Received: by 2002:a05:7412:98c1:b0:fa:551:50a7 with SMTP id kc1csp135592rdb; Fri, 5 Jan 2024 05:20:52 -0800 (PST) X-Google-Smtp-Source: AGHT+IGjhRNpr2fPyYrm9O3vVs5rDFFzZI1YuNwEzwgdZJ3Z919rimAOLzTSY7tdsPXgQAPdng/C X-Received: by 2002:a05:600c:3548:b0:40d:5575:a17f with SMTP id i8-20020a05600c354800b0040d5575a17fmr583572wmq.128.1704460852443; Fri, 05 Jan 2024 05:20:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704460852; cv=none; d=google.com; s=arc-20160816; b=0qjjB+8tB8ShssTCwbXTDINsutBCykeFjwIoUjEjQ+0HKRSpMHNQlJgvARVObla0kF angdep54XtTuhnITsKiY76kEN4vkB9nmcOOi2SXhGzNlOq2E5thuGrTNlFtSHVe84+mZ 6s8id4fjdoHmpsc2U0ZA2vgfCz4SQhrTXtGSj6NJ90IYY02BEAKGXQipnw3wYSMFFIKn HGnL0G475TB1eE/xKLckbHXEHsHbTTN6XTy7PTtXDlEZn42AKu/KRV8WTjwmMzxKyM1+ Wgdizx5iGiRom1OAVadMCKUcca5TNpZlA96/7ygvd1Ej/X+a4uclA/x6YiB04zfpoh7p FfdA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:date :subject:cc:to:from:message-id:dkim-signature; bh=MYY9stIYqlycYBITbBDp8hgnPLSnqcWc70hs+qeH1q4=; fh=W5GbiYqSwyDyTZCn02aOXH+eAk0BOX/9s/HnuYpvIU0=; b=fapdJ1uW0oRsyNc9+M6Aj/gcdtzX0fOyubExCmqlcHiOJDoZVrxwkCsRAK1T2ui4Ji ZndWlASAz/gHPQPDgOZDK/E43WW9l0V79Ou1NYmHS2oTy6VVQ5ZIctXnq8bH7klz6n8V NHD+lD6mXZ1q6wSDZ+04ynYTo2onUGoMCknAMHEEHfq2BAFxaLzFYHbfhFL6kx5hVfm7 GJDZa36LDJRXN5QqlntH4SVbkQG5QqUoALi5K38NtMULnW5ycS8KAFI8onEDKUBLSuHh 0QdMM9QRwSLJMkAaAiRfUiRPImHxyE4q4V0szXPZaVlAJUFtIzfPJZuBEjfy8yggQB7i Qjgw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@qq.com header.s=s201512 header.b=wG4H+KTw; spf=pass (google.com: domain of linux-kernel+bounces-17872-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-17872-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=qq.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id r6-20020a17090638c600b00a28b410b572si585929ejd.13.2024.01.05.05.20.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jan 2024 05:20:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-17872-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@qq.com header.s=s201512 header.b=wG4H+KTw; spf=pass (google.com: domain of linux-kernel+bounces-17872-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-17872-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=qq.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 3726E1F23977 for ; Fri, 5 Jan 2024 13:20:52 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E27DF2D62A; Fri, 5 Jan 2024 13:20:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=qq.com header.i=@qq.com header.b="wG4H+KTw" X-Original-To: linux-kernel@vger.kernel.org Received: from out203-205-221-205.mail.qq.com (out203-205-221-205.mail.qq.com [203.205.221.205]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C0CD728DD1 for ; Fri, 5 Jan 2024 13:20:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=qq.