From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 99BAEC4828E for ; Fri, 2 Feb 2024 19:41:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 09FE96B007D; Fri, 2 Feb 2024 14:41:41 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 050386B007E; Fri, 2 Feb 2024 14:41:41 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E59B66B0081; Fri, 2 Feb 2024 14:41:40 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id C98846B007D for ; Fri, 2 Feb 2024 14:41:40 -0500 (EST) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 4D510A26BF for ; Fri, 2 Feb 2024 19:41:40 +0000 (UTC) X-FDA: 81747883560.20.52A839B Received: from fanzine2.igalia.com (fanzine2.igalia.com [213.97.179.56]) by imf28.hostedemail.com (Postfix) with ESMTP id 577C3C0006 for ; Fri, 2 Feb 2024 19:41:35 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=igalia.com header.s=20170329 header.b=gZ6u0hYq; dmarc=none; spf=pass (imf28.hostedemail.com: domain of gpiccoli@igalia.com designates 213.97.179.56 as permitted sender) smtp.mailfrom=gpiccoli@igalia.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1706902898; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:dkim-signature; bh=PA6V8qrjOEmRUGi+eQ/RS4oAQjuEZxBHWI8Xka+E70s=; b=hmCopJskRP+qTNY0I6wgKrnOFa6rOmOdGVoeavyJYDDsj8UBGmHScJ0AQz+IQMABS8X7fJ kNXKMXmoJ0yiMUzMSSMjmZVSyXPl3MHzY+SaMrP9Ej60Cc2Pcs4Ill2fP5Yd227Nw865+v rwFo/+M0MvlqUP3K6LPn3RvOEnozcI8= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=igalia.com header.s=20170329 header.b=gZ6u0hYq; dmarc=none; spf=pass (imf28.hostedemail.com: domain of gpiccoli@igalia.com designates 213.97.179.56 as permitted sender) smtp.mailfrom=gpiccoli@igalia.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1706902898; a=rsa-sha256; cv=none; b=QIJycmymqeobO9JnJ49MgF3+fpOJ6x6Mg/BZ4cOZd8Br0UOd7uYp66u2KpXNHFbqNTHKYH iIBSqTlyubWi4MfzxF3MOGqESk9QmAzHN1RIkmPKau1UzSiLQ+B+ctQcpB/2UgjQfvODCL JujiFDbgauWu67EHxRhV742kUigWyGs= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=igalia.com; s=20170329; h=Content-Transfer-Encoding:Content-Type:Subject:From:Cc:To: In-Reply-To:MIME-Version:Date:Message-ID:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=PA6V8qrjOEmRUGi+eQ/RS4oAQjuEZxBHWI8Xka+E70s=; b=gZ6u0hYqRPUgVhYJbVeGYB/L9g /Ea5eM3HWDDp2WL/dJ/L2qUe77Z/CuO0U0bqKFNk9R167WtRmTjiWOCRuUarhFKJOL5lhb51L6NYI EpMlao2gZByFMHhpXgRbf6n8RspviwcY/LO6pQRwYfDRWvhCu24FkCG1TgZoTqG+pHMGlqW2Ce4KG wh2Bis9xuVCJYZulzEejI0c9KYjEF94ULju972kxSHVdFOSJ7KiNH8npvewGwr1F2l9KRtcC3qWit kdeaSO1LLofZUqQYqb3Hh+oLtti6W6CDhsHKM0FKi1TNLS3QGY9OCRmatKpL3d8h3mQKKku/YA/uE WXyhqkfQ==; Received: from [187.90.178.235] (helo=[192.168.1.60]) by fanzine2.igalia.com with esmtpsa (Cipher TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_128_GCM:128) (Exim) id 1rVzPE-00D4dK-2z; Fri, 02 Feb 2024 20:40:56 +0100 Message-ID: <66cb411b-557a-6a70-57c9-457c969fec24@igalia.com> Date: Fri, 2 Feb 2024 16:40:46 -0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Content-Language: en-US In-Reply-To: <000000000000d08921060fe27342@google.com> To: syzbot+239f12e20785af44332c@syzkaller.appspotmail.com, Thomas Gleixner , jannh@google.com Cc: akpm@linux-foundation.org, Borislav Petkov , "dave.hansen@linux.intel.com" , "H. Peter