general protection fault in chrdev_open
6 views
Skip to first unread message
syzbot
Jun 7, 2022, 5:34:22 PM6/7/22
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: ff81cbffa822 UPSTREAM: reset: tegra-bpmp: Restore Handle e..
git tree: android12-5.4
console+strace: https://syzkaller.appspot.com/x/log.txt?x=16e97ef7f00000
kernel config: https://syzkaller.appspot.com/x/.config?x=d3ed5af00411ba5f
dashboard link: https://syzkaller.appspot.com/bug?extid=d1de589e018e6b4b8168
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1010f0e3f00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15135080080000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+d1de58...@syzkaller.appspotmail.com
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 304 Comm: syz-executor115 Not tainted 5.4.190-syzkaller-00008-gff81cbffa822 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:cdev_get fs/char_dev.c:350 [inline]
RIP: 0010:chrdev_open+0x6e/0x5b0 fs/char_dev.c:400
Code: 00 4c 89 f3 48 c1 eb 03 42 80 3c 23 00 74 08 4c 89 f7 e8 95 40 fb ff 4d 8b 2e 4d 85 ed 74 40 49 8d 5d 60 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 73 40 fb ff 48 8b 1b 48 85 db 0f
RSP: 0018:ffff8881de767a60 EFLAGS: 00010206
RAX: 000000000000000c RBX: 0000000000000062 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8881de767a24
RBP: ffffffff81916690 R08: dffffc0000000000 R09: ffffed103bcecf45
R10: ffffed103bcecf45 R11: 1ffff1103bcecf44 R12: dffffc0000000000
R13: 0000000000000002 R14: ffff8881e632ed30 R15: ffff8881e632eae8
FS: 0000555556ceb3c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055678e872698 CR3: 00000001e0cd6000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
do_dentry_open+0x7e3/0xef0 fs/open.c:796
do_last fs/namei.c:3495 [inline]
path_openat+0x1464/0x3710 fs/namei.c:3612
do_filp_open+0x19a/0x3a0 fs/namei.c:3642
do_sys_open+0x2e3/0x700 fs/open.c:1113
do_syscall_64+0xcb/0x1c0 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7fcb6d085909
Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc6a81f528 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007ffc6a81f538 RCX: 00007fcb6d085909
RDX: 0000000000000034 RSI: 0000000000080082 RDI: 0000000020000040
RBP: 00007ffc6a81f530 R08: 00007fcb6d043bd0 R09: 00007fcb6d043bd0
R10: 00007fcb6d043bd0 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
---[ end trace 82f5342df019752f ]---
RIP: 0010:cdev_get fs/char_dev.c:350 [inline]
RIP: 0010:chrdev_open+0x6e/0x5b0 fs/char_dev.c:400
Code: 00 4c 89 f3 48 c1 eb 03 42 80 3c 23 00 74 08 4c 89 f7 e8 95 40 fb ff 4d 8b 2e 4d 85 ed 74 40 49 8d 5d 60 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 73 40 fb ff 48 8b 1b 48 85 db 0f
RSP: 0018:ffff8881de767a60 EFLAGS: 00010206
RAX: 000000000000000c RBX: 0000000000000062 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8881de767a24
RBP: ffffffff81916690 R08: dffffc0000000000 R09: ffffed103bcecf45
R10: ffffed103bcecf45 R11: 1ffff1103bcecf44 R12: dffffc0000000000
R13: 0000000000000002 R14: ffff8881e632ed30 R15: ffff8881e632eae8
FS: 0000555556ceb3c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055678e872698 CR3: 00000001e0cd6000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
0: 00 4c 89 f3 add %cl,-0xd(%rcx,%rcx,4)
4: 48 c1 eb 03 shr $0x3,%rbx
8: 42 80 3c 23 00 cmpb $0x0,(%rbx,%r12,1)
d: 74 08 je 0x17
f: 4c 89 f7 mov %r14,%rdi
12: e8 95 40 fb ff callq 0xfffb40ac
17: 4d 8b 2e mov (%r14),%r13
1a: 4d 85 ed test %r13,%r13
1d: 74 40 je 0x5f
1f: 49 8d 5d 60 lea 0x60(%r13),%rbx
23: 48 89 d8 mov %rbx,%rax
26: 48 c1 e8 03 shr $0x3,%rax
* 2a: 42 80 3c 20 00 cmpb $0x0,(%rax,%r12,1) <-- trapping instruction
2f: 74 08 je 0x39
31: 48 89 df mov %rbx,%rdi
34: e8 73 40 fb ff callq 0xfffb40ac
39: 48 8b 1b mov (%rbx),%rbx
3c: 48 85 db test %rbx,%rbx
3f: 0f .byte 0xf
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: ff81cbffa822 UPSTREAM: reset: tegra-bpmp: Restore Handle e..
