syzbot


general protection fault in delayed_uprobe_remove
Status: fixed on 2019/03/22 19:32
Reported-by: syzbot+eab6e18f95a9fe69005e@syzkaller.appspotmail.com
Fix commit: 1aed58e6 Uprobes: Fix kernel oops with delayed_uprobe_remove()
First crash: 235d, last: 233d

Bisection: introduced by (bisect log):

commit a6ca88b241d5e929e6e60b12ad8cd288f0ffa256
Author: Song Liu <songliubraving@fb.com>
Date: Tue Oct 2 05:36:36 2018 +0000

  trace_uprobe: support reference counter in fd-based uprobe

Tree: linux-next
Crash: KASAN: use-after-free Read in delayed_uprobe_remove (log)
Repro: C syz .config

Sample crash report:

All crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci-upstream-linux-next-kasan-gce-root 2018/11/03 19:15 linux-next 25e9471b 8bd6bd63 .config log report syz C acme@kernel.org, alexander.shishkin@linux.intel.com, jolsa@redhat.com, linux-kernel@vger.kernel.org, mingo@redhat.com, namhyung@kernel.org, peterz@infradead.org
ci-upstream-kasan-gce-smack-root 2018/11/01 09:53 upstream 5b744981 1f38e9ae .config log report syz acme@kernel.org, alexander.shishkin@linux.intel.com, jolsa@redhat.com, linux-kernel@vger.kernel.org, mingo@redhat.com, namhyung@kernel.org, peterz@infradead.org