On Mon, Jul 9, 2018 at 12:11 PM, Alexander Shishkin <alexander.shish...@linux.intel.com> wrote: > syzbot <syzbot+a24c397a29ad22d86...@syzkaller.appspotmail.com> writes: > >> Hello, >> >> syzbot found the following crash on: >> >> HEAD commit: b2d44d145d2a Merge tag '4.18-rc3-smb3fixes' of git://git.s.. >> git tree: upstream >> console output: https://syzkaller.appspot.com/x/log.txt?x=178cf50c400000 >> kernel config: https://syzkaller.appspot.com/x/.config?x=2ca6c7a31d407f86 >> dashboard link: https://syzkaller.appspot.com/bug?extid=a24c397a29ad22d86c98 >> compiler: gcc (GCC) 8.0.1 20180413 (experimental) >> >> Unfortunately, I don't have any reproducer for this crash yet. > > Is there a chance of getting a reproducer for this one?
There is a chance. Frequently syzbot finds a reproducer after some time. What's the chance in this case I don't know. Since it happened only once so far, probably not too high. But there seems to be a good hint in the KASAN report: task was freed right inside of fork/copy_process, probably some error happened, but it seems to have been registered in some global list already and perf_release discovered it there. Does it make sense? Was it registered? What should have been prevented the task alive at the time of access?