Anvin" , linux-kernel , linux-mm@kvack.org, "luto@kernel.org" , Ingo Molnar , "netdev@vger.kernel.org" , Peter Zijlstra , syzkaller-bugs@googlegroups.com, "x86@kernel.org" , gpiccoli@igalia.com, "Guilherme G. Piccoli" , houtao1@huawei.com From: "Guilherme G. Piccoli" Subject: Re: [syzbot] [mm?] BUG: unable to handle kernel paging request in bpf_probe_read_compat_str Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 577C3C0006 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: s1u91jkgoai4hzdq5of9pikwhi4k1ziq X-HE-Tag: 1706902895-494925 X-HE-Meta: U2FsdGVkX18WMAea3Hg0V16nWALQMscU6Y4PsPkmeiKn9c5Q4odWqD4COvqbUaVCHVpTjrULmIaFvDm+7oJpTSrVmtjwh7wZJPEpFbr+RnxfVsVFPNjDfN2X18DvuzogVc0kYg7O/5gBSZp9HRUZ5ZE1gPRndw6BnSTcYFkMd0o/4rQJk+mTcP9Ii0bICBedzSwv3rQ5OaQgNuq3N2lVaoqMxfl1Z/1bRF9mHlYbDdquZbFKUFKLt8OzlAx00FfMBIjBKNls9SWIg4H7SUWdab/Vk9vSwCcdThMSjkJzODswUFBbVghuxd1tIPNXbkxXb5lGZg3++oXSEpm1OZ/AIhTpbcOKXa7AEP3OZcxkhWJ+37OFJDwnxBbXnLzOJ5quGyhpNZ6Af35FArOwV48q+h6su5aG2IfpcEXjVQgp85EDO/Q8q5ewUkESxix7E7J3QShiobKFumg+Ff55Pn1bTRblLDDED6fnpJ+Twy6aD3bXvDHyLbMVI6hfzoNHQA4Alt6X9BmBbMrnZ0YOItSlGtnMM/1jLF0LRk6Xz5h0KfTZpqaB0kwLJVf+0ewWkDzBmyWpBbBFHwgl1bxCJwCkgQSE15TjXfDN/QJ5xcW94dAVqEdhEY0MqyZR2Fmk7wmqH+eW/D5fVbJ3dgY0sBfs8OXmPrcXnoqXm9zLwEeEdocOePDqW7b+YCmSXa//H2wPhm67vGyh1ncbtB17rzlmH6f7NEADTcCD5BiO3kPYsoNZKtAwdj8sFmeUFtTKGPWbx3xs80Bb16Ki/eCWvzkj24QlWcgEIu+B1Xb9okjzx/Rln+NYkRVsHCcVW3CQOHYHXw5yDhYlURB6ydKOBgDl85PQnjA4IHPQs49e+dmWVN5OUucP0UzVlTJteo7rIamqqX4u8JSARmyO/cm1/XYsCCNLprOdIM2LWwvwX734Jr4HPx+7Po65+yzG52INYPwasZbty8fLR4Sa6yW4YVm WWIfI/UP Ch9oWqZR1gBMNSrLK232xlR8+ROG1/hjECJJ72JmLl4aNQn6JwzdIzBgAMKmW99PikNcj+nZ3uK+yoDUiW2T6Hx2gAs9h5pks99CUmIkHiagEmFNFC2hN0RL36xTI5URSErFSBcDImf9K3WECTmXYVveQ4s4nqlrKUI9bXjklmCiW5XsIRjpI+zv71r+FY8zdozU2kisnRFiL3gyiir8rl0ekpYEMofV8YlSWUkxJRbn1QS9XTR1GYgkP3cx+avLXZccCycZVbFaUtmLInf80PJodHdDC4vZOgPySkxGF+BwWBMW0+KGM4xwY+ABc8NsAG6t/OBmnNyOHu1DLcavCr2K50Tx5dX5Fo8SbY8g8XGscD1ypgCL+9CSvsm72K+RSIJV8oZnsDsm6MU1VRR9BRJDOQmejfzFW/wEXQ8XE40VG5Ci0ca4HVBPvCOFLQAPjXkCJ/1tSTnSzRWY1Kd9ji/3YJ2k1wXtp3Yyb X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hi folks, I've been trying to play with this report and was able to reproduce on v6.8-rc2, in a simple qemu VM. But the thing is: after looking similar reports in MLs, this seems quite the same report as [0], so a dup. And we even have a candidate fix for it, in the form of Thomas's patch (https://lore.kernel.org/all/87r0jwquhv.ffs@tglx/). I've tested this patch and it works, preventing the crash. So... Jann: could you help me confirm the reproducer here is the same of the other report, in which you nailed it to accessing the VSYSCALL region? For me it's quite similar, but I'm not experienced in reading this kind of BPF program... Thomas: could you maybe re-submit/merge this patch, if you still agree this is the proper fix? There's a Tested-by from Hou Tao in that thread, and feel free to add mine as well! Thanks in advance and let me know if I can test more stuff / provide more data, etc - I'm glad to help here. Cheers, Guilherme [0] https://lore.kernel.org/all/000000000000c84343060a850bd0@google.com/ ("[syzbot] [mm?] BUG: unable to handle kernel paging request in copy_from_kernel_nofault")