Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp3577468imm; Sun, 29 Jul 2018 22:57:02 -0700 (PDT) X-Google-Smtp-Source: AAOMgpemrBRS0TRc7+UEo4clanVxHYdT+QmUJCQhLaXtGFOKQw7K+9yx1atz7i/rkWPqlL5SpYDY X-Received: by 2002:a62:15c8:: with SMTP id 191-v6mr16341971pfv.194.1532930222493; Sun, 29 Jul 2018 22:57:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532930222; cv=none; d=google.com; s=arc-20160816; b=xMgUFB69ekFSdYB1l7QFruqZpG369ys28dFKsFWrDTVWMMkh6AfhMeIfjM2alNvRZR Gb+iZEsP30QPsxxcUNb5QsOsPNZP8RUOenjOwtxgClc4J2e2iIPWWpzH8jhG/9U464XV h4TJNyeQ1B2ikP2grNVq13HL72NdoR7P3oisxyTfSFzF+cF02LdGzE/0YtLKMpCMjcei BXbgzyW9xSJwlE2tvqwqrU3UMLMHH6Fiho3Brzbh+KTc+eu7xq7VgS9xh76w2mCuKNTC IttqYwP9tsht33e0HTrHCdyMx1NHJH5BOWCOcSktW7OY7nNIguaRnu6R0VoITkeFiGim u3BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=sgIt0iOhZJ3IG96mnr7t5lbJHZp4olQue+CDGJswNa0=; b=sUb7Yy+KlVH4QOBH5Y/+Jdk6L8gmoMswTwWc2Aq+0udTb86JD9LatxnwlsI68skUJ3 TxfZem1mxQTSKomErGBY4ry/X9FVwU6rg+rcVnDcbR6+x6/di1d9H9YG7oE7aTOl3slq HFeaD6w3rHTq8D0FykAzg+ac1LRujgaPz7twGuDqC31aHFzIV1SV4UjpzGVUQ9dOhsiY f0SUb1VlSSWelaFuB8FU2HbOPJq8HxuHYC3nzkZrDGClXwAeTn1kOq9aJfy7kw87z11h iv+oz4YlA+YZCGgXJALIHI0RlQ5QLKNGx5ZjkIPXZj/erAgruJMivBVCcfuqPCrbvjJ1 kn7A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Me0jB+RQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z18-v6si10414366pfl.209.2018.07.29.22.56.35; Sun, 29 Jul 2018 22:57:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Me0jB+RQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726448AbeG3H23 (ORCPT + 99 others); Mon, 30 Jul 2018 03:28:29 -0400 Received: from mail-pf1-f196.google.com ([209.85.210.196]:35638 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726259AbeG3H23 (ORCPT ); Mon, 30 Jul 2018 03:28:29 -0400 Received: by mail-pf1-f196.google.com with SMTP id q7-v6so4025883pff.2 for ; Sun, 29 Jul 2018 22:55:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=sgIt0iOhZJ3IG96mnr7t5lbJHZp4olQue+CDGJswNa0=; b=Me0jB+RQD2Kw4eoN+IXTn2nvyQcfsF5CHZFfh+0MjlWD1TxLkvDM/IAkvdjmGFdZd5 HwNPvryUAIv43AUZ4A4gK1NTdacJ6Br4qHj7/ItP8NLtkUOntJtdzTSNzJfmPbzXyP5U QnkQz2Elv2p5WGKgEw2TuTpDwlhT8Ujw/XpSL9IrM8ltJ+bTrWZ8yyrsJs9V8iDTbKZS 9jDeY/SZlXmehtW3SUfNcgy7GKORpODJdXVya2q/G8kYeTZCjUPx2fEKrcwCfDi4o34m UNDNpucJejD7lzzfs/uZneJSQbpQxiuQfYoFbgOA9/NHwOe0ByOOUV+y2udkdk5JJZ7j Zr3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=sgIt0iOhZJ3IG96mnr7t5lbJHZp4olQue+CDGJswNa0=; b=KM5LkfeE4Cqhx8xyHoP5iS6MbFE/3n9F4t4j5T/V88wQ9gVDRqyTiCBgCRTXtPAtsv H8kHXm8CuHLZxF3Q9dtoJKxTj8GWppV/kFPoAtzOQCewZmAZGeEEdekMLRs2+fXs8q2J TSdLLC2nkYpMeMeKUbt78NfhKkd901E0Lsgd5PVJxltBsy0QWOP5UQS1eEdOFmCXHlvJ 5rDkIo0lhbRy/5cbrl/Bv0k3ZwLRL8jnpjkJEg5h/0U6Dd4gNI5r7U8+M8r4YJVEiImH 4ohDjH6tueOVUAP++AiW/lFtM4onCBCRa/inU8TZG9pTO9V2myVFBbmo1ZJn6YCGmIYP qzew== X-Gm-Message-State: AOUpUlF2Z62gn/wj9p82lFfJ1FsVRFheTbO8xBfFgGPhRc6i9aqg9j2V wYroMtst5NCbsmnxurw3AN9EI9DnvbsrfhK1loc18Q== X-Received: by 2002:a65:58c8:: with SMTP id e8-v6mr14895778pgu.96.1532930110360; Sun, 29 Jul 2018 22:55:10 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a17:90a:ac14:0:0:0:0 with HTTP; Sun, 29 Jul 2018 22:54:49 -0700 (PDT) In-Reply-To: <20180729233336.GB28684@nautica> References: <20180729130248.29612-1-tomasbortoli@gmail.com> <20180729233336.GB28684@nautica> From: Dmitry Vyukov Date: Mon, 30 Jul 2018 07:54:49 +0200 Message-ID: Subject: Re: [PATCH] 9p: fix Use-After-Free in p9_write_work() To: Dominique Martinet Cc: Tomas Bortoli , David Miller , v9fs-developer@lists.sourceforge.net, netdev , LKML , syzkaller Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jul 30, 2018 at 1:33 AM, Dominique Martinet wrote: > Tomas Bortoli wrote on Sun, Jul 29, 2018: >> There is a race condition between p9_free_req() and p9_write_work(). >> A request might still need to be processed while p9_free_req() is called. >> >> To fix it, flush the read/write work before freeing any request. >> >> Signed-off-by: Tomas Bortoli >> Reported-by: syzbot+467050c1ce275af2a5b8@syzkaller.appspotmail.com > > It looks like I have not received this report, I found it through google > in the lkml archives But you should have been received it? Or not? We had some complaints that syzbot emails were not delivered, but in these cases they were not delivered to lkml, and only to explicitly CCed people. > but Dmitry do you have a convenient-ish way of > finding the report on the syzkaller website with that reported-by tag? Well, you can do: http://syzkaller.appspot.com/bug?extid=467050c1ce275af2a5b8