Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp1970836ybb; Thu, 26 Mar 2020 18:29:35 -0700 (PDT) X-Google-Smtp-Source: ADFU+vudP5IBH3TRgBiDQh3j+ys1ebkWwcFoo5uoB+OdbQWwcnyb3b/YQhHEgr2ZgiubyoNlLRQT X-Received: by 2002:a9d:7397:: with SMTP id j23mr8186945otk.269.1585272574840; Thu, 26 Mar 2020 18:29:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585272574; cv=none; d=google.com; s=arc-20160816; b=B+Gc9MJkg6MBclIZAl5UF1DmG0VOy54RFdnDS3OSNM0h3zPK22IAPHi3+6C4Dww0u+ Sppi1zMA9JWYRfCJFp2cmFw30KB4BsohNdYLQn5Co8HqICaoh6KUp8zZQWwZHSO7p8PC Yg//otw+Y4ZsO6xtRn+n/WI60UIS0GAW0UwYfkvlZ+ToNA507ONZ2p1Tiv+zkha75eFB ZhIVbFNvLN3Wy/R90FQJCgfHejKeoecb4s7VfUuf6SRMjJSiVB8VIIsegMCp4fn6PTxj 5mcr/96f3h/cGyxDo7hojVnQ2HlyGPk/xzMWxZa9mvUFztylfkn233idBfwEiXIB0/k8 YljQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:from:subject:message-id:in-reply-to :date:mime-version; bh=fpOoO95ghuCLLCEIiKHNf1Vn4Rzo9M55/w0gJcRUpiM=; b=k5F8SuI2E4MNPTmt2Vhj4hZq/OeFF1+RUWspi6YzD9UNeYuy/f91M/WHxM6jetWa/T 8vf3MhavyNRNfyOU5L0MgWn/8S3EYxiI21CEcLaMRz4tffi5iep3GMQuHh5Z838UoXvd MohwVv9umvwfV0AopWaRwI2KUYmMmmUQmy54KXE+cMmUmOe0CIy4yrfenOEvSYPcMuLc dUJdfWCCfkgNeeeDUSDKEOkvtTX/HI+0lMfIxm5vLI+Uz9+K44fI9aJcOpdcUqTillMT jN3QUH/CanG++648T2Ji074r1DKgLF4OJhbsmkRPYhME4Tp+7Ul/q0tJL4G3RYPoqt7g nrow== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x8si333912otq.313.2020.03.26.18.29.22; Thu, 26 Mar 2020 18:29:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727725AbgC0B2F (ORCPT + 99 others); Thu, 26 Mar 2020 21:28:05 -0400 Received: from mail-io1-f69.google.com ([209.85.166.69]:51172 "EHLO mail-io1-f69.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727560AbgC0B2E (ORCPT ); Thu, 26 Mar 2020 21:28:04 -0400 Received: by mail-io1-f69.google.com with SMTP id s2so7067358iot.17 for ; Thu, 26 Mar 2020 18:28:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:date:in-reply-to:message-id:subject :from:to; bh=fpOoO95ghuCLLCEIiKHNf1Vn4Rzo9M55/w0gJcRUpiM=; b=LbhPRqVa/W5TYtBTr3FZvvIXEhYLI1uA660HUfr/OPSRU1ELxUbEILOXhsnn2C5YCr PFojmyBJZ6RZlwxXZgAl+yCQ/wxIImPlM55TIR9/q/J5SCR+abNPBNA4zah6yZmikE5D jUOXtMBWEbPvmRx04OQq8C2m0DsQqSuKCcv7roZznXYtEtFr+VbYik1KevMWgRALlwdu s6ZGWTCh6/hcZS7FpeeK6Yr9SunxAsq48+wx3nGubZ19fmplgI9wFUx7l6sGME72rLXz gEhmtWrfUDJWafkg+08lLGWtkWcS1uMhhAYvRluZJHmkBRBghmQUqoWUvveLemoAGn9i dKpA== X-Gm-Message-State: ANhLgQ3dtppatSkZ44Yvtx7EmUkfK5zkoX+/9oKwHySPPFfkpyjAZwb+ T18l52AFVVc4XWH7r9YiA9qDYmhS6MVS4e9xmFTzHvSA5mfy MIME-Version: 1.0 X-Received: by 2002:a92:9107:: with SMTP id t7mr11623063ild.140.1585272483961; Thu, 26 Mar 2020 18:28:03 -0700 (PDT) Date: Thu, 26 Mar 2020 18:28:03 -0700 In-Reply-To: <00000000000047770d05a1c70ecb@google.com> X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <0000000000004760b805a1cc03fc@google.com> Subject: Re: KASAN: null-ptr-deref Write in blk_mq_map_swqueue From: syzbot To: a@unstable.cc, axboe@kernel.dk, b.a.t.m.a.n@lists.open-mesh.org, davem@davemloft.net, dongli.zhang@oracle.com, linux-block@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, mareklindner@neomailbox.ch, netdev@vger.kernel.org, sven@narfation.org, sw@simonwunderlich.de, syzkaller-bugs@googlegroups.com, viro@zeniv.linux.org.uk Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org syzbot has bisected this bug to: commit 768134d4f48109b90f4248feecbeeb7d684e410c Author: Jens Axboe Date: Mon Nov 11 03:30:53 2019 +0000 io_uring: don't do flush cancel under inflight_lock bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=14233ef5e00000 start commit: 1b649e0b Merge git://git.kernel.org/pub/scm/linux/kernel/g.. git tree: upstream final crash: https://syzkaller.appspot.com/x/report.txt?x=16233ef5e00000 console output: https://syzkaller.appspot.com/x/log.txt?x=12233ef5e00000 kernel config: https://syzkaller.appspot.com/x/.config?x=27392dd2975fd692 dashboard link: https://syzkaller.appspot.com/bug?extid=313d95e8a7a49263f88d syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13850447e00000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=119a26f5e00000 Reported-by: syzbot+313d95e8a7a49263f88d@syzkaller.appspotmail.com Fixes: 768134d4f481 ("io_uring: don't do flush cancel under inflight_lock") For information about bisection process see: https://goo.gl/tpsmEJ#bisection