syzbot


KASAN: use-after-free Read in shmem_fault (2)
Status: fixed on 2019/12/13 00:31
Reported-by: syzbot+03ee87124ee05af991bd@syzkaller.appspotmail.com
Fix commit: 8897c1b1a179 shmem: pin the file in shmem_fault() if mmap_sem is dropped
First crash: 835d, last: 771d
similar bugs (4):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: use-after-free Read in shmem_fault 3 960d 1026d 0/22 closed as invalid on 2019/08/22 04:16
linux-4.19 KASAN: use-after-free Read in shmem_fault 1 953d 953d 0/1 auto-closed as invalid on 2019/10/25 08:45
linux-4.19 KASAN: use-after-free Read in shmem_fault (2) syz error 3 715d 718d 0/1 upstream: reported syz repro on 2019/12/21 14:57
android-49 KASAN: use-after-free Read in shmem_fault 1 1092d 969d 0/3 auto-closed as invalid on 2019/06/10 04:57

Sample crash report:

Crashes (5):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2019/10/30 02:01 upstream 23fdb198ae81 5ea87a66 .config log report
ci-upstream-kasan-gce-selinux-root 2019/09/28 14:34 upstream f1f2f614d535 eb6b9855 .config log report
ci-upstream-kasan-gce-smack-root 2019/09/20 15:38 upstream 574cc4539762 d96e88f3 .config log report
ci-upstream-kasan-gce 2019/08/26 17:18 upstream a55aa89aab90 d21c5d9d .config log report
ci-upstream-linux-next-kasan-gce-root 2019/09/07 04:59 linux-next 6d028043b55e a60cb4cd .config log report