vger.kernel.org, davem@davemloft.net, glider@google.com, hotforest@gmail.com, houtao1@huawei.com, john.fastabend@gmail.com, kafai@fb.com, kpsingh@kernel.org, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, sfr@canb.auug.org.au, songliubraving@fb.com, syzkaller-bugs@googlegroups.com, yhs@fb.com References: <0000000000000a9b7d05d6ee565f@google.com> <0000000000004cc7f905d709f0f6@google.com> From: Daniel Borkmann Message-ID: Date: Wed, 2 Feb 2022 15:55:31 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.103.5/26441/Wed Feb 2 10:43:13 2022) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2/2/22 3:49 PM, Marco Elver wrote: > On Wed, 2 Feb 2022 at 15:36, syzbot > wrote: >> >> syzbot has bisected this issue to: >> >> commit c34cdf846c1298de1c0f7fbe04820fe96c45068c >> Author: Andrey Konovalov >> Date: Wed Feb 2 01:04:27 2022 +0000 >> >> kasan, vmalloc: unpoison VM_ALLOC pages after mapping > > Is this a case of a new bug surfacing due to KASAN improvements? But > it's not quite clear to me why this commit. > > Andrey, any thoughts? Marco / Andrey, fix should be this one: https://patchwork.kernel.org/project/netdevbpf/patch/20220202060158.6260-1-houtao1@huawei.com/ >> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=128cb900700000 >> start commit: 6abab1b81b65 Add linux-next specific files for 20220202 >> git tree: linux-next >> final oops: https://syzkaller.appspot.com/x/report.txt?x=118cb900700000 >> console output: https://syzkaller.appspot.com/x/log.txt?x=168cb900700000 >> kernel config: https://syzkaller.appspot.com/x/.config?x=b8d8750556896349 >> dashboard link: https://syzkaller.appspot.com/bug?extid=5ad567a418794b9b5983 >> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1450d9f0700000 >> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=130ef35bb00000 >> >> Reported-by: syzbot+5ad567a418794b9b5983@syzkaller.appspotmail.com >> Fixes: c34cdf846c12 ("kasan, vmalloc: unpoison VM_ALLOC pages after mapping") >> >> For information about bisection process see: https://goo.gl/tpsmEJ#bisection