Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp278280rdb; Mon, 29 Jan 2024 01:48:26 -0800 (PST) X-Google-Smtp-Source: AGHT+IGaSkLvWTIKUO0UDVk+gKvW1eB2KwpGs05NkuUCCDx7E7ekUQhMr/zBODtVFqsgpI6f7SEZ X-Received: by 2002:ad4:5d61:0:b0:686:ad15:5027 with SMTP id fn1-20020ad45d61000000b00686ad155027mr6776204qvb.106.1706521706336; Mon, 29 Jan 2024 01:48:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706521706; cv=pass; d=google.com; s=arc-20160816; b=WfKh2BPkOQ2xq3C8NXhFibtlvkIkW9isCFuMmE0TdMa+TFNlgylGrY0xgl/wG2Q0ug xSl5AnllbetRulV1Zw/SFZ/jaYLO6Fr1l/ms7Y0dJfo11U8k+tu0TVbZ+ZVWsdr8NBgX 4PY3y4afPEJAbcji16wsfC8Wu6OCzzYCduIN8g+E/d9quDKKUjPRNe81xiyYgUTIgTjL HFN4naQqM20uPrsxUnErl1nSSrw8CPPgSa3Qx+QDnxia/6yh035dZPOM0jBkSXDzvBiT X+6UQ9dHHUHWcDyU2NG6zDjGf9uL1x+YpEndfAgtYfRRSxPQARSd2RV6LCOg3wYzlL0C 2htQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature:dkim-signature:dkim-signature :dkim-signature; bh=QmpTTia17vyEaKGYUUOvxtVzozWeZCTbooCnzwEKXbc=; fh=Wcy1RAOKCYGkxe03txmPiWCEUExHH8rVUu4TzdF1bVg=; b=AuVG7DIU366SSUSbNE0ctLzfP9PWAEZWvYRjeSVLnu4P86aeWd1roDt1lgtjtRfMWp v8mCsEgGPhuEyicKP2Lp7C7nHBbD6k8CNtQvzQ5P+12tFzjOrB6MmFDKhFotc75pRmII VFUNBJzXkPNhIaXu/zG5f2G4Lar9NhGYkqvqA2qyXj+sfRdwjBsuwxjECiBLVHvI/SdE y2Kc0gQyRu5JDmMO4bjmXypm50TY57pDZvQFw2ZkZ+A8Oh32Ifxh1oE9344jzmQq8iry u/uMTmoLAoxjgjGVd5znNeYCRh2x/ffR9tWl1iReVmbr68KQrCAKPI0I3MRK/zKGZFm2 kFNg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b="NF/PHnH9"; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=tbGJlGRx; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; arc=pass (i=1 spf=pass spfdomain=suse.cz dkim=pass dkdomain=suse.cz dkim=pass dkdomain=suse.cz); spf=pass (google.com: domain of linux-kernel+bounces-42487-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-42487-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id c1-20020ad45ae1000000b0068c36c87e6bsi6729414qvh.472.2024.01.29.01.48.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jan 2024 01:48:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-42487-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b="NF/PHnH9"; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=tbGJlGRx; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; arc=pass (i=1 spf=pass spfdomain=suse.cz dkim=pass dkdomain=suse.cz dkim=pass dkdomain=suse.cz); spf=pass (google.com: domain of linux-kernel+bounces-42487-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-42487-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 0E5831C21718 for ; Mon, 29 Jan 2024 09:48:26 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7863455E4A; Mon, 29 Jan 2024 09:48:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.cz header.i=@suse.cz header.b="NF/PHnH9"; dkim=permerror (0-bit key) header.d=suse.cz header.i=@suse.cz header.b="zcSeZM1P"; dkim=pass (1024-bit key) header.d=suse.cz header.i=@suse.cz header.b="tbGJlGRx"; dkim=permerror (0-bit key) header.d=suse.cz header.i=@suse.cz header.b="9Rbc9reI" Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D746954FB2; Mon, 29 Jan 2024 09:48:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.131 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706521696; cv=none; b=p/G74dFskDpJL+n1/rUNm6Xlv5B059GbLP70Ph1VWy4D6cdJWK3Z4En5JN8/JL0vWkWOdARVGKYBiKhYj/EYxmVVGQZd/CUeRRARYnCID4D3YkxMUxQ4+F6N1MkRLzavxw0mkNKXJCXxJJmAI5jwGyzcboHzTeUjrYFc5qhqm3Y= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706521696; c=relaxed/simple; bh=lZp4B8/X7iGeRGYaF4h7VrLKqQ3yRb5lMoBK1NDEm90=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=q9/crc4H7Fk2T/cY51XmBi82299HqK7ylnyLZ6AFQmXwlUJJ4TbYd2cnYL+fNTvl4mIlI8T3ama10HEj/jlS9RkpMS5YMnnbeH+XjPXTirUFCtOhTLkAVvxDG0hs3Ra1xwjuNnQGLkrsfjxC2OGKOHXQ+oVWM7ttJjHnGq0Yjkk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=suse.cz; spf=pass smtp.mailfrom=suse.cz; dkim=pass (1024-bit key) header.d=suse.cz header.i=@suse.cz header.b=NF/PHnH9; dkim=permerror (0-bit key) header.d=suse.cz header.i=@suse.cz header.b=zcSeZM1P; dkim=pass (1024-bit key) header.d=suse.cz header.i=@suse.cz header.b=tbGJlGRx; dkim=permerror (0-bit key) header.d=suse.cz header.i=@suse.cz header.b=9Rbc9reI; arc=none smtp.client-ip=195.135.223.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=suse.cz Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.cz Received: from imap2.dmz-prg2.suse.org (imap2.dmz-prg2.suse.org [10.150.64.