Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp6026814iob;
        Tue, 10 May 2022 08:45:51 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJx+5jM0sybZVaHWaNc1PEaKCIbp9cQufYx5TuHIfovFFGW5CLJoXpvVKjrVBVKqKTftO7I/
X-Received: by 2002:a17:90b:1e41:b0:1de:b2dc:b2e with SMTP id pi1-20020a17090b1e4100b001deb2dc0b2emr576770pjb.69.1652197551400;
        Tue, 10 May 2022 08:45:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1652197551; cv=none;
        d=google.com; s=arc-20160816;
        b=M6hayOXPix/AHWOoM6bbGRHIbLsTiiJBz9tyjYBrstHAmEx23OH+PXY9AX5yNrqn04
         rNCwuiq6+QNiXJzBOAHjq7P7OSq7umpZVtrFWgUTw0eQf5hyU9jtNJhrh5qYr8Q/uhWF
         hKKo0tCQUcXZkVH5+vtUlnC8xkBG9+Haycsz5l252dKKXTl0NB24ikef9jRmsm1Vuliw
         8mBbBjqb9U/24dMHcDYKAp0iNgnTowHe0xvwW8/+77wvYamc+wRdulky8BWhu2PQwKW0
         9vmLeXaagJjYTRhetcG+iAFYaFihv8Ah/QZNS3E4HLRusWRCaGljB6kPAdQyF3OkZea1
         4c2Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:content-language:subject:user-agent:mime-version
         :date:message-id:dkim-signature;
        bh=81CmoXK8W2fMc2E/XpNylErNEPWG7PeFWSGfTvENHek=;
        b=wa6v4Zkyvh7mv89qPXOlE0GZzw/OGj9slLzRYp98LUP6qiCdWBA/a8tYmoJ+VDstLN
         nOGNxHR/ugmdEA4q9nJM5muWOwV9j9+khs4KiYWdYuJSX15ucdOcjGCOjTwfmmDKgvIK
         3lVRzXZ/A1wyiX66of657/QVXDcY9XiBueQC2Qh/kmncY5RerNXdiI7oNhf8j2TKyu3a
         WdEQpOKQzvyM0z4YwplkJ1fTW7tpBDVYv3v13KcZYBElhR1GlAAoMeKGWPT3RzCSJ3lU
         BBiIkJrDICJ2y/tiOrQzHOQ0Q1wMAMDtUKQQY8Tn1+vSGXW9o9K377q0mFiA4wgk/nVY
         L4tA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel-dk.20210112.gappssmtp.com header.s=20210112 header.b=BuizLo0e;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id o9-20020a655209000000b003816043efcdsi17696267pgp.450.2022.05.10.08.45.35;
        Tue, 10 May 2022 08:45:51 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel-dk.20210112.gappssmtp.com header.s=20210112 header.b=BuizLo0e;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S241943AbiEJMth (ORCPT <rfc822;apple4onegiven@gmail.com>
        + 99 others); Tue, 10 May 2022 08:49:37 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51242 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S241948AbiEJMte (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 10 May 2022 08:49:34 -0400
Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 251035521B
        for <linux-kernel@vger.kernel.org>; Tue, 10 May 2022 05:45:34 -0700 (PDT)
Received: by mail-pf1-x42e.google.com with SMTP id j6so14840858pfe.13
        for <linux-kernel@vger.kernel.org>; Tue, 10 May 2022 05:45:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=kernel-dk.20210112.gappssmtp.com; s=20210112;
        h=message-id:date:mime-version:user-agent:subject:content-language:to
         :cc:references:from:in-reply-to:content-transfer-encoding;
        bh=81CmoXK8W2fMc2E/XpNylErNEPWG7PeFWSGfTvENHek=;
        b=BuizLo0eMVf1CFKzq5z5mJXXTCdmsbZnthwaSpGZvyOinz0zK1oVrwY+RjDSbz0lsj
         W4/gcD2GsatA2CltDPm42940C9Zx8OlEiXWEDruJeUP+scX4B4Dn/BR45LSBkgx0ha/1
         1lof9Sxe/0+TSOSmg+ZbSpzVPPfdI8D1n/IK23ovFovWMObnth4tWgSXWT44+EFOD5cw
         YRdLOnhCKKUDhjj1PBpvvrU/SLEYIvonvF8JuhoBcVkVWvziCCxnA6XbN07WU1oTTJuX
         9N9BICkQtsDiH2S5IvrqAAzmp2SqDTXhUfx7lB75VtVwJ+wJsJW+JGZukF4rewQyhJ7E
