Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp2511546pxy; Mon, 3 May 2021 01:31:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx3PM5sCjwA5rWSvMu1M2Nf3AoBSZ3X8mh1QfSlBTZHTv81Xrh2pQvbADZ4pCoVpM1pHjxq X-Received: by 2002:a63:ff66:: with SMTP id s38mr17060363pgk.154.1620030678578; Mon, 03 May 2021 01:31:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620030678; cv=none; d=google.com; s=arc-20160816; b=WIAw+ztcx0VpG27yHxeh/e1zj2KYRa6V3WmXNFWOg47tfxm3K1Y5K3Mv7+dw+Cohdj xNvobJjJhS+NKE8zqLTIunhO7uTgx6iWu16Ls/jPvWfMADzkmIzGjFZ2be7zbiTWz/kJ pUNAAtWCmeHFqC2T9Bdnc1+HNeZjwwYGxJDUDXMMsCf9IQhJB9+ZDptG1UERp/CrAH3Q IlDMDWFy3lkUiV2VzdfK8zz2GdMTYGY00TnFIkL4uA6famNtNqEwuNd6fYnW6hcf/yyg LXCI3et7Ie3lOoqRI0hO+VzIxwPd/JrMIDbD8if1yrKeEOkE4J1EGO+q7RhSfLsj6MhF CDxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=gLo/NoP158wv5OLfShasVC5JlpjEaHWC6HUB0+ZGjO0=; b=rSsTgK7f5kZq/hZhXZ2ZNxlDHl7Pg5cI+U/m4nxCZ0x8UdySLH47dXyzNpB2J1H4Ip SknDR2DINNAQpWiK/GO6rL1A9+z9y1ifb6Ea0l8R+AI3L1o1sn7ZjfW/bdJDa9OG5U1x 6SjGjLTaWj13yS+2Dd9QHvBn3HO1UFlsPEDtbFa4563dyggiD6pTTyVt2plm4rM5Ttit MD/LmSp7vnDylY52jxka3wosuGbk4A2tF+PVP2caqTBnWf0Z5N77kwwMEBvAixihbPgf G7tFaibTJSSuhbHVO0JWskEi32OcyiPvHgCMR3yGf6cn34T9IGYF6TKNQJEUXx8f6RHe sKCQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=CIXrGbIR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b11si13261666plz.267.2021.05.03.01.31.05; Mon, 03 May 2021 01:31:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=CIXrGbIR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231531AbhECIb0 (ORCPT + 99 others); Mon, 3 May 2021 04:31:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54870 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229817AbhECIb0 (ORCPT ); Mon, 3 May 2021 04:31:26 -0400 Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [IPv6:2607:f8b0:4864:20::82b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4DFC7C06174A for ; Mon, 3 May 2021 01:30:33 -0700 (PDT) Received: by mail-qt1-x82b.google.com with SMTP id g13so1838958qts.4 for ; Mon, 03 May 2021 01:30:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gLo/NoP158wv5OLfShasVC5JlpjEaHWC6HUB0+ZGjO0=; b=CIXrGbIRxeraVpRULYv+5spL+TSP8Krc2gF+U+gZIEbuBAbu5nvZXjKNwCbObTH/Jz IAbWElfvgYmpqv0wvQLO/9nwOa6mt0xhA82cN+fq0s4GlRd2Ve1BYIFyDCxRfaDowlOw xgjAIj2gU8IUl6QieprpxyN89fK3hecnnd28lLRZdMVCBDpW76cCl/JfcYyOZQeBB3+t hrmjnsRvZ5tqAGWHAAGfJckgAIZSISGib4W25RDFM/gkwo2lia3/wBGy9wMb1IWza+Jm mgt+GVmxSLtyaKFjP9DPBudAr7OEy3JcBjU8cgyxfvPyUe8QFoZ3x5YOCSYFBwBE3+ab iQpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gLo/NoP158wv5OLfShasVC5JlpjEaHWC6HUB0+ZGjO0=; b=p4hhWwbCZHfllumtgeWgeRxynCA8rwvP3g54K5pptKVdtgaNinimWUI2iKIHvn5xYF gYej8JHk62LeT1QJTSpvR0wnwlVOCe3Oz+dI31mE2j84uDeZXvNBfQW99S202qBnh89L eDmZAWsJxO/wboScQU8LzPDrcP5QGIrmrNlSF1nrFyhkOt/u/NUCSK8eXfRlQTTY4Ynh