Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Date:   Wed, 03 Aug 2022 10:47:07 +0530
From:   Siddh Raman Pant <code@siddh.me>
To:     "Eric Biggers" <ebiggers@kernel.org>
Cc:     "syzbot" <syzbot+c70d87ac1d001f29a058@syzkaller.appspotmail.com>,
        "hdanton" <hdanton@sina.com>,
        "linux-kernel" <linux-kernel@vger.kernel.org>,
        "syzkaller-bugs" <syzkaller-bugs@googlegroups.com>
Message-ID: <1826222d84f.7e796357131272.8568477361906857088@siddh.me>
In-Reply-To: <Yun0/rDv4ptBl65S@sol.localdomain>
References: <20220801103533.972-1-hdanton@sina.com>
 <000000000000c7a83905e52bd127@google.com>
 <Yumkx4Nc5ZyPGYMz@sol.localdomain>
 <18261e01068.4a2910f2403165.1226720997594524412@siddh.me> <Yun0/rDv4ptBl65S@sol.localdomain>
Subject: Re: [syzbot] KASAN: use-after-free Read in post_one_notification
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Importance: Medium
User-Agent: Zoho Mail
Precedence: bulk

On Wed, 03 Aug 2022 09:39:34 +0530  Eric Biggers <ebiggers@kernel.org> wrote:
 > I don't think that's true; the pointer doesn't get dereferenced after
 > watch_queue::defunct is set.  See my message on the other thread where I
 > explained this: https://lore.kernel.org/lkml/YunKlJCDlmyn2hJ4@sol.localdomain
 > 
 > Of course, if you actually have a reproducer, or a KASAN report, or anything at
 > all that shows there is still a problem, then please post it.
 > 
 > - Eric

Replying to the other thread.

Thanks,
Siddh