Re: BUG: KASAN: use-after-free in dec_rlimit_ucounts

From: Qian Cai
Date: Fri Nov 26 2021 - 00:36:18 EST

Next message: kernel test robot: "[cifs] 966a3cb7c7: page_allocation_failure:order:#,mode:#(GFP_KERNEL|__GFP_COMP|__GFP_ZERO),nodemask=(null),cpuset=/,mems_allowed="
Previous message: Herbert Xu: "Re: [PATCH 0/4] crypto: hisilicon/qm - misc clean up and fixes"
In reply to: Qian Cai: "Re: BUG: KASAN: use-after-free in dec_rlimit_ucounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 24, 2021 at 04:49:19PM -0500, Qian Cai wrote:
> Hmm, I don't know if that or it is just this platfrom is lucky to trigger
> the race condition quickly, but I can't reproduce it on x86 so far. I am
> Cc'ing a few arm64 people to see if they have spot anything I might be
> missing. The original bug report is here:
>
> https://lore.kernel.org/lkml/YZV7Z+yXbsx9p3JN@xxxxxxxxxxxxx/

Okay, I am finally able to reproduce this on x86_64 with the latest
mainline as well by setting CONFIG_USER_NS and KASAN on the top of
defconfig (I did not realize it did not select CONFIG_USER_NS in the first
place). Anyway, it still took less than 5-minute by running:

$ trinity -C 48

Next message: kernel test robot: "[cifs] 966a3cb7c7: page_allocation_failure:order:#,mode:#(GFP_KERNEL|__GFP_COMP|__GFP_ZERO),nodemask=(null),cpuset=/,mems_allowed="
Previous message: Herbert Xu: "Re: [PATCH 0/4] crypto: hisilicon/qm - misc clean up and fixes"
In reply to: Qian Cai: "Re: BUG: KASAN: use-after-free in dec_rlimit_ucounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]