QQCu/9PUpzrhnWfuJXuF11viUJc+yomdYtvkLDQu/zwpGoRI1ytSw32DZL6jDGMcSRIe WzdSF22W/lnY/pRBRYYP9ZXAphZNgtXOLq++Zy7Pfj/RB6R5Q4b/SV8GRzN39vXTmCOp x06Q== X-Gm-Message-State: AOAM532cIJ4j8K1aC6RdtDrOPBfUb4NTfZXoDAUt6LxTzAcK9Rphva5L lsZmXc7kTcvnHP0/YsTUEANjm978SqgBbuUjd3Mzsw== X-Received: by 2002:ac8:7407:: with SMTP id p7mr16020099qtq.67.1620030632287; Mon, 03 May 2021 01:30:32 -0700 (PDT) MIME-Version: 1.0 References: <0000000000008d396205b9e4adee@google.com> <20210127174322.GH4387@sirena.org.uk> In-Reply-To: From: Dmitry Vyukov Date: Mon, 3 May 2021 10:30:21 +0200 Message-ID: Subject: Re: KASAN: invalid-access Read in kmem_cache_destroy To: Vincenzo Frascino Cc: Andrey Konovalov , syzbot , Amit Kachhap , Catalin Marinas , Linux ARM , LKML , Mark Rutland , mbenes@suse.cz, syzkaller-bugs , Will Deacon , Mark Brown Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 28, 2021 at 2:25 PM Vincenzo Frascino wrote: > On 1/28/21 12:43 PM, Dmitry Vyukov wrote: > > On Thu, Jan 28, 2021 at 1:30 PM Vincenzo Frascino > > wrote: > >> > >> On 1/27/21 7:50 PM, Andrey Konovalov wrote: > >>> On Wed, Jan 27, 2021 at 6:44 PM Mark Brown wrote: > >>>> > >>>> On Wed, Jan 27, 2021 at 06:14:13PM +0100, Dmitry Vyukov wrote: > >>>>> On Wed, Jan 27, 2021 at 5:58 PM syzbot > >>>>> wrote: > >>>>>> > >>>>>> Hello, > >>>>>> > >>>>>> syzbot found the following issue on: > >>>>>> > >>>>>> HEAD commit: 2ab38c17 mailmap: remove the "repo-abbrev" comment > >>>>>> git tree: upstream > >>>>>> console output: https://syzkaller.appspot.com/x/log.txt?x=12eb4ad8d00000 > >>>>>> kernel config: https://syzkaller.appspot.com/x/.config?x=ad43be24faf1194c > >>>>>> dashboard link: https://syzkaller.appspot.com/bug?extid=2a52b6c31dbefb1e9d9f > >>>>>> userspace arch: arm64 > >>>>>> > >>>>>> Unfortunately, I don't have any reproducer for this issue yet. > >>>>>> > >>>>>> IMPORTANT: if you fix the issue, please add the following tag to the commit: > >>>>>> Reported-by: syzbot+2a52b6c31dbefb1e9d9f@syzkaller.appspotmail.com > >>>>> > >>>>> This happens on arm64 instance with MTE enabled. > >>>>> I don't see any corresponding reports on x86_64. So I would assume > >>>>> it's a generic latent bug, or probably more likely a bug in MTE > >>>>> support. > >>>> > >>>> Copying in Vincenso who's done a bunch of MTE stuff recently. > >>> > >>> Could be the same issue as: > >>> > >>> https://lkml.org/lkml/2021/1/27/1109 > >>> > >> > >> I had a look at the trace and I agree with Andrey it seems the same issue. > > > > > > #syz fix: Revert "mm/slub: fix a memory leak in sysfs_slab_add()" > > > > Thanks for the confirmation. This was also just detected by KFENCE: https://lore.kernel.org/lkml/0000000000003f654905c168b09d@google.com/ I think it's a real bug in F2FS and MTE report was correct, but we mis-read it.