syzbot


[upstream] KASAN: use-after-free Read in locks_delete_block
Status: fixed on 2019/01/15 20:25
Reported-by: syzbot+a4a3d526b4157113ec6a@syzkaller.appspotmail.com
Commits: fs/locks: always delete_block after waiting.
First: 67d, last: 44d
duplicates:
Title Repro Count Last Reported Patched Status
KASAN: stack-out-of-bounds Read in locks_delete_block 1 66d 65d closed as dup on 2018/11/16 20:38
BUG: unable to handle kernel paging request in locks_remove_file 4 71d 72d closed as dup on 2018/11/16 20:43
KASAN: use-after-free Read in locks_remove_flock 9 71d 72d closed as dup on 2018/11/16 20:42
KASAN: stack-out-of-bounds Read in locks_remove_flock 18 71d 72d closed as dup on 2018/11/16 20:41
BUG: corrupted list in locks_delete_block C 4 54d 68d closed as dup on 2018/11/16 20:40
general protection fault in locks_remove_flock C 181 71d 72d closed as dup on 2018/11/16 20:45

Sample crash report:

All crashes (4):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci-upstream-linux-next-kasan-gce-root 2018/11/13 19:57 linux-next 442b8cea 5f5f6d14 .config log report syz bfields@fieldses.org, jlayton@kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk
ci-upstream-linux-next-kasan-gce-root 2018/11/12 19:01 linux-next 442b8cea 7b5f8621 .config log report bfields@fieldses.org, jlayton@kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk
ci-upstream-linux-next-kasan-gce-root 2018/12/05 19:09 linux-next 442b8cea ac6c0578 .config log report bfields@fieldses.org, jlayton@kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk
ci-upstream-linux-next-kasan-gce-root 2018/11/28 23:42 linux-next 442b8cea 4b6d14f2 .config log report bfields@fieldses.org, jlayton@kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk