From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A9033C433F5
	for <linux-mm@archiver.kernel.org>; Thu, 24 Mar 2022 08:50:28 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 40A756B0072; Thu, 24 Mar 2022 04:50:28 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 3BAAD6B0073; Thu, 24 Mar 2022 04:50:28 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 2A8ED6B0074; Thu, 24 Mar 2022 04:50:28 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0240.hostedemail.com [216.40.44.240])
	by kanga.kvack.org (Postfix) with ESMTP id 1B8896B0072
	for <linux-mm@kvack.org>; Thu, 24 Mar 2022 04:50:28 -0400 (EDT)
Received: from smtpin24.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay04.hostedemail.com (Postfix) with ESMTP id BBC21A5BED
	for <linux-mm@kvack.org>; Thu, 24 Mar 2022 08:50:27 +0000 (UTC)
X-FDA: 79278658494.24.976E30C
Received: from mail-oa1-f53.google.com (mail-oa1-f53.google.com [209.85.160.53])
	by imf01.hostedemail.com (Postfix) with ESMTP id 4803540034
	for <linux-mm@kvack.org>; Thu, 24 Mar 2022 08:50:27 +0000 (UTC)
Received: by mail-oa1-f53.google.com with SMTP id 586e51a60fabf-dd9d3e7901so4301108fac.8
        for <linux-mm@kvack.org>; Thu, 24 Mar 2022 01:50:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=pJvvFanCuFstEBJXi7mU85Wroh06uJ+VOOWdDKxnZ5I=;
        b=p1BZOeWm4HvixzV2HVh7rhhvKA4PeCAdSHg61yUDDlvrE0YhLIEMk/zFjc+Bto6oMe
         OJaBxGMQvVVmYS4KmnKXSNh3gYmzz2UocUp/7aqKCTpbSwYCnxR1DRj4Iy7yzcxEWzJK
         j4m15w95FS9SlHsaMEocX0a+T+CCHiCyAOb1DYGYJIknYp5UconG4p37ucwp9EyBvt1m
         qc8Z8hO0sDrT9Y09xCa/3E8KSf9lQhGbROZKNMNPvHeXcgbm0v8b1RVXUH4hnBDSoYUw
         ji9GLbQ9NNQYAz3xbHVnpJwYZmNE+6nfNia86CK1p8rJZO/B9hSvU82LWRXaHldk5VXr
         u68A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=pJvvFanCuFstEBJXi7mU85Wroh06uJ+VOOWdDKxnZ5I=;
        b=Biw5qKitXrT8+epI+dyARJWighBieLN4PHDDLLl+VASZngrzQRA2cXfAwnr7wBeCBU
         qb4u+VP8hnoaWJZUpzhgj8sG89JtBxMQHOzraDAuN8XEru9OyRqNehdASvO8AxWYEqBY
         AOTs4NKw4LNNykAlvfO4r5t9hBOxuphSufcfTcCLsrVgylLgiNjQt0KziWqE8eTVJWXY
         jmeykhUYXBUZZ66dnUhw7DHQTZYhl3cQntglZSKBZdX16VCtnBG34vF+KPLz+4Xzt1p7
         Qw9HtxcnY8v8U8yf+XA+G9JJ+P0fRKopwBAMa+0cSP589bvpBRhR+wYOgdFf94uCIXS9
         MtMA==
X-Gm-Message-State: AOAM533IsSG4gXxMdfBcxJzGme/Lz8T+kWGlnZUfPIVkcp3HcTFXinvO
	nUyoXlKdVQvhbR8r6IuPuOd3vi9Zy/OM/9yCIoxBcg==
X-Google-Smtp-Source: ABdhPJxHo1cWxV3tneBHQX3C0hiqTH0ycLZDOrND1B5gNYL3V/dxlD7pzeFkL9SnWn2MB4KQOtaBb/4waIkuaUlQt+o=
X-Received: by 2002:a05:6870:9619:b0:d9:a25e:ed55 with SMTP id
 d25-20020a056870961900b000d9a25eed55mr1899508oaq.163.1648111826186; Thu, 24
 Mar 2022 01:50:26 -0700 (PDT)
MIME-Version: 1.0
References: <000000000000cabcb505dae9e577@google.com> <CAHk-=wjLL3OB8PvFGBLgUs=zip-Q2m1P=UwG+Pw_E8nYDs+MUw@mail.gmail.com>
 <CAMZfGtW0tN+xYSGGVmxjosTuoRR-mETaNTFNFZu7WuPW2JL9JA@mail.gmail.com>
