| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 02 Oct 2023 17:38:48 +0200
From: Oleksandr Natalenko <oleksandr@...alenko.name>
To: Matthew Wilcox <willy@...radead.org>
Cc: linux-kernel@...r.kernel.org, Bagas Sanjaya <bagasdotme@...il.com>,
linux-media@...r.kernel.org, linaro-mm-sig@...ts.linaro.org,
dri-devel@...ts.freedesktop.org,
Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
Maxime Ripard <mripard@...nel.org>,
Thomas Zimmermann <tzimmermann@...e.de>,
David Airlie <airlied@...il.com>,
Daniel Vetter <daniel@...ll.ch>,
Sumit Semwal <sumit.semwal@...aro.org>,
Christian König <christian.koenig@....com>,
Linux Regressions <regressions@...ts.linux.dev>,
Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org
Subject: Re: [REGRESSION] BUG: KFENCE: memory corruption in
drm_gem_put_pages+0x186/0x250
On pondělí 2. října 2023 16:32:45 CEST Matthew Wilcox wrote:
> On Mon, Oct 02, 2023 at 01:02:52PM +0200, Oleksandr Natalenko wrote:
> > > > > > BUG: KFENCE: memory corruption in drm_gem_put_pages+0x186/0x250
> > > > > >
> > > > > > Corrupted memory at 0x00000000e173a294 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#108):
> > > > > > drm_gem_put_pages+0x186/0x250
> > > > > > drm_gem_shmem_put_pages_locked+0x43/0xc0
> > > > > > drm_gem_shmem_object_vunmap+0x83/0xe0
> > > > > > drm_gem_vunmap_unlocked+0x46/0xb0
> > > > > > drm_fbdev_generic_helper_fb_dirty+0x1dc/0x310
> > > > > > drm_fb_helper_damage_work+0x96/0x170
> >
> > Matthew, before I start dancing around, do you think ^^ could have the same cause as 0b62af28f249b9c4036a05acfb053058dc02e2e2 which got fixed by 863a8eb3f27098b42772f668e3977ff4cae10b04?
>
> Yes, entirely plausible. I think you have two useful points to look at
> before delving into a full bisect -- 863a8e and the parent of 0b62af.
> If either of them work, I think you have no more work to do.
OK, I've did this against v6.5.5:
```
git log --oneline HEAD~3..
7c1e7695ca9b8 (HEAD -> test) Revert "mm: remove struct pagevec"
8f2ad53b6eac6 Revert "mm: remove check_move_unevictable_pages()"
fa1e3c0b5453c Revert "drm: convert drm_gem_put_pages() to use a folio_batch"
```
then rebooted the host multiple times, and the issue is not seen any more.
So I guess 3291e09a463870610b8227f32b16b19a587edf33 is the culprit.
Thanks.
--
Oleksandr Natalenko (post-factum)
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists