Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp3450610pxb; Mon, 4 Apr 2022 17:22:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJySbrJGB0WNzvm+w+YZLCE5DSXeqL19EYf5QDP+NJ8P2RVQZ4FABw59EeM0h7ZGZGd3COnh X-Received: by 2002:a17:902:f212:b0:156:a80c:e10d with SMTP id m18-20020a170902f21200b00156a80ce10dmr800802plc.11.1649118161683; Mon, 04 Apr 2022 17:22:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649118161; cv=none; d=google.com; s=arc-20160816; b=0czv1U5kYApj43+mprt4jCctFMb93GhB4xNnQ0RXK1FkOIY9qc4yWTAEp7Et/oJBii hpOKzJXNdWZqoPW/iprqFY07xrQQQoBB7bb2GCUIdJQtnQ9ypRHNalgRX8m1nYcJMVwW OS1Plf0eoLUyLs4e26mDJr3L2FBFy+98WzIiKuAYig4adsZ+8gcjuFF2sPDG0rulcDms Rbh0ufYe5l1OIPTXcdkAeoQ6v3ke/PfP8vcJMROS3vh1uJR55Mz/APKeIPpC7buXVsiE J9zwxLiXF3MDTl91fOg+fZy3mp7Vy08kvE2b+G2OOxrzOBao1Vkb7UUp5CED1hDlzrfW CiCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:subject :from:references:cc:to:content-language:user-agent:mime-version:date :message-id:dkim-signature:dkim-signature; bh=Y5lbE76B/EZHwPu2k7A6I8RReLpOp0Y/jNzFdV3g1S4=; b=Rmsbgf69wyS+Qer8I+Dw8j5aUZzrDHs73C1QJovi6gtqHi2DsmoXONA1G9g/wj/DRH n558JLNsskOAaykA5sEe7nS3mv6YPrYP2S7B2pniTm2eovF3xLYB2SQhgWTHQ1hyTTjz aMWp2vMVcgxEuVfIg8Jp7AKv1otb/3Ls8187DIOsQQrU0w0KiEd4YkokWJPDTZRRmxrx xf7zimEzB+i+Usb0so0dbbKKShsoFtbhLtYVbRYuAI2b3RvLJlPZQ9y2RL3m118Azj/S Ib0mbCEThzOB22fRkHkzHb5wWDoEe06iTHaIvvR5nJE1AssDNh+Ol9T3rqXvUWMiBpBG 0edw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=wUJfCU6U; dkim=neutral (no key) header.i=@suse.cz; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id a12-20020a056a000c8c00b004fa3a8dff62si12339343pfv.25.2022.04.04.17.22.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Apr 2022 17:22:41 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=wUJfCU6U; dkim=neutral (no key) header.i=@suse.cz; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 04B6E78906; Mon, 4 Apr 2022 16:47:42 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376754AbiDDOWX (ORCPT + 99 others); Mon, 4 Apr 2022 10:22:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36668 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237149AbiDDOWV (ORCPT ); Mon, 4 Apr 2022 10:22:21 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9417C26576 for ; Mon, 4 Apr 2022 07:20:25 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 3BCD21F381; Mon, 4 Apr 2022 14:20:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1649082024; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Y5lbE76B/EZHwPu2k7A6I8RReLpOp0Y/jNzFdV3g1S4=; b=wUJfCU6U9aEFMd7I2PlH7XU/X4oZ10X3cwSWjwI7LepxZwjQJG+tZohyp88Q845oq422CX URrCxehthNYfuNbAO98G+ZPJxR1b+wFyOUf9J+MRXLhBXseQ7qFMhyavzy1Jyp63uNdS/v pKSOrxaTEiqp9bqyS3uevf3s9AnN+KA= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1649082024; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Y5lbE76B/EZHwPu2k7A6I8RReLpOp0Y/jNzFdV3g1S4=; b=4rdUhyBqjuGgSR3ltLnLq8pBH8pUj6kqVuVTnDYQxGv3Bw+qXKXhm3ja0q8lXLTnZtmONy 3JlFPAkCUCvqcXAA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 0D39912FC5; Mon, 4 Apr 2022 14:20:24 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id wftkAqj+SmLzOQAAMHmgww (envelope-from ); Mon, 04 Apr 2022 14:20:24 +0000 Message-ID: <8368021e-86c3-a93f-b29d-efed02135c41@suse.cz> Date: Mon, 4 Apr 2022 16:20:23 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 Content-Language: en-US To: Marco Elver , Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: kernel test robot , Oliver Glitta , lkp@lists.01.org, lkp@intel.com, LKML , Imran Khan , Andrey Konovalov , Zhen Lei , Zqiang , linux-mm@kvack.org References: <20220323090520.GG16885@xsang-OptiPlex-9020> <20220324095218.GA2108184@odroid> From: Vlastimil Babka Subject: Re: [mm/slub] 555b8c8cb3: WARNING:at_lib/stackdepot.c:#stack_depot_fetch In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,NICE_REPLY_A,RDNS_NONE,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 4/4/22 10:10, Marco Elver wrote: > On Mon, Apr 04, 2022 at 12:05PM +0900, Hyeonggon Yoo wrote: > (Maybe CONFIG_KCSAN_STRICT=y is going to yield something? I still doubt > it thought, this bug is related to corrupted stackdepot handle > somewhere...) > >> I noticed that it is not reproduced when KASAN=y and KFENCE=n (reproduced 0 of 181). >> and it was reproduced 56 of 196 when KASAN=n and KFENCE=y >> >> maybe this issue is related to kfence? Hmm kfence seems to be a good lead. If I understand kfence_guarded_alloc() correctly, it tries to set up something that really looks like a normal slab page? Especially the part with comment /* Set required slab fields. */ But it doesn't seem to cover the debugging parts that SLUB sets up with alloc_debug_processing(). This includes alloc stack saving, thus, after commit 555b8c8cb3, a stackdepot handle setting. It probably normally doesn't matter as is_kfence_address() redirects processing of kfence-allocated objects so we don't hit any slub code that expects the debugging parts to be properly initialized. But here we are in mem_dump_obj() -> kmem_dump_obj() -> kmem_obj_info(). Because kmem_valid_obj() returned true, fooled by folio_test_slab() returning true because of the /* Set required slab fields. */ code. Yet the illusion is not perfect and we read garbage instead of a valid stackdepot handle. IMHO we should e.g. add the appropriate is_kfence_address() test into kmem_valid_obj(), to exclude kfence-allocated objects? Sounds much simpler than trying to extend the illusion further to make kmem_dump_obj() work? Instead kfence could add its own specific handler to mem_dump_obj() to print its debugging data? > What about KASAN=n and KFENCE=n? > > Thanks, > -- Marco