From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9FBFDC83F17 for ; Fri, 18 Jul 2025 10:10:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 287978D0008; Fri, 18 Jul 2025 06:10:16 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 231B48D0001; Fri, 18 Jul 2025 06:10:16 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 120D78D0008; Fri, 18 Jul 2025 06:10:16 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id F1B598D0001 for ; Fri, 18 Jul 2025 06:10:15 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 7C83C1603EF for ; Fri, 18 Jul 2025 10:10:15 +0000 (UTC) X-FDA: 83676965190.18.ACE30D7 Received: from mail-qv1-f42.google.com (mail-qv1-f42.google.com [209.85.219.42]) by imf29.hostedemail.com (Postfix) with ESMTP id A49F3120003 for ; Fri, 18 Jul 2025 10:10:13 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=rsv0cSR2; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf29.hostedemail.com: domain of glider@google.com designates 209.85.219.42 as permitted sender) smtp.mailfrom=glider@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1752833413; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=jEPCqIH2/jSbx3GcTZK0ApZM+EPW/w4+Xq1YOqzaECc=; b=3RJnsDguY1qJMwK4scrZSczVbJXKmARuuXNhRZfoXbdP6JIfyIYYtRMgzhvDsWQYmZolBK sw0w5ipaXsEqzJEVjS5cuIDGtBt2BBLr1axZTSyJkXQXoWV4wAsqek+IQrvFH2dwKbvGof XQt6f6/qei44mstCWtR8vr+WzaBAfsU= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1752833413; a=rsa-sha256; cv=none; b=5Ts1cNy5V5mjdlRTI+L4MPSEVrH6fSI8V8nTyR+fkNOZ2UFKhd78XTuIySPk+qWcR03HWl ul3ZDc7T7A5oJ85yLN00mxCNoBIHyE0vSvO6QHSAWE38V4Ilxj0g/nK7lC9AADk6QyOYmt ttIz6nBeO1Vgx9mqZRdKJSV80h7deGo= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=rsv0cSR2; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf29.hostedemail.com: domain of glider@google.com designates 209.85.219.42 as permitted sender) smtp.mailfrom=glider@google.com Received: by mail-qv1-f42.google.com with SMTP id 6a1803df08f44-700c7e4c048so31529116d6.3 for ; Fri, 18 Jul 2025 03:10:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1752833413; x=1753438213; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=jEPCqIH2/jSbx3GcTZK0ApZM+EPW/w4+Xq1YOqzaECc=; b=rsv0cSR2u3MvtZNyLDiUZ1XHGFQ2ooBwkE+kVVRxFVVZWLGjGes5I+MLN3juBLbOf0 1qyO+eN0Uv2BZUj4sJOBTd0CYE0m0mQzXTbSQN4d7BnngH5GSqmIR9/plrjdALgMBrUe HJizJNgH3UUfHGUeJdNL+xr5neXHMWdwUk5fqGzAnPrY3uR4BG6VcinVV0BB4sfJ4+3h nJI6n3TFYrocWeXCqaSkkJ4eatQLk0LmxYAcA/3BhjBkSz17qtXjkDdAgGDZLj1ZFySQ p21DcCNd11DpZxvkTmAxRRJu9zcFgtkcseY9r4BBQOc83XV6AcQ9FSWG7V5VQTvLPJGp LBRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1752833413; x=1753438213; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jEPCqIH2/jSbx3GcTZK0ApZM+EPW/w4+Xq1YOqzaECc=; b=f8Su8cfQP4TKH1nZH23d8xR+VyUbdZ1GQ4mGFAMXPWX61px1yoHp5lUyV7oQYbKtK4 1rq6LldlKnnPZsbsroQRRJ5KBj2xcHcQg66O/CruBkhHrjdBA4Gd3yFB5X3RA1A2VudQ poTz9Py701zrpP0aEr8cI6VNij97/n5KpqQIWWPkkLEIi1+FQnVd9vo1sfU/XVVsnM8P OTe7PCdQW/FPt2D1aoYJDrXpk6vbUtgHitHqGzmiMos3Ie6qbxsErMwa9H+NKKGisXZV