 <CAHk-=wgW1hEUaQeX41+3w7AGsXkeE1XOXCMndXs3kFp-XjSVzQ@mail.gmail.com> <CAMZfGtVRWKhAf-fNWcLQgjb0zBZHX3bQ+aYywfiRsapoLacq3g@mail.gmail.com>
In-Reply-To: <CAMZfGtVRWKhAf-fNWcLQgjb0zBZHX3bQ+aYywfiRsapoLacq3g@mail.gmail.com>
From: Dmitry Vyukov <dvyukov@google.com>
Date: Thu, 24 Mar 2022 09:50:14 +0100
Message-ID: <CACT4Y+aQOziG8LGiTdyjTTHXJ4tNy2qxJ4yTPy-aUBG9CQB3_w@mail.gmail.com>
Subject: Re: [syzbot] general protection fault in list_lru_add
To: Muchun Song <songmuchun@bytedance.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>, 
	syzbot <syzbot+f8c45ccc7d5d45fc5965@syzkaller.appspotmail.com>, 
	Andrew Morton <akpm@linux-foundation.org>, 
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>, Linux-MM <linux-mm@kvack.org>, 
	syzkaller-bugs <syzkaller-bugs@googlegroups.com>
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Server: rspam04
X-Rspamd-Queue-Id: 4803540034
X-Stat-Signature: r5okzemhhegkipoubud3z9hjmjobs6za
Authentication-Results: imf01.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=p1BZOeWm;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf01.hostedemail.com: domain of dvyukov@google.com designates 209.85.160.53 as permitted sender) smtp.mailfrom=dvyukov@google.com
X-Rspam-User: 
X-HE-Tag: 1648111827-130943
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, 24 Mar 2022 at 09:44, Muchun Song <songmuchun@bytedance.com> wrote:
>
> On Thu, Mar 24, 2022 at 11:05 AM Linus Torvalds
> <torvalds@linux-foundation.org> wrote:
> >
> > On Wed, Mar 23, 2022 at 7:19 PM Muchun Song <songmuchun@bytedance.com> wrote:
> > >
> > > After this commit, the rules of dentry allocations changed.
> > > The dentry should be allocated by kmem_cache_alloc_lru()
> >
> > Yeah, I looked at that, but I can't find any way there could be other
> > allocations - not only are there strict rules how to initialize
> > everything, but the dentries are free'd using
> >
> >         kmem_cache_free(dentry_cache, dentry);
> >
> > and as a result if they were allocated any other way I would expect
> > things would go south very quickly.
> >
> > The only other thing I could come up with is some breakage in the
> > superblock lifetime so that &dentry->d_sb->s_dentry_lru would have
> > problems, but again, this is *such* core code and not some unusual
> > path, that I would be very very surprised if it wouldn't have
> > triggered other issues long long ago.
> >
> > That's why I'd be more inclined to worry about the list_lru code being
> > somehow broken.
> >
>
> I also have the same concern.  I have been trying for a few hours to
> reproduce this issue, but it didn't oops on my test machine.  And I'll
> continue reproducing this.

syzbot triggered it 222 times in a day, so it's most likely real:
https://syzkaller.appspot.com/bug?extid=f8c45ccc7d5d45fc5965

There are 2 reproducers, but they look completely different. May be a race.
You may also try to use syzbot's patch testing feature to get some
additional debug info.