From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E13BA47A7A; Wed, 13 Mar 2024 15:54:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710345257; cv=none; b=juxnr7g6q92HWVoU1W4/y3bZeJMy5UhnFb9RS8HsiCg+yp91A412J8cadCKd+tFr7Ha9vyWZmXZvM+MNsWQAhTcqKcg37DpO+rR0cmwGp/TpQCbpPYHRAHGwXa1I4I5fdGF6CbpGLJHqul/3uOmxRpXDi+O+5L0n6r4QH3e4ujA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710345257; c=relaxed/simple; bh=yCPcm0HuACe7Ylcl84l9GUNnikcf7P+tj8+cPMTT1gw=; h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References: MIME-Version:Content-Type; b=dGOrxS2byWp/Cff+L4H4hLvg/zt7+BMmnzgvOweKy5j+rg5hbbkMyBi0KkU4PcquVgmK1WaITT68FywKUi9qipkLxj5RiPxXnm58CxzBBbAlh4eZQ9QHjMkeenlGY+TuV4lFV4KAgC/3DbsGoKxzL5GNGmEzRkp959SHvIvrxR8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mxj88dHc; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mxj88dHc" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 66BA9C433C7; Wed, 13 Mar 2024 15:54:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1710345256; bh=yCPcm0HuACe7Ylcl84l9GUNnikcf7P+tj8+cPMTT1gw=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=mxj88dHc33oAxVBxSHr88C5zoxchwh2o2neCu/oC/+61SIFU/4RmGQ+A1DG8z5YJn fKvYkA8piLJN2vAye9c8K2mulAYh7BB62yMwlLRsd2hBByg8r/2ehaHOwb+k6KrPa+ RamzaIzG7oNKH0YdXZTNgXkFAHniAsk+Hb6nDT6Ebg5kAHmCaLgBslSZMaTciVf+Su 3bGr9hxMttOWS/IqAMhp9g1SXvJoZbCL4aQv2rBG2dxi2FSo2/qtHLlfJb91hHrVmI Xf4MosYqY69TwWn5EVoB1zVKLYw+/1LI3JAQOTG4JiJN8A5qHwNPKqVbDv9S79K9hc RgGZa7geV9heA== Received: from [209.214.232.173] (helo=wait-a-minute.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1rkQvl-00C75Z-IU; Wed, 13 Mar 2024 15:54:14 +0000 Date: Wed, 13 Mar 2024 15:54:07 +0000 Message-ID: <87ttlap1pc.wl-maz@kernel.org> From: Marc Zyngier To: cheung wall Cc: Oliver Upton , Catalin Marinas , Will Deacon , James Morse , Suzuki K Poulose , Zenghui Yu , linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org Subject: Re: memory leak in kvm_init_stage2_mmu In-Reply-To: References: User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/28.2 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 209.214.232.173 X-SA-Exim-Rcpt-To: zzqq0103.hey@gmail.com, oliver.upton@linux.dev, catalin.marinas@arm.com, will@kernel.org, james.morse@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false On Wed, 13 Mar 2024 04:53:52 +0000, cheung wall wrote: > > Hello, > > when using Syzkaller to fuzz the latest Linux Kernel arm64 version, > the following crash > > was triggered on: > > > HEAD commit: 0dd3ee31125508cd67f7e7172247f05b7fd1753a (tag: v6.7) > > git tree: upstream > > console output: https://pastebin.com/raw/MLVZbN01 This reports "Forbidden". > kernel config: https://pastebin.com/raw/PFD96ZwE # CONFIG_KVM is not set How do you expect this to work? > > C reproducer: https://pastebin.com/raw/rHmMzvGt > > Syzlang reproducer: https://pastebin.com/raw/dAt714WD > > > If you fix this issue, please add the following tag to the commit: > > Reported-by: Qiang Zhang > > ---------------------------------------------------------- > > 2024/03/05 18:24:34 executed programs: 0 > 2024/03/05 18:26:41 executed programs: 8 > BUG: memory leak > unreferenced object 0xffff023ad74b8100 (size 128): > comm "syz-executor.3", pid 3911, jiffies 4295149819 (age 22.132s) > hex dump (first 32 bytes): > 28 00 00 00 01 00 00 00 00 40 4e d7 3a 02 ff ff (........@N.:... > 80 d9 5f a4 48 d3 ff ff c8 69 46 d7 3a 02 ff ff .._.H....iF.:... > backtrace: > [<000000008d295845>] kmemleak_alloc_recursive > data/embfuzz/emblinux/linux-4a61839152cc3e9e00ac059d73a28d148d622b30/./include/linux/kmemleak.h:42 [...] I suspect this report suffers from the same problem as the other one, where this is actually against 6.1.61 rather than 6.7 as advertised? I ran the reproducer locally on 6.8, and didn't observe any failure. I had to modify the it though, as I'm using a host with 16kB page size. Please let me know if I'm missing something. M. -- Without deviation from the norm, progress is not possible.