SCQlGzzbynE1aTRDleTzXjFDokSqJwtTBndlTbLqbQLWMLCSmn46kKMQ/ryZX0fgKpTR 1HUw== X-Forwarded-Encrypted: i=1; AJvYcCWFgqVXaH9Nw7Wagpgc0k4HPTNbtM9HXOgDU1lCBQ0XP5OPn7cS7kFc40LxASxQXVSQggZdtlXuDQ==@kvack.org X-Gm-Message-State: AOJu0Yxq9qOib1II2moE8RBgyQvDxw44B6PLW3TANTqrwXDtevW3GwKy 6RomXc3z8t2m0LuttTShX0VzZT5u7SHde/OeV7TrqTN/5Lyl6OvLpeQOA1JLRw6ecqrTETWkN9U 04m8vMUjouN1Y74RfTSMbdPvkZU78CqzmMf1j2x3N X-Gm-Gg: ASbGncuhGPbEL01hdcPmo3O/CaDWeSzS7r0Cy7bND68rgAmMF8cpxTdeP4kaiyCgkXp T280BePrIthge1D4vCK+20NuKpeBGz+Vr9zU/IYvIJip5AgDmeUSws3uoPnrz88bb8qQ9Ht8Fzo X2KR3buZW+o73NIb/eiB234Q5StGNLkHcQDfUa8b7C2cwk3COlegyR404BIfoTyLTWBacCbaJ6q ylAgeRcTlXavfqxxvyCA71VgbP1lZiQYG8BFYUyJbC/yUM= X-Google-Smtp-Source: AGHT+IG/wYxOJUxanaQ6g0B5XOVA0zS5Iwdf94oep4+xLX5zyj4bePYdHJMZ1gAUmHRfiZKt8dy1F7Mfinw3/h2KSLU= X-Received: by 2002:a05:6214:5192:b0:704:95c6:f5f1 with SMTP id 6a1803df08f44-7051a15125fmr34835966d6.34.1752833412173; Fri, 18 Jul 2025 03:10:12 -0700 (PDT) MIME-Version: 1.0 References: <746aed.1562c.1981cd4e43c.Coremail.baishuoran@hrbeu.edu.cn> In-Reply-To: <746aed.1562c.1981cd4e43c.Coremail.baishuoran@hrbeu.edu.cn> From: Alexander Potapenko Date: Fri, 18 Jul 2025 12:09:33 +0200 X-Gm-Features: Ac12FXwsHM_uuBa1qVrE5Gm7fmdma5LXAF-jfsts2wnYsvJPRzKuXDI3yQVqq9k Message-ID: Subject: Re: KASAN: out-of-bounds in __asan_memcpy To: =?UTF-8?B?55m954OB5YaJ?= Cc: Andrey Ryabinin , Andrew Morton , Kun Hu , Jiaji Qin , Andrey Konovalov , Dmitry Vyukov , Vincenzo Frascino , kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: x9tx83isfsk5x1knorjwdwg5s1jpkdq7 X-Rspamd-Queue-Id: A49F3120003 X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1752833413-422360 X-HE-Meta: U2FsdGVkX199vtPQ9wXY8gxCGUx/3Vc8/O5ZhlLV87XAXNmiA8Y5Gfw610ZgO+2QGOYisBqrByjUm94WOImhwekdoFGbPEWv3boUqknp/twify9whChjzb8ISomBnm1lISHwufKzWSgPlJqzql94XuIrccUfjAh9DiTrMdlDLJCp7wLRcLVEOVhutmIxbvmrRJz6n4r4iCeJOaSb0+yLmzObttpMMI/lWTmfwWcWhTX0JRCOuE4UhXgxN8Sbh7/x/8KHJTicExqV9AOUNDuq5H+17/5qDiRjdtm5DgbJCvwSmgbdC61QFNL3q3VemnyH4VsHjklMCE5iFC5dsELovyEOtYmfNevQBRiirP5aZVwgXbyK2LaUirWV1xqgayHjqqIu6tJnLuC1dX3lIDxwooRpR6CtHM0985FKbfFjiuAN93ZJszd7FqAMl22ifs66lms0hF2wtmy63J7kqc99+dOEtDNYbee27tzXU7tTA3Bv6wAHbtfhrB3wfyLXgW53WJS3SiZGK8lsnL2+NQGm2aVWCvieUsyQPpnUpmgB0TPZ9pT13ZsbcPN9kdcdZtpFwxQDO3I1cm193U+pmLUzGpXERFkGVz/NNGWlnKyrqVfZQhuxW4J/XB1UHwHW8P5wSVmv1/DjUbTCwLq3Eg8jZn9f1soo+AWS0bG/IrOkg/27NKhCuNTh6YDh508MF7Ptve0TjRy1UvsSR5g/PhBGllrAoMg/s3pu2kpLiOjqYzg2tZzo7ZmVxzMjSOriXFVFdfBYNeqhQ42KUdDrQrR1BQeLeHWK/qChIN/5xkhADKFGI+4P2S7wkH+vJemEwLpvuAbchqUNvNMHz+agqaQnOPMDrTAaU6dCJuI3ga61i9ym0ZNVMkpjAM+vyMjUAc26TDe5BHGhMrf7G++qMujqalX1pzdHC7lFNraP5oj6ZT1dSieXrbS6XLwVAnSXlqUgAtzeKuQb8IAKrEC+LH6 cFB5C1LJ wSOLhbzaQ0E11HdaQPd215jhRpbHaRPzUBR4XPxf4h4o9I+CRHE3maxfdUsCpkHaMLJoTVk0kF9R+Wm10BDlMGvAqX+GpQN/OpXRv9ZLGwtqrpxDni7WW3m5c1rVfrA3vbvlYyV7VhyJnhPH/XzV0CtO9+aNGWUsowP+PJSiQnlJOiM5mpkGcY8BTrUZu4+ZHXC7dZe56fsOstNAC7PbDUI+U2mZ3r+xa8biRFpV9SQR3zg5UolL4Tk2CopK4Y4WErYwcnGz2bShiCKtOl4qj5QNSzv550mkFjU6GOfVInvDJn2RP6SEA4kov+Vy+HjHIxJPpfWfsKb2HtizfXeacE4RBU/BgsJSP6kAler8Ob2oOWJWKn+cxF4M+WIznmQgqscAgs6yXIEU8w9m7ih+AoOsaRC8pca0FtUn3Pq+Ls7EabKLcOCWpXQB6Q11UAiYLOyxg1scz6baO7ebjO4jB86anpEFx7mnktBFhCtTRn2R53tKXRSU+jH70JK6LPFvb7JFzFp5rCPtBX3tM0rRGSz1Su8BLxM+UDGkDhHHGSCEn/A72pm+I7C15QzmDQTcfdihh