On 2025-02-07 13:16, Bernd Schubert wrote:
On 2/7/25 11:55, Vlastimil Babka wrote:
On 2/7/25 11:43, Miklos Szeredi wrote:
On Fri, 7 Feb 2025 at 11:25, Vlastimil Babka <vbabka@xxxxxxx> wrote:
Could be a use-after free of the page, which sets PG_lru again. The list
corruptions in __rmqueue_pcplist also suggest some page manipulation after
free. The -1 refcount suggests somebody was using the page while it was
freed due to refcount dropping to 0 and then did a put_page()?
Can you suggest any debug options that could help pinpoint the offender?
CONFIG_DEBUG_VM enables a check in put_page_testzero() that would catch the
underflow (modulo a tiny race window where it wouldn't). Worth trying.
I typically run all of my tests with these options enabled
https://github.com/bsbernd/tiny-qemu-virtio-kernel-config
If Christian or Mantas could tell me what I need to install and run, I
could probably quickly give it a try.
I used the "Obfuscate" app:
https://flathub.org/apps/com.belmoussaoui.Obfuscate
Selecting a JPEG/PNG file in GNOME's file browser (Nautilus) and
choosing "Open with > Obfuscate" reliably triggers the bug. (Running
`com.belmoussaoui.Obfuscate` and opening a file from within the app
likely would, too, but at the time I didn't try that.)