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qq.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qq.com; s=s201512; t=1704460833; bh=MYY9stIYqlycYBITbBDp8hgnPLSnqcWc70hs+qeH1q4=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=wG4H+KTwtTgWf+fuIJwsjdFGj+X2TXw0V4sCtg2UNqak/2oqWMXcfqzYIYn+jMGp4 kEECMhEaKNbKRej8MSGlVokwtl4EYaPlNxlW6Q4tLa3xeuPN0WCFkvuLjihk+Umil0 sU28+Y8G+wjzaB8W9uM4/izlf4w4gfY39apORq1w= Received: from pek-lxu-l1.wrs.com ([111.198.225.215]) by newxmesmtplogicsvrszb9-0.qq.com (NewEsmtp) with SMTP id 39719AEB; Fri, 05 Jan 2024 21:14:23 +0800 X-QQ-mid: xmsmtpt1704460463tqr5ni1r6 Message-ID: X-QQ-XMAILINFO: MQ+wLuVvI2LQe/ZWzugQ8nDB1qPxlZ7xl8XdkJBdsqmWDPftHSFWoX9L6JEu3I EIStlxHkloUAMsHWvYKJDpdVqKSrprpXpdDnKwV5BoZEvK6490tzodXj0bNZ32WUKwWh+GRVE5ci WAM2u04n5wRgsL4Ks5744sVCeic5AEW7v7wkiLMhWKs/Tev/K7sv+4rfGCAtsmFLafzeQMYteEE3 KJY/LBPtZAAHTJ0SJy2je8GRjsdJaDf7gJ/ySQVf6YNNSNwJy8ikD4OPFtnTFkcgyxOwHdMmdI0J aECP9lzlBhWXoEW6ZITa9ugtUM8HYaE4k0y+WMS0kSEG8akavoRWYq7eBF2FmhPclGUNZZgvuBU4 9StzrM9Sxxxb9VhJVJQt8TxgCvgEyadGrMtEEVgSYMLIUUQrincjMn6QmXpCo8rT22N0PS9ehqTK lcePEAQhkvRtAb+fPj3Dg4LOOLnFlH0jHeoSg5BC9gkn4M9tfXGvyEARCSoyvBMfkU109cgsMNkK 7/SBXVLismeEVr5T6PC8aujlKdW1DOTQxgprd/Lj3bcp3hdXcdUla0KWouneVM8X0ROw6reew35a SQQ2lByt26MolY+4Qlc/pyqJDRgklRGCy0nyAX153KQ6p+d3rke9s3agh1L6JvrX1xuoNitWjVoG KOW5n034tbzyuDLOrzWJS1F672z2eil4jcfkBrD/c/KnYFidqpy/nGC28df+/WVbs+wdto/4JQpn uBJCXOkNl5ZYL75isfO4rsVhxKxKU2WUv/XiwTXWfDEaXtT7hD0xl0z0jR8rRp/RobV10/n4YBC3 1Z1ViCbVD6zKyLwHgmJDcOUdeAIom4KpmmbDQNue8gRXUQNmYbNWok1BH/+qlaoZPbqyfbqLG4ya YmT5lGZ8kWahfc79doqqT5ovba1Ix6eo6+u/o9rnsZjzSXDdJirzIUHwNhhMLpOP0hkU2vBLWOcD bRIoHNUVk= X-QQ-XMRINFO: OWPUhxQsoeAVDbp3OJHYyFg= From: Edward Adam Davis To: syzbot+63cebbb27f598a7f901b@syzkaller.appspotmail.com Cc: linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com Subject: Re: [syzbot] [reiserfs?] general protection fault in __fget_files (2) Date: Fri, 5 Jan 2024 21:14:23 +0800 X-OQ-MSGID: <20240105131422.664067-2-eadavis@qq.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <000000000000caa956060ddf5db1@google.com> References: <000000000000caa956060ddf5db1@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit please test general protection fault in __fget_files #syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git f5837722ffec diff --git a/fs/file.c b/fs/file.c index 5fb0b146e79e..724f60e6cc4f 100644 --- a/fs/file.c +++ b/fs/file.c @@ -1134,6 +1134,8 @@ static unsigned long __fget_light(unsigned int fd, fmode_t mask) return 0; return (unsigned long)file; } else { + if (!atomic_read_acquire(&files->count)) + return 0; file = __fget(fd, mask); if (!file) return 0;