Received: by 2002:ab2:1149:0:b0:1f3:1f8c:d0c6 with SMTP id z9csp1814277lqz; Mon, 1 Apr 2024 19:56:52 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCU5JQUdxypHFMDHRHYbVcgg4VZuc2x34SvIhMbCcNc7l4V6/npBTTK5HaFWBZFWnZIXpQ0xaeL9Yd86Ydg73yR42a+DCINzlSF2Kj06PQ== X-Google-Smtp-Source: AGHT+IFEIwE6bENiC7PkyIIyZ68gG33vKYFbXgsYu2UvzLzZkEiiDVqVLcug+y+5dMLOpA/oih92 X-Received: by 2002:a17:90a:bb86:b0:2a2:6243:c87f with SMTP id v6-20020a17090abb8600b002a26243c87fmr90231pjr.29.1712026611767; Mon, 01 Apr 2024 19:56:51 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712026611; cv=pass; d=google.com; s=arc-20160816; b=hZXxGUadU8TKwyX5ABw/gi25/EP0UYWyltkMN5f4c2Rl1f64X3kInJOZYu86nK3OVq Yd4AMbRD2po5R8qQzoOaifkGe8mTSdCtEECCnfQQDecUa1VEmd/jXrWsUrsXepvtNvwc 1JzIX30/dDH6kit46nLCrbxc7YpwKaAHp9aao040f/bMclGkJHOaAhhmDbGrhg2p5itb lcux11DGLwAuIOz9y2NUhOzKNLSjJeO2PTUT71UaNUiTi5bc5Asw9IPigfcxamAzCf3R YdZs0hd4R2QT2Yab0QgzxpB41DsNjcK/cKLXFZhLu41qDF3Y3B2YqqBger3H5DF+vC7Z bMpQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:dkim-signature:date; bh=EfYSqIFiwGGtcDOZBDsw+9RR8EOi7+ataFBzYA1KAuI=; fh=QbxhSyLuw5Ozq1xZc/+SBL7siGqq5aWQKrQ6pL11t1c=; b=EZMOnS9NYQRWs9kVyxlePRLL6n44QAteffCJqEVxIdJ6bNeoM6g7RbQ3N7pcfZ1Lqt 8HOdgMmAqckgGbJ/BlJ7lUCq5s3SnKPbxK5I453AA0baEXvkF7dyP6e3Y3WY7GO9CR75 sMWtCv/Lqj5mV31wVLde2jRPdYfdFwbbEx+x/UTGC9ubtkyL0LtsqvAFEoqnOkWMAtl9 MHliwnUNGXQ+CzFOJiQkuyBAB7e3EIsgQ3ieeJaQ0jeQfRnC5/6fu2pVnRj8FPRODv8h Sr2sLec/Mm1XPp5PrdaPim/901grnFzbQfYbTXDWQ8LOCecTntC0rYWBEoWraVgv5jap tw1Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=IUeqBLyK; arc=pass (i=1 spf=pass spfdomain=linux.dev dkim=pass dkdomain=linux.dev dmarc=pass fromdomain=linux.dev); spf=pass (google.com: domain of linux-kernel+bounces-127323-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-127323-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id li5-20020a17090b48c500b002a2313f16c9si4942131pjb.103.2024.04.01.19.56.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 Apr 2024 19:56:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-127323-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=IUeqBLyK; arc=pass (i=1 spf=pass spfdomain=linux.dev dkim=pass dkdomain=linux.dev dmarc=pass fromdomain=linux.dev); spf=pass (google.com: domain of linux-kernel+bounces-127323-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-127323-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 707D1284341 for ; Tue, 2 Apr 2024 02:56:51 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C0F411759E; Tue, 2 Apr 2024 02:56:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="IUeqBLyK" Received: from out-183.mta0.migadu.com (out-183.mta0.migadu.com [91.218.175.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 912EC17589 for ; Tue, 2 Apr 2024 02:56:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.218.175.183 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712026565; cv=none; b=hQH4mPE64IA40Y4azWaP0aM1YFzxVMbvXvt2Kz0C9NtBkhi4Hy4+BFmg4BrLNgxKN+z0gRLhxJmrZfeGncBL+ZMylGVk3ocvspjB8UriASaicNcuIAvaov3grLXVLgzjVUMTHTDCglFi+lsGgO3t3gRAGdeRegVPJObbL5SVlMY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712026565; c=relaxed/simple; bh=xURg2q9cINBFrvUw1DAqxR9mcJsxmWIcZZENGnVqybE=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=hz02tJ3kuiYmzXx4qvEf7dNYEC+nGqLOXh3rWJzuplb041JV9rS4ZeXw3uvPdWQ5/NSex6k33c8tsA9eWyBN2GsrItmsS21wEIWTk00ZPtZ8tQhc94CET+p3fx5dOltSL2184Bde967NVQiLvC36lpVlizi86yYi71CvONDn+io= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=IUeqBLyK; arc=none smtp.client-ip=91.218.175.183 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Date: Mon, 1 Apr 2024 19:55:54 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1712026560; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=EfYSqIFiwGGtcDOZBDsw+9RR8EOi7+ataFBzYA1KAuI=; b=IUeqBLyKZQqdy7WMTYBSYvGVlJX/NL+9BXvnQT3FAYEegaJus1eYOltymBQkb2wweOtMGP dcLLM6zejySv2DxKrhd3PlOp8+Tx5Pw+2ZTYqx7GVJOL/F5YQ0IYGIz7SND+yjdrNpYBnf a7kcIAmXAFDkoXhk81O5Nf4U5QKz9aw= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Roman Gushchin To: Ubisectech Sirius Cc: linux-trace-kernel , linux-kernel , hannes , mhocko , "shakeel.butt" Subject: Re: =?utf-8?B?5Zue5aSN77yaZ2VuZXJh?= =?utf-8?Q?l?= protection fault in refill_obj_stock Message-ID: References: <91e1389e-0723-42e7-9ea4-396ec6b54e49.bugreport@ubisectech.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Migadu-Flow: FLOW_OUT On Tue, Apr 02, 2024 at 09:50:54AM +0800, Ubisectech Sirius wrote: > > On Mon, Apr 01, 2024 at 03:04:46PM +0800, Ubisectech Sirius wrote: > > Hello. > > We are Ubisectech Sirius Team, the vulnerability lab of China ValiantSec. Recently, our team has discovered a issue in Linux kernel 6.7. Attached to the email were a PoC file of the issue. > > > Thank you for the report! > > > I tried to compile and run your test program for about half an hour > > on a virtual machine running 6.7 with enabled KASAN, but wasn't able > > to reproduce the problem. > > > Can you, please, share a bit more information? How long does it take > > to reproduce? Do you mind sharing your kernel config? Is there anything special > > about your setup? What are exact steps to reproduce the problem? > > Is this problem reproducible on 6.6? > > Hi. > The .config of linux kernel 6.7 has send to you as attachment. Thanks! How long it takes to reproduce a problem? Do you just start your reproducer and wait? > And The problem is reproducible on 6.6. Hm, it rules out my recent changes. Did you try any older kernels? 6.5? 6.0? Did you try to bisect the problem? If it's fast to reproduce, it might be the best option. Also, are you running vanilla kernels or you do have some custom changes on top? Thanks!