From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2F103C433EF for ; Tue, 29 Mar 2022 03:02:27 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 845008D0002; Mon, 28 Mar 2022 23:02:26 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7F5388D0001; Mon, 28 Mar 2022 23:02:26 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6BC018D0002; Mon, 28 Mar 2022 23:02:26 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0152.hostedemail.com [216.40.44.152]) by kanga.kvack.org (Postfix) with ESMTP id 5C1A78D0001 for ; Mon, 28 Mar 2022 23:02:26 -0400 (EDT) Received: from smtpin31.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 097BD18289F65 for ; Tue, 29 Mar 2022 03:02:26 +0000 (UTC) X-FDA: 79295925492.31.3F7F3A6 Received: from mail-yb1-f181.google.com (mail-yb1-f181.google.com [209.85.219.181]) by imf05.hostedemail.com (Postfix) with ESMTP id 0E118100003 for ; Tue, 29 Mar 2022 03:02:24 +0000 (UTC) Received: by mail-yb1-f181.google.com with SMTP id g9so26913982ybf.1 for ; Mon, 28 Mar 2022 20:02:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZJF2ROwWswfObVh+2bG7an1ccg+/dGsZVnoMIY0qAho=; b=gSJ30XwFfgCjoj7FODAJINpGCvebtxMjLRGGevotz+9ZlBRkCUMeU8L9h6Bnq4EbdD 9mlPKz6SV+vXTltegjU1HzpHmPAcimoAChXTplAr29Yo3iT2YnWV8F1wvC2scvGK8NfH oox99sFrFwk6+yWK0lR5qBeAlnNKyjBsDOX5XwmMR8UH6piEfvXDOEkd/XJ1WNiyt+dS d5kTuz1eBV1QwXKxN67DbDIAoE122Q2X7jUNHB74UY4t51ikyj8aVEU1w4Rh9fJMFetX /QHNt0pSkoMhCW4VQJqY1Zo6idopu36g3Em7DYg1Ql5qdWkZpbMJC8vkBzbay9DbREp4 rK7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZJF2ROwWswfObVh+2bG7an1ccg+/dGsZVnoMIY0qAho=; b=JiUi1JOYZGPEywJnZ9IOfrtXDBD2nHqb+rjibTotbb7G3aj+xIhMEU+O3XLgxzY1DE MBUaW3sM5uwXAHzIzYXqMxSEplzk/XPkejgrA9+LAZ2h1MFKOX8qMpQlQtZoVjC69kKp GE/4vkdsrGnkIrDhtOHmBjDgu3+jr+MMCuLbxNe/xnwzDaoDKnTziRNDo8hmGZFylnoW BNus8Je+IW+cUdVD80+cotOnvP/PifmYyDXKEKH7fIAtkhacO5u7tL+NA55lBjWy/RW3 igu8ekJQ/loFpVdk7UPlFAl8a0rWV0Ncm1ewaeixnKZ/ELhyKEHukqmRSwSqMTkVINT4 WkAg== X-Gm-Message-State: AOAM531VzvI4jGSCz8ovn5G4unkFhzNZBoB4j+Hmdw9CoY42A1ZyTpef qOrMk+xu6cpUQulZPksKqkpF94sSTzA3Tjm8M4mO6A== X-Google-Smtp-Source: ABdhPJw8uLz2f4kWeQOV9VmVcaiJBylPdGmsHXEuxkEvtSgsM3oqrwPYO0E6tmuL6ic+5M22rbQ6iH9E/dyLDCcKG1o= X-Received: by 2002:a25:cdca:0:b0:633:c810:6ca with SMTP id d193-20020a25cdca000000b00633c81006camr26311135ybf.261.1648522944149; Mon, 28 Mar 2022 20:02:24 -0700 (PDT) MIME-Version: 1.0 References: <20220328132843.16624-1-songmuchun@bytedance.com> In-Reply-To: From: Muchun Song Date: Tue, 29 Mar 2022 11:01:45 +0800 Message-ID: Subject: Re: [External] Re: [PATCH v2] mm: kfence: fix objcgs vector allocation To: Marco Elver Cc: Alexander Potapenko , Dmitry Vyukov , Andrew Morton , kasan-dev , Linux Memory Management List , LKML , Xiongchun duan Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Stat-Signature: zrxtgxwt4iymn9bnwn88byooesf1ogqh Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=bytedance-com.20210112.gappssmtp.com header.s=20210112 header.b=gSJ30XwF; spf=pass (imf05.hostedemail.com: domain of songmuchun@bytedance.com designates 209.85.219.181 as permitted sender) smtp.mailfrom=songmuchun@bytedance.com; dmarc=pass (policy=none) header.from=bytedance.com X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 0E118100003 X-HE-Tag: 1648522944-100438 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Mar 29, 2022 at 2:58 AM Marco Elver wrote: > > On Mon, 28 Mar 2022 at 17:54, Muchun Song wrote: > [...] > > > > > > > > Btw, how did you test this? > > > > > > > > I have tested it with syzkaller with the following configs. > > And I didn't find any issues. > > > > CONFIG_KFENCE=y > > CONFIG_KFENCE_SAMPLE_INTERVAL=10 > > CONFIG_KFENCE_NUM_OBJECTS=2550 > > CONFIG_KFENCE_DEFERRABLE=n > > CONFIG_KFENCE_STATIC_KEYS=y > > CONFIG_KFENCE_STRESS_TEST_FAULTS=0 > > Hmm, I would have expected that you have some definitive test case > that shows the issue, and with the patch the issue is gone. Were there > issues triggered by syzkaller w/o this patch? > I have tested this patch with the following patch and without this patch. Then we'll see the BUG_ON meaning both objcg vector and object are allocated from kfence pool. diff --git a/mm/slab.h b/mm/slab.h index c7f2abc2b154..1d8d15522a2e 100644 --- a/mm/slab.h +++ b/mm/slab.h @@ -519,6 +519,8 @@ static inline void memcg_slab_post_alloc_hook(struct kmem_cache *s, continue; } + BUG_ON(is_kfence_address(p[i]) && is_kfence_address(slab_objcgs(slab))); + off = obj_to_index(s, slab, p[i]); obj_cgroup_get(objcg); slab_objcgs(slab)[off] = objcg;