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id ED2C41F7D9; Mon, 29 Jan 2024 09:48:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1706521693; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=QmpTTia17vyEaKGYUUOvxtVzozWeZCTbooCnzwEKXbc=; b=NF/PHnH9XE1aAeTVJPh1xj0pW17LsYtUGGi6DXLWChkYOyQ3MlrqdOMrXI4+iZ/gyWVfEH yM98ni+nT5+EdSyNfDm5X+PFUaa6D8HZxLGKb427x6bta5N9Al9HaMnTFFbZNvZoecSRL9 04O8imtZ6R8Ol3/jFkVe2DB2kC+TaBs= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1706521693; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=QmpTTia17vyEaKGYUUOvxtVzozWeZCTbooCnzwEKXbc=; b=zcSeZM1PfrSYYEQrdvk7hRpx2uPJ894PuwbW1RKQYjjlR0F/GZHdn7IwRjdpkk2XYmmgqe N686iZZd50yXOzBg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1706521691; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=QmpTTia17vyEaKGYUUOvxtVzozWeZCTbooCnzwEKXbc=; b=tbGJlGRxGOHBIfyWK1gIi0YOs/tWLdVXXWIpYc30p/HAOXe8shLae86iQPOWsZjpSe3Yuo ZAhu5/uVMgF7Tby4K6AlsXWX8q58ctYlPcf4wNxXT1N2sMJHg0WxB/zsTbixx82x8qCY1A 55Us/wsv55lQbZaGY9bLHAnVm5+CNJw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1706521691; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=QmpTTia17vyEaKGYUUOvxtVzozWeZCTbooCnzwEKXbc=; b=9Rbc9reIIEMPwFgkN1XZTTi+xAkZhNdD7enl3kkj27sfanIZxAxAZc0k2VGAYzO/imWt3L Vm+/YNBFCG75HYDQ== Received: from imap2.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap2.dmz-prg2.suse.org (Postfix) with ESMTPS id E151B13911; Mon, 29 Jan 2024 09:48:11 +0000 (UTC) Received: from dovecot-director2.suse.de ([10.150.64.162]) by imap2.dmz-prg2.suse.org with ESMTPSA id TiH5Nlt0t2UiSAAAn2gu4w (envelope-from ); Mon, 29 Jan 2024 09:48:11 +0000 Received: by quack3.suse.cz (Postfix, from userid 1000) id 92301A0807; Mon, 29 Jan 2024 10:48:11 +0100 (CET) Date: Mon, 29 Jan 2024 10:48:11 +0100 From: Jan Kara To: syzbot Cc: axboe@kernel.dk, brauner@kernel.org, jack@suse.cz, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, reiserfs-devel@vger.kernel.org, syzkaller-bugs@googlegroups.com Subject: Re: [syzbot] [reiserfs?] KASAN: use-after-free Read in reiserfs_get_unused_objectid Message-ID: <20240129094811.injplexrobjjcu6l@quack3> References: <0000000000007584ba05f80047bb@google.com> <000000000000baabe1060ffd60b0@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000000000000baabe1060ffd60b0@google.com> Authentication-Results: smtp-out2.suse.de; none X-Spam-Level: X-Spam-Score: -1.30 X-Spamd-Result: default: False [-1.30 / 50.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_SHORT(-0.20)[-1.000]; RCPT_COUNT_SEVEN(0.00)[8]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; BAYES_HAM(-3.00)[100.00%]; SUBJECT_HAS_QUESTION(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; URI_HIDDEN_PATH(1.00)[https://syzkaller.appspot.com/x/.config?x=acdb62bf488a8fe5]; TAGGED_RCPT(0.00)[04e8b36eaa27ecf7f840]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-1.00)[-1.000]; DKIM_SIGNED(0.00)[suse.cz:s=susede2_rsa,suse.cz:s=susede2_ed25519]; FUZZY_BLOCKED(0.00)[rspamd.com]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]; SUSPICIOUS_RECIPS(1.50)[] X-Spam-Flag: NO On Sun 28-01-24 00:33:04, syzbot wrote: > syzbot suspects this issue was fixed by commit: > > commit 6f861765464f43a71462d52026fbddfc858239a5 > Author: Jan Kara > Date: Wed Nov 1 17:43:10 2023 +0000 > > fs: Block writes to mounted block devices > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=116501efe80000 > start commit: 1e760fa3596e Merge tag 'gfs2-v6.3-rc3-fix' of git://git.ke.. > git tree: upstream > kernel config: https://syzkaller.appspot.com/x/.config?x=acdb62bf488a8fe5 > dashboard link: https://syzkaller.appspot.com/bug?extid=04e8b36eaa27ecf7f840 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16d5c261c80000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=155eba51c80000 > > If the result looks correct, please mark the issue as fixed by replying with: So this somewhat surprises me because all the reproducer does is that it just mounts the created image. I'm not sure how blocking of writers to a mounted device could change the behavior of this reproducer. But given the reproducer no longer works and this is reiserfs where nobody is likely to look into the bug, even more so without a reproducer I guess: #syz fix: fs: Block writes to mounted block devices Honza -- Jan Kara SUSE Labs, CR