         HF3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:message-id:date:mime-version:user-agent:subject
         :content-language:to:cc:references:from:in-reply-to
         :content-transfer-encoding;
        bh=81CmoXK8W2fMc2E/XpNylErNEPWG7PeFWSGfTvENHek=;
        b=txhSv/RDXigZlA7HHP5M14Vo8m613v2a58xdtL+bqGOHmaeHGYYpwzKaKCGE63K66O
         eQwR9JBt7TZdAGm0BZZQTM6H/dQ1i2lPmzbQo9uiKuvZqNk8ZphH6JFg4feIWi1dd3pV
         sfEaqH0IEPZ+Ji/1OKaBO0/JBfYMdW+ErZWisR+IsBNKacDQ9JF2JUaAYl7QYxAV4kZ5
         Mt8l0SWV7xS4oRdCNb2O6kHVVAc0sc6/XzQ8KkA4DZyKSlOow+/MQlkskl/+XZj50cur
         v8Zxg0q1Hm7gWFJMAOBm94ULtUXiUPzAtv4e0+Tn0r74J7ZBQqt/gGn6BZT/wlrHo/7H
         7W9Q==
X-Gm-Message-State: AOAM532hQM1YHYeDi9CIootIhoi89nfwdjwJEtdq4Aney7wq+terxAZj
        qfGDgec8RDfDFMClaJC+wggUrg==
X-Received: by 2002:a63:2c8a:0:b0:3aa:86ea:f2c9 with SMTP id s132-20020a632c8a000000b003aa86eaf2c9mr16916062pgs.46.1652186733527;
        Tue, 10 May 2022 05:45:33 -0700 (PDT)
Received: from [192.168.1.100] ([198.8.77.157])
        by smtp.gmail.com with ESMTPSA id q187-20020a632ac4000000b003c14af5063fsm10345438pgq.87.2022.05.10.05.45.31
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 10 May 2022 05:45:32 -0700 (PDT)
Message-ID: <0e1b3d10-ae79-f987-187e-58109441ccee@kernel.dk>
Date:   Tue, 10 May 2022 06:45:31 -0600
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux aarch64; rv:91.0) Gecko/20100101
 Thunderbird/91.8.1
Subject: Re: [syzbot] KASAN: use-after-free Read in bio_poll
Content-Language: en-US
To:     Christoph Hellwig <hch@lst.de>, Ming Lei <ming.lei@redhat.com>
Cc:     syzbot <syzbot+99938118dfd9e1b0741a@syzkaller.appspotmail.com>,
        andrii@kernel.org, ast@kernel.org, bpf@vger.kernel.org,
        daniel@iogearbox.net, john.fastabend@gmail.com, kafai@fb.com,
        kpsingh@kernel.org, linux-block@vger.kernel.org,
        linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
        songliubraving@fb.com, syzkaller-bugs@googlegroups.com, yhs@fb.com
References: <00000000000029572505de968021@google.com>
 <a72282ef-650c-143b-4b88-5185009c3ec2@kernel.dk> <YnmuRuO4yplt8p/p@T590>
 <20220510055039.GA10576@lst.de>
From:   Jens Axboe <axboe@kernel.dk>
In-Reply-To: <20220510055039.GA10576@lst.de>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 5/9/22 11:50 PM, Christoph Hellwig wrote:
> On Tue, May 10, 2022 at 08:13:58AM +0800, Ming Lei wrote:
>>> Guys, should we just queue:
>>>
>>> ommit 9650b453a3d4b1b8ed4ea8bcb9b40109608d1faf
>>> Author: Ming Lei <ming.lei@redhat.com>
>>> Date:   Wed Apr 20 22:31:10 2022 +0800
>>>
>>>     block: ignore RWF_HIPRI hint for sync dio
>>>
>>> up for 5.18 and stable?
>>
>> I am fine with merging to 5.18 & stable.
> 
> I'm fine, too.  But are we sure this actually is one and the same
> issue?  Otherwise I'll try to find some time to feed it to syzbot
> first.

I re-wrote the reproducer a bit and can reproduce it, so I can certainly
test a backport. But yes, I was skeptical on this being the same issue
too. My initial reaction was that this is likely due to the bio being
"downgraded" from polled to IRQ driven, and hence completes without an
extra reference before the bio_poll() is done on it. Which is not the
issue described in the referenced commit.

-- 
Jens Axboe