Le 30/07/2019 à 20:52, bugzilla-daemon@bugzilla.kernel.org a écrit :

Reply all replies to bugzilla-daemon@bugzilla.kernel.org only.


[...]

cc'ing various people here.

Hum ... only got that email through the bugzilla interface, and CC'ed 
people don't show up.

I suspect proc_cgroup_show() is innocent and that perhaps
bpf_prepare_filter() had a memory scribble.  iirc there has been at
least one recent pretty serious bpf fix applied recently.  Can others
please take a look?

(Seriously - please don't modify this report via the bugzilla web interface!)

Haven't got the original CC'ed list, so please reply with missing Cc's 
if any.

We have well progressed on this case.

Erhard made a relation being this "Object padding overwritten" issue 
arising on any driver, and the presence of the BTRFS driver.

Then he was able to bisect the issue to:

commit 69d2480456d1baf027a86e530989d7bedd698d5f
Author: David Sterba [off-list ref]
Date:   Fri Jun 29 10:56:44 2018 +0200

     btrfs: use copy_page for copying pages instead of memcpy

     Use the helper that's possibly optimized for full page copies.

     Signed-off-by: David Sterba [off-list ref]



After looking in the code, it has appeared that some of the said "pages" 
were allocated with "kzalloc()".

Using the patch https://patchwork.ozlabs.org/patch/1148033/ Erhard 
confirmed that some btrfs functions were calling copy_page() with 
misaligned destinations.

copy_page(), at least on powerpc, expects cache aligned destination.

The patch https://patchwork.ozlabs.org/patch/1148606/ fixes the issue.

Christophe

---
L'absence de virus dans ce courrier électronique a été vérifiée par le logiciel antivirus Avast.
https://www.avast.com/antivirus