syzbot


KASAN: invalid-free in io_sqe_files_unregister
Status: fixed on 2019/12/13 00:31
Reported-by: syzbot+3254bc44113ae1e331ee@syzkaller.appspotmail.com
Fix commit: 46568e9be70f io_uring: fix error clear of ->file_table in io_sqe_files_register()
First crash: 749d, last: 749d

Cause bisection: introduced by (bisect log) :
commit 65e19f54d29cd8559ce60cfd0d751bef7afbdc5c
Author: Jens Axboe <axboe@kernel.dk>
Date: Sat Oct 26 13:20:21 2019 +0000

  io_uring: support for larger fixed file sets

Crash: KASAN: invalid-free in io_sqe_files_unregister (log)
Repro: C syz .config

Sample crash report:

Crashes (3):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-linux-next-kasan-gce-root 2019/11/10 07:57 linux-next 5591cf003452 dc438b91 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/11/10 11:41 linux-next 5591cf003452 dc438b91 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/11/10 07:36 linux-next 5591cf003452 dc438b91 .config log report