Received: by 2002:a05:6512:2355:0:0:0:0 with SMTP id p21csp2415141lfu; Fri, 25 Mar 2022 00:15:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwriVE1wCcId+CVWbcJF8hw4RJpO2HbFT9IvFj+WbWX1ZW+NpMiyDukrHwgXncvjIaxInGu X-Received: by 2002:a05:6402:4396:b0:418:d776:14c1 with SMTP id o22-20020a056402439600b00418d77614c1mr11395631edc.127.1648192531138; Fri, 25 Mar 2022 00:15:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648192531; cv=none; d=google.com; s=arc-20160816; b=Uz3HDi9IuziYXPg4a+GfG9KD+UQb2NZbEjFRvL8oMX5S/oeLyK1A1CfGUWTIUubrOI 2R5dS0lX3zsZhAMgrP6G2cWr5RQQ9GiSooymX0Ix7KGTgQa0E6I64vAA0h3W75qSoXlT +BxD8WRWUq1a52phtzCtqd4YeKMRZAaWBVx+5LorXhWuk1mbxiiqutrURBedN6Xake2X kTrtxY7ILhQd5TjINNE2D2luXKN6zRLGguJnKEch1AO8DdwNacQ1J3CDuVEhcDHvObP+ oHHRQu5qrd5cvoIz7v7Dy0fnnuUOCskYGcIL2pOEeYrCbi8YdFi9oaXNw+Ojrb3B+uCO jVUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=pJvvFanCuFstEBJXi7mU85Wroh06uJ+VOOWdDKxnZ5I=; b=YcuH8PUqavqb5MMLFcI/MQ6oeVq6J/eTITMqc7DXCanOoeHwf13CuLAocHCapTlFrw MlIkqPVF7C8f6BIO3TFR1Jwiy0L0Cqe68YbKYCZ1L1epSZmvDt2DNPaDqk8NQ8G9X6ct sQlaZiW2VzjJ/Nn9ftzZnSPJUiFyXDIsD4HAVKJuLXAfZdrgI3hnV6W6Y3RE4tAu1sii YwD6ZJBVW0J51Vn3kB89t/0IkLqqb3cwMsfSaQ+Wf9KP5JnkVHX70b4J4Cz66R8NTdDA 6O9kagOU26aT9iHaAVZzWeTozUhDaksiqfngQBW/9SKDgJy63GvOGV1KK01EVVnRYZGy RxIw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=p1BZOeWm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id cm4-20020a0564020c8400b00418c2b5bed6si1870693edb.440.2022.03.25.00.15.00; Fri, 25 Mar 2022 00:15:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=p1BZOeWm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1349025AbiCXIwD (ORCPT + 99 others); Thu, 24 Mar 2022 04:52:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39468 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1349021AbiCXIv7 (ORCPT ); Thu, 24 Mar 2022 04:51:59 -0400 Received: from mail-oa1-x30.google.com (mail-oa1-x30.google.com [IPv6:2001:4860:4864:20::30]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4855A654BB for ; Thu, 24 Mar 2022 01:50:27 -0700 (PDT) Received: by mail-oa1-x30.google.com with SMTP id 586e51a60fabf-ddfa38f1c1so4292373fac.11 for ; Thu, 24 Mar 2022 01:50:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=pJvvFanCuFstEBJXi7mU85Wroh06uJ+VOOWdDKxnZ5I=; b=p1BZOeWm4HvixzV2HVh7rhhvKA4PeCAdSHg61yUDDlvrE0YhLIEMk/zFjc+Bto6oMe OJaBxGMQvVVmYS4KmnKXSNh3gYmzz2UocUp/7aqKCTpbSwYCnxR1DRj4Iy7yzcxEWzJK j4m15w95FS9SlHsaMEocX0a+T+CCHiCyAOb1DYGYJIknYp5UconG4p37ucwp9EyBvt1m qc8Z8hO0sDrT9Y09xCa/3E8KSf9lQhGbROZKNMNPvHeXcgbm0v8b1RVXUH4hnBDSoYUw ji9GLbQ9NNQYAz3xbHVnpJwYZmNE+6nfNia86CK1p8rJZO/B9hSvU82LWRXaHldk5VXr u68A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=pJvvFanCuFstEBJXi7mU85Wroh06uJ+VOOWdDKxnZ5I=; b=wSvyEn20ctR881y2JWHxfhImpBJzKFA5gfCFVigCgF9xp7hXOQnduVLxA64RsLUhri kkA6Ke2JkCJk5uGzDvwFKjYJpR/cu4cWSndVA+X65aXQoqxTqANEd4lIh1pkfrwf1Pnx UlhIK3dsU0IkUHX3IZD3sSVPKBliGurRKx/LRNyuiGvomR3cyUnML9xsHMWyCMPbjhpo PUojfAc5ZAupS53ig3qNYLyaOFMQHiygryKkx67A4PIdWJdKloUnIL9htzWhvtLIktut qF3AIKdXIzMau0+sJ7osbrPc+8YbyfJQbECPcwDdAFrYBA87MRMzRMIYG8lkqP2dr5qu PmfQ== X-Gm-Message-State: AOAM533VOrvdRpUVRqD9oPa0EqhxBbTrMZYGa/dayVc5ROLHPWUzH1qn M57g2WwukoYjmuGNBug8L4ZWo7CMu4B8jSPQ5Az8IMkJ0OrFEA== X-Received: by 2002:a05:6870:9619:b0:d9:a25e:ed55 with SMTP id d25-20020a056870961900b000d9a25eed55mr1899508oaq.163.1648111826186; Thu, 24 Mar 2022 01:50:26 -0700 (PDT) MIME-Version: 1.0 References: <000000000000cabcb505dae9e577@google.com> In-Reply-To: From: Dmitry Vyukov Date: Thu, 24 Mar 2022 09:50:14 +0100 Message-ID: Subject: Re: [syzbot] general protection fault in list_lru_add To: Muchun Song Cc: Linus Torvalds , syzbot , Andrew Morton , Linux Kernel Mailing List , Linux-MM , syzkaller-bugs Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 24 Mar 2022 at 09:44, Muchun Song wrote: > > On Thu, Mar 24, 2022 at 11:05 AM Linus Torvalds > wrote: > > > > On Wed, Mar 23, 2022 at 7:19 PM Muchun Song wrote: > > > > > > After this commit, the rules of dentry allocations changed. > > > The dentry should be allocated by kmem_cache_alloc_lru() > > > > Yeah, I looked at that, but I can't find any way there could be other > > allocations - not only are there strict rules how to initialize > > everything, but the dentries are free'd using > > > > kmem_cache_free(dentry_cache, dentry); > > > > and as a result if they were allocated any other way I would expect > > things would go south very quickly. > > > > The only other thing I could come up with is some breakage in the > > superblock lifetime so that &dentry->d_sb->s_dentry_lru would have > > problems, but again, this is *such* core code and not some unusual > > path, that I would be very very surprised if it wouldn't have > > triggered other issues long long ago. > > > > That's why I'd be more inclined to worry about the list_lru code being > > somehow broken. > > > > I also have the same concern. I have been trying for a few hours to > reproduce this issue, but it didn't oops on my test machine. And I'll > continue reproducing this. syzbot triggered it 222 times in a day, so it's most likely real: https://syzkaller.appspot.com/bug?extid=f8c45ccc7d5d45fc5965 There are 2 reproducers, but they look completely different. May be a race. You may also try to use syzbot's patch testing feature to get some additional debug info.