syzbot


KASAN: use-after-free Read in path_init (2)
Status: fixed on 2020/09/16 22:51
Reported-by: syzbot+bbeb1c88016c7db4aa24@syzkaller.appspotmail.com
Fix commit: 24fb33d40d60 fix breakage in do_rmdir()
First crash: 478d, last: 472d

Cause bisection: introduced by (bisect log) :
commit e24ab0ef689de43649327f54cd1088f3dad25bb3
Author: Christoph Hellwig <hch@lst.de>
Date: Tue Jul 21 08:48:15 2020 +0000

  fs: push the getname from do_rmdir into the callers

Crash: kernel BUG at fs/namei.c:LINE! (log)
Repro: syz .config
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: use-after-free Read in path_init 1 1311d 1309d 0/22 auto-closed as invalid on 2019/02/22 10:09
upstream KASAN: use-after-free Read in path_init (3) 2 394d 389d 0/22 auto-closed as invalid on 2020/12/29 19:01

Sample crash report:

Crashes (29):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2020/08/12 21:35 upstream fb893de323e2 bc15f7db .config log report syz C
ci-upstream-kasan-gce-smack-root 2020/08/12 21:30 upstream fb893de323e2 bc15f7db .config log report syz C
ci-upstream-kasan-gce-root 2020/08/12 21:27 upstream fb893de323e2 bc15f7db .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2020/08/12 21:34 linux-next bc09acc9f224 bc15f7db .config log report syz C
ci-upstream-kasan-gce-selinux-root 2020/08/13 14:02 upstream fb893de323e2 bc15f7db .config log report syz
ci-upstream-kasan-gce-selinux-root 2020/08/13 13:33 upstream fb893de323e2 bc15f7db .config log report syz
ci-upstream-kasan-gce-selinux-root 2020/08/13 13:03 upstream fb893de323e2 bc15f7db .config log report syz
ci-upstream-kasan-gce-smack-root 2020/08/12 23:45 upstream fb893de323e2 bc15f7db .config log report syz
ci-upstream-kasan-gce-smack-root 2020/08/12 23:26 upstream fb893de323e2 bc15f7db .config log report syz
ci-upstream-kasan-gce-smack-root 2020/08/12 23:07 upstream fb893de323e2 bc15f7db .config log report syz
ci-upstream-kasan-gce-selinux-root 2020/08/11 06:51 upstream fc80c51fd4b2 7adc7b65 .config log report syz
ci-upstream-kasan-gce-smack-root 2020/08/10 08:05 upstream 9420f1ce0186 70301872 .config log report syz
ci-upstream-kasan-gce-root 2020/08/09 22:52 upstream 06a81c1c7db9 70301872 .config log report syz
ci-upstream-kasan-gce-smack-root 2020/08/09 22:48 upstream 06a81c1c7db9 70301872 .config log report syz
ci-upstream-kasan-gce-smack-root 2020/08/09 11:24 upstream 06a81c1c7db9 f721e4a0 .config log report syz
ci-upstream-kasan-gce-selinux-root 2020/08/08 05:02 upstream 5631c5e0eb90 ff51e522 .config log report syz
ci-upstream-kasan-gce-smack-root 2020/08/13 05:28 upstream fb893de323e2 bc15f7db .config log report
ci-upstream-kasan-gce-smack-root 2020/08/12 21:47 upstream fb893de323e2 bc15f7db .config log report
ci-upstream-kasan-gce-selinux-root 2020/08/12 21:10 upstream fb893de323e2 bc15f7db .config log report
ci-upstream-kasan-gce-smack-root 2020/08/12 21:08 upstream fb893de323e2 bc15f7db .config log report
ci-upstream-kasan-gce-smack-root 2020/08/12 21:08 upstream fb893de323e2 bc15f7db .config log report
ci-upstream-kasan-gce-root 2020/08/12 21:03 upstream fb893de323e2 bc15f7db .config log report
ci-upstream-kasan-gce-root 2020/08/09 22:29 upstream 06a81c1c7db9 70301872 .config log report
ci-upstream-kasan-gce-smack-root 2020/08/09 22:27 upstream 06a81c1c7db9 70301872 .config log report
ci-upstream-kasan-gce-selinux-root 2020/08/08 03:13 upstream 5631c5e0eb90 ff51e522 .config log report
ci-upstream-linux-next-kasan-gce-root 2020/08/13 06:29 linux-next bc09acc9f224 bc15f7db .config log report
ci-upstream-linux-next-kasan-gce-root 2020/08/13 05:27 linux-next bc09acc9f224 bc15f7db .config log report
ci-upstream-linux-next-kasan-gce-root 2020/08/12 21:47 linux-next bc09acc9f224 bc15f7db .config log report
ci-upstream-linux-next-kasan-gce-root 2020/08/12 21:10 linux-next bc09acc9f224 bc15f7db .config log report