X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Jul 18, 2025 at 11:19=E2=80=AFAM =E7=99=BD=E7=83=81=E5=86=89 wrote: > > Dear Maintainers, > Hi Shuoran, Your colleague Kun Hu reported a use-after free with the same stack trace in May: https://lkml.org/lkml/2025/5/21/611 At that time I pointed out that this bug is already well known to syzkaller, and there is little value in reporting it again. Note that the out-of-bounds report is also known to syzkaller: https://syzkaller.appspot.com/bug?extid=3Daa6df9d3b383bf5f047f Is there any particular reason to report the same bug over and over again? > When using our customized Syzkaller to fuzz the latest Linux kernel, the = following crash was triggered. Unfortunately the fact that your customized syzkaller instance found a known bug doesn't indicate that any of your customizations work. > > HEAD commit: 6537cfb395f352782918d8ee7b7f10ba2cc3cbf2 > git tree: upstream > Output: https://github.com/pghk13/Kernel-Bug/blob/main/0702_6.14/KASAN%3A= %20out-of-bounds%20in%20__asan_memcpy/11_report.txt Both this report and the stack trace below lack the file:line information, which usually urges people to close the email. Please refer to https://github.com/google/syzkaller/blob/master/docs/linux/reporting_kernel= _bugs.md for some suggestions on how to give the users more information. > The error occurs around line 105 of the function, possibly during the sec= ond kasan_check_range call, which checks the target address dest: it may be= due to dest + len exceeding the allocated memory boundary, dest pointing t= o freed memory (use-after-free), or the len parameter being too large, caus= ing the target address range to exceed the valid area. This is clearly an LLM-generated description, and a poor one. There can be potential for LLMs helping people to understand bug reports, but when working on a prototype you'd better check every text that you send out. > We have reproduced this issue several times on 6.14 again. There is no point to reproduce bugs on 6.14 as long as it is reproducible upstream. If it is not, the best thing you can do is probably to find out which commit fixed it, and notify the maintainers that the commit needs to be backported. > > -- > You received this message because you are subscribed to the Google Groups= "kasan-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an= email to kasan-dev+unsubscribe@googlegroups.com. > To view this discussion visit https://groups.google.com/d/msgid/kasan-dev= /746aed.1562c.1981cd4e43c.Coremail.baishuoran%40hrbeu.edu.cn. --=20 Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Stra=C3=9Fe, 33 80636 M=C3=BCnchen Gesch=C3=A4ftsf=C3=BChrer: Paul Manicle, Liana Sebastian Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg