From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3F616C48BF6 for ; Sat, 24 Feb 2024 14:23:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A68386B0099; Sat, 24 Feb 2024 09:23:36 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 9F1306B009D; Sat, 24 Feb 2024 09:23:36 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 86BAE6B0099; Sat, 24 Feb 2024 09:23:36 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 733916B0095 for ; Sat, 24 Feb 2024 09:23:36 -0500 (EST) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 35596A03A4 for ; Sat, 24 Feb 2024 14:23:36 +0000 (UTC) X-FDA: 81826915632.17.C24DC75 Received: from mail-pj1-f44.google.com (mail-pj1-f44.google.com [209.85.216.44]) by imf12.hostedemail.com (Postfix) with ESMTP id 581354000D for ; Sat, 24 Feb 2024 14:23:33 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Mpu54V3Y; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf12.hostedemail.com: domain of senozhatsky@chromium.org designates 209.85.216.44 as permitted sender) smtp.mailfrom=senozhatsky@chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1708784613; a=rsa-sha256; cv=none; b=Kj74ZLX3V1+gtvw/uDhPNJll/hssl3inrPMOw2c3sHKiG+z1wpKAFOOPeZedAjFC/6OHW4 RwOKU0FioYoeVGSyUACJAvnPo7qEDe85lHlZ9Z56qiJIiOAiGG55fzUQR3rCAd5y83BvU1 aMeOavvja6e70UUfXi5OrkkZ8WjMkp0= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Mpu54V3Y; dmarc=pass (policy=none) header.from=chromium.org; spf=pass (imf12.hostedemail.com: domain of senozhatsky@chromium.org designates 209.85.216.44 as permitted sender) smtp.mailfrom=senozhatsky@chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1708784613; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=jyxe1ZyHEM1T2r2O7pII63uf5/ieYPDWx0PKMOw5NQ8=; b=gtgthLCsXIUCBplHlXS9U/b7s8s6c2ibUSRbnfeNI3bN18H0YkfaSYyhAZJV+yCPd0vsDb SfITw56JvnPm6O1qUcuhTBSrZv51ZALpx8TQV69wdGdWz53V/o2bCfY8XHsW7keTKYcQ+E B4V4sSLHS0hsb7O8L05eDpmAbzrDwjs= Received: by mail-pj1-f44.google.com with SMTP id 98e67ed59e1d1-29a940614easo610276a91.3 for ; Sat, 24 Feb 2024 06:23:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1708784612; x=1709389412; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=jyxe1ZyHEM1T2r2O7pII63uf5/ieYPDWx0PKMOw5NQ8=; b=Mpu54V3YyN/cXxoUHiwmKt01L8DOQ9kA5G5caF2EMuGHX2yYa78Cb5alne8JItwl3I KnGygtzwixoFyiXZqDbHmqZ2/n91GE2nPkte1rxPToRpoD9EYtreTreagEdwsE7he5eP MaewfWwpxpckf4PYLZrNxHZHQwTzXeTZO3mdE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708784612; x=1709389412; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=jyxe1ZyHEM1T2r2O7pII63uf5/ieYPDWx0PKMOw5NQ8=; b=JBoe9S3oHYAq7s4cvaNyW87NsH4iCkkqb5XKdxH4jR3RgUGG2baVn+T7lvWL4Gmfsa 2JDs2mmKQonPtKmwH8usv+cSxLOhoeaAtkevNA8SuVNk5+GLPj+xdz68Fbfq7HHRrrXC tmiFzIvsPPSXkYqgdnOowY4CUnL6VbWymgvMqM6CAlworZzvDTwfNPks1r4ApNbAtbNr 4ZkwWDbVSrIlUUju5aKmos/EDSM1T3y+Wa+Jk6f+72pJCwDEqAv4tsyHlNn7R/XKStr+ ytysSAsVLYrcRtRstJZy00V2n+TOVvhYJ8REXQx/X0iTSrJKMFvYIZh2ZT+q++p2f+k6 b4jg== X-Forwarded-Encrypted: i=1; AJvYcCUBRlK0L0iou9BMBgtub/slG0zoNJv8OXB/tsBllT3Kj6Ayt3ynVB0nglMljDoMVJ+sBvuGbrQdlGvMdqOYEr/Rph0= X-Gm-Message-State: AOJu0Yy1V4sqRBqn/ZgomBVzC4hxTfdZbJmCODQpCjX9dpJ7g0vzniF6 lEdm00CieTv46igbFBwp48VR1G4cK/P6UHBW9jQkPIPNJuo7VOvy4GYIMsY4qw== X-Google-Smtp-Source: AGHT+IFr0cBNAGWbEUkDQUVjLj77C+85s2SiVuoC/dJK0Ubalz9sdGbBXYmvfESINY5LlE6doyAk+A== X-Received: by 2002:a17:90b:4d8c:b0:29a:9dca:e85d with SMTP id oj12-20020a17090b4d8c00b0029a9dcae85dmr673401pjb.41.1708784611993; Sat, 24 Feb 2024 06:23:31 -0800 (PST) Received: from google.com ([2401:fa00:8f:203:927f:4f5a:8fae:16fa]) by smtp.gmail.com with ESMTPSA id bt12-20020a17090af00c00b0029a73913ae8sm1274980pjb.40.2024.02.24.06.23.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 24 Feb 2024 06:23:31 -0800 (PST) Date: Sat, 24 Feb 2024 23:23:27 +0900 From: Sergey Senozhatsky To: Tetsuo Handa Cc: Sergey Senozhatsky , Alexander Potapenko , Johannes Weiner , Yosry Ahmed , Nhat Pham , Minchan Kim , linux-mm , kasan-dev , Mark-PK Tsai Subject: Re: [mm/page_alloc or mm/vmscan or mm/zswap] use-after-free in obj_malloc() Message-ID: <20240224142327.GW11472@google.com> References: <20240223044356.GJ11472@google.com> <6dd78966-1459-465d-a80a-39b17ecc38a6@I-love.SAKURA.ne.jp> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <6dd78966-1459-465d-a80a-39b17ecc38a6@I-love.SAKURA.ne.jp> X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 581354000D X-Stat-Signature: szmcma4jmjyqscb6pn7ed5qhuaswojrp X-HE-Tag: 1708784613-754796 X-HE-Meta: U2FsdGVkX1/Dsg4TRaYsJD+uy+4D2Gd+M4otA0daindl+AkP7l75DrsAQsHONw+tvMobFlW3fgOtqVU+4IIjwBCC5JPrvqej9xiEWgNAl03y1YBa5UocbTriTSgdhfHthO5lPQLwrd7nR3fVgld3u9WMtpVu6daSUzPO1ysMge0vl9AI+HXU775a9vwerENCQyF/gn9dZJMJSfmfW0e/e4IWnQXhov+lkzMoMReE8vIXunTRXgTFumZE3B035k3P2kZUgtAzYV+xWSuqVHNOVdcdqnGuO7fwc5w01yDKksDEOKPuajyF4SyG6CU9K/GaY0oR+wVaKHFV7kj+sNiaUhuUoxRzksjuhM+gKeMY6OFJfp6/RiTulUlA3qHkG9wDi85QUMiAhH/Feb2FVmFGgSyOsVgcD9xwzED9ONsSsLssM41xLMGilnYqyw/UFoh0Hg6lNaeJ1l9F3q8lqhc8Dikwf1J0OjKflRXpZueHNMpb/usADSpQ+JXzSoZ5eBpPTgXQzQOTWXCJcjZ84Vj55YFBr6PqpwFP0BS878HR6epi9DvVJXuwKj5OoZBGrrKF9tVMGu/FfVo1OADYH5bwZL/6OyaBZTYIptw/qd4yFjNa6aHHJsS+NOzemaRQzBeQABu9RXNpOPPHmAspLqnkF/Wh1RkoZz/gBpVzJJmZu6a77ood6ha9KJnI7HScmp+sGF97pvW0r9uijtG+SRLZVZymVNLxJ8fwHl236hkqEsihJRuxA3UhiFoDNi8KOXHYv+41Ylqsx2tffUCqUj6WXouqUPCVUG+2V3axJlGHJguGtzMrfjgu+t/C1+I8XP3Kk7QWEeXLE01gKMWqlUjl92ChptglV2NAjBp/3IxqWC0X1bjDIs900ZqzbK1WDGCGICiMQHzPJT2PpfxU7mJkRgiPLZdb3aB/gEx89ZYMU9wSL3vGkoJOQMfHadnqPcnZM6wL0ddFpEzoXsrOoqY 43v7Q54l ZT9CyFcksL36luH8h1YhZc8zDbC6iu+CvB7oJgZ6kHUSR3fbmqd9Dh3MLgwgYZMn4d9FNUmOo3bzqlagaIATOPys/dA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000051, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On (24/02/24 00:22), Tetsuo Handa wrote: > On 2024/02/23 13:43, Sergey Senozhatsky wrote: > > On (24/02/23 11:10), Tetsuo Handa wrote: > >> > >> I can observe this bug during evict_folios() from 6.7.0 to 6.8.0-rc5-00163-gffd2cb6b718e. > >> Since I haven't observed with 6.6.0, this bug might be introduced in 6.7 cycle. > > > > Can we please run a bisect? > > Bisection pointed at commit afb2d666d025 ("zsmalloc: use copy_page for full page copy"), > for copy_page() is implemented as non-instrumented code where KMSAN cannot handle. > On x86_64, copy_page() is defined at arch/x86/lib/copy_page_64.S as below. Thank you so much.