Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp193208pxa; Mon, 10 Aug 2020 23:52:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzzOWyZvaikZwESlbAj6c00MaN5E5Uqm23dgSPXqgMN0P9lTobIAeHLG3p6ipb4rqqc7dWp X-Received: by 2002:aa7:da46:: with SMTP id w6mr24963464eds.7.1597128725277; Mon, 10 Aug 2020 23:52:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597128725; cv=none; d=google.com; s=arc-20160816; b=FusSJhG+WSYEKGHmBGtMcgZ7n0i47wsiSkM9qzWBRzQYVedHsNKkR3hBUdPW/qtnte S6vuAl4Omfi0RV0YwpSy6WqffJTq81Cjteh8uGStJLgGjLmuB+2nSY2mYAeQO12kdMl8 27C8/ziFlSb8x4+ukombPodEQW53MBSY78vUODvKDZwPSKMvzKKtW9uW6lCm7vi6JgGX W6Zmwdo51vfNa/kq08hDkuZSRW69s3YJlRqGqtKjyBfJbZqjuZOR6+HWL1szqgGLOJU1 2iPInpW+9HQtDxnzYOKQoCS985D9+RYU8eFcpbDYuS6xmJWqb7tA7Rreqb49iicnxvXp viWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :reply-to:message-id:subject:cc:to:from:date; bh=udvqOFLRfqKaxbT0xSA9wmfRW3tVnYGe4+LjqAXwa8c=; b=qPMCTlMztL4M2n6pJlfM/WmNOfPxZZKHuKEuvP5hV7m/5AmCy2zKN0JjMLFnc2kfyw Uy/ypsqGC9pogPcrb+mmAoPaeHK4R2SZhfq8tkp6kvPmDsxLeRjV7lMhHtz7LbXOtOx6 Dp2ZX7cc/iKF5+1DDfXwdlgJMwwci9LXM+vS8mXHUxCcRTGB/y80FXg0504FNLD5aST4 SWZMfoTv6U/HurLibrNLha5dzdNaexGN0pPb9b1LsMAZ/KhW0405V/aLhvprgwAaHdYt W09kYdArdSZ4kj5iiCy0V5VaFhXyF/c2ptVKz8lZ/M1VAsDIwpOnef+BK0gZS/8pX0+R 2Owg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ju9si12640827ejb.266.2020.08.10.23.51.24; Mon, 10 Aug 2020 23:52:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728243AbgHKGvR (ORCPT + 99 others); Tue, 11 Aug 2020 02:51:17 -0400 Received: from mx2.suse.de ([195.135.220.15]:34292 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727971AbgHKGvQ (ORCPT ); Tue, 11 Aug 2020 02:51:16 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id E2729AD43; Tue, 11 Aug 2020 06:51:35 +0000 (UTC) Received: by ds.suse.cz (Postfix, from userid 10065) id D9FD0DAFD3; Tue, 11 Aug 2020 08:50:13 +0200 (CEST) Date: Tue, 11 Aug 2020 08:50:13 +0200 From: David Sterba To: syzbot Cc: clm@fb.com, davem@davemloft.net, dsterba@suse.com, johan.hedberg@gmail.com, josef@toxicpanda.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, nborisov@suse.com, netdev@vger.kernel.org, syzkaller-bugs@googlegroups.com Subject: Re: KASAN: use-after-free Write in hci_conn_del Message-ID: <20200811065013.GI2026@twin.jikos.cz> Reply-To: dsterba@suse.cz Mail-Followup-To: dsterba@suse.cz, syzbot , clm@fb.com, davem@davemloft.net, dsterba@suse.com, johan.hedberg@gmail.com, josef@toxicpanda.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, nborisov@suse.com, netdev@vger.kernel.org, syzkaller-bugs@googlegroups.com References: <000000000000734f2505ac0f2426@google.com> <000000000000f7ec6f05ac91c11d@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000000000000f7ec6f05ac91c11d@google.com> User-Agent: Mutt/1.5.23.1-rc1 (2014-03-12) Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org On Mon, Aug 10, 2020 at 08:35:08PM -0700, syzbot wrote: > syzbot has bisected this issue to: > > commit 6a3c7f5c87854e948c3c234e5f5e745c7c553722 > Author: Nikolay Borisov > Date: Thu May 28 08:05:13 2020 +0000 > > btrfs: don't balance btree inode pages from buffered write path This does not make sense wrt use-after-free in HCI, which is completely unrelated subsystem. The patch removes a call to function doing some potentially heavy work, so this likely affects timing and making the bisection unreliable.