syzbot


KASAN: use-after-free Read in locks_delete_block
Status: fixed on 2019/01/15 20:25
Reported-by: syzbot+a4a3d526b4157113ec6a@syzkaller.appspotmail.com
Fix commit: 16306a61d3b7 fs/locks: always delete_block after waiting.
First crash: 1165d, last: 1142d
duplicates (6):
Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
KASAN: stack-out-of-bounds Read in locks_delete_block 1 1164d 1163d 0/22 closed as dup on 2018/11/16 20:38
BUG: unable to handle kernel paging request in locks_remove_file 4 1169d 1170d 0/22 closed as dup on 2018/11/16 20:43
KASAN: use-after-free Read in locks_remove_flock 9 1169d 1170d 0/22 closed as dup on 2018/11/16 20:42
KASAN: stack-out-of-bounds Read in locks_remove_flock 18 1169d 1170d 0/22 closed as dup on 2018/11/16 20:41
BUG: corrupted list in locks_delete_block C 4 1152d 1166d 0/22 closed as dup on 2018/11/16 20:40
general protection fault in locks_remove_flock C 181 1169d 1170d 0/22 closed as dup on 2018/11/16 20:45
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-54 KASAN: use-after-free Read in locks_delete_block C 3 687d 740d 1/1 fixed on 2021/10/12 13:38

Sample crash report:

Crashes (4):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-linux-next-kasan-gce-root 2018/11/13 19:57 linux-next 442b8cea2477 5f5f6d14 .config log report syz
ci-upstream-linux-next-kasan-gce-root 2018/12/05 19:09 linux-next 442b8cea2477 ac6c0578 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/28 23:42 linux-next 442b8cea2477 4b6d14f2 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/12 19:01 linux-next 442b8cea2477 7b5f8621 .config log report