git tree: android12-5.4
console+strace: https://syzkaller.appspot.com/x/log.txt?x=16e97ef7f00000
kernel config: https://syzkaller.appspot.com/x/.config?x=d3ed5af00411ba5f
dashboard link: https://syzkaller.appspot.com/bug?extid=d1de589e018e6b4b8168
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1010f0e3f00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15135080080000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+d1de58...@syzkaller.appspotmail.com
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 304 Comm: syz-executor115 Not tainted 5.4.190-syzkaller-00008-gff81cbffa822 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:cdev_get fs/char_dev.c:350 [inline]
RIP: 0010:chrdev_open+0x6e/0x5b0 fs/char_dev.c:400
Code: 00 4c 89 f3 48 c1 eb 03 42 80 3c 23 00 74 08 4c 89 f7 e8 95 40 fb ff 4d 8b 2e 4d 85 ed 74 40 49 8d 5d 60 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 73 40 fb ff 48 8b 1b 48 85 db 0f
RSP: 0018:ffff8881de767a60 EFLAGS: 00010206
RAX: 000000000000000c RBX: 0000000000000062 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8881de767a24
RBP: ffffffff81916690 R08: dffffc0000000000 R09: ffffed103bcecf45
R10: ffffed103bcecf45 R11: 1ffff1103bcecf44 R12: dffffc0000000000
R13: 0000000000000002 R14: ffff8881e632ed30 R15: ffff8881e632eae8
FS: 0000555556ceb3c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055678e872698 CR3: 00000001e0cd6000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
do_dentry_open+0x7e3/0xef0 fs/open.c:796
do_last fs/namei.c:3495 [inline]
path_openat+0x1464/0x3710 fs/namei.c:3612
do_filp_open+0x19a/0x3a0 fs/namei.c:3642
do_sys_open+0x2e3/0x700 fs/open.c:1113
do_syscall_64+0xcb/0x1c0 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7fcb6d085909
Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc6a81f528 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007ffc6a81f538 RCX: 00007fcb6d085909
RDX: 0000000000000034 RSI: 0000000000080082 RDI: 0000000020000040
RBP: 00007ffc6a81f530 R08: 00007fcb6d043bd0 R09: 00007fcb6d043bd0
R10: 00007fcb6d043bd0 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
---[ end trace 82f5342df019752f ]---
RIP: 0010:cdev_get fs/char_dev.c:350 [inline]
RIP: 0010:chrdev_open+0x6e/0x5b0 fs/char_dev.c:400
Code: 00 4c 89 f3 48 c1 eb 03 42 80 3c 23 00 74 08 4c 89 f7 e8 95 40 fb ff 4d 8b 2e 4d 85 ed 74 40 49 8d 5d 60 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 73 40 fb ff 48 8b 1b 48 85 db 0f
RSP: 0018:ffff8881de767a60 EFLAGS: 00010206
RAX: 000000000000000c RBX: 0000000000000062 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8881de767a24
RBP: ffffffff81916690 R08: dffffc0000000000 R09: ffffed103bcecf45
R10: ffffed103bcecf45 R11: 1ffff1103bcecf44 R12: dffffc0000000000
R13: 0000000000000002 R14: ffff8881e632ed30 R15: ffff8881e632eae8
FS: 0000555556ceb3c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055678e872698 CR3: 00000001e0cd6000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
0: 00 4c 89 f3 add %cl,-0xd(%rcx,%rcx,4)
4: 48 c1 eb 03 shr $0x3,%rbx
8: 42 80 3c 23 00 cmpb $0x0,(%rbx,%r12,1)
d: 74 08 je 0x17
f: 4c 89 f7 mov %r14,%rdi
12: e8 95 40 fb ff callq 0xfffb40ac
17: 4d 8b 2e mov (%r14),%r13
1a: 4d 85 ed test %r13,%r13
1d: 74 40 je 0x5f
1f: 49 8d 5d 60 lea 0x60(%r13),%rbx
23: 48 89 d8 mov %rbx,%rax
26: 48 c1 e8 03 shr $0x3,%rax
* 2a: 42 80 3c 20 00 cmpb $0x0,(%rax,%r12,1) <-- trapping instruction
2f: 74 08 je 0x39
31: 48 89 df mov %rbx,%rdi
34: e8 73 40 fb ff callq 0xfffb40ac
39: 48 8b 1b mov (%rbx),%rbx
3c: 48 85 db test %rbx,%rbx
3f: 0f .byte 0xf
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Jun 8, 2022, 11:37:22 AM6/8/22
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: fdd06dc6b0f8 ANDROID: GKI: db845c: Update symbols list and..
syzbot found the following issue on:
git tree: android12-5.10-lts
console+strace: https://syzkaller.appspot.com/x/log.txt?x=1222d573f00000
kernel config: https://syzkaller.appspot.com/x/.config?x=298c89d0104c8e66
dashboard link: https://syzkaller.appspot.com/bug?extid=16342c5db3ef64c0f60a
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=137e025ff00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=175c1253f00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
general protection fault, probably for non-canonical address 0xdffffc000000000c: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000060-0x0000000000000067]
CPU: 0 PID: 371 Comm: syz-executor270 Not tainted 5.10.117-syzkaller-00814-gfdd06dc6b0f8 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:cdev_get fs/char_dev.c:350 [inline]
RIP: 0010:chrdev_open+0xb3/0x680 fs/char_dev.c:400
RIP: 0010:cdev_get fs/char_dev.c:350 [inline]
Code: 00 4c 89 fb 48 c1 eb 03 42 80 3c 33 00 74 08 4c 89 ff e8 50 25 f7 ff 4d 8b 2f 4d 85 ed 74 40 49 8d 5d 60 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 74 08 48 89 df e8 2e 25 f7 ff 48 8b 1b 48 85 db 0f
RSP: 0018:ffffc90000c077a0 EFLAGS: 00010206
RAX: 000000000000000c RBX: 0000000000000062 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000c07720
RBP: ffffc90000c07880 R08: dffffc0000000000 R09: 0000000000000003
R10: fffff52000180ee5 R11: 1ffff92000180ee4 R12: 1ffff92000180efc
R13: 0000000000000002 R14: dffffc0000000000 R15: ffff8881199fdbc0
FS: 00005555564453c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f652f57e6a8 CR3: 00000001061ab000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
do_dentry_open+0x7a2/0x1090 fs/open.c:819
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
vfs_open+0x73/0x80 fs/open.c:942
do_open fs/namei.c:3327 [inline]
path_openat+0x2638/0x2fd0 fs/namei.c:3444
do_filp_open+0x200/0x440 fs/namei.c:3471
do_sys_openat2+0x13b/0x470 fs/open.c:1211
do_sys_open fs/open.c:1227 [inline]
__do_sys_open fs/open.c:1235 [inline]
__se_sys_open fs/open.c:1231 [inline]
__x64_sys_open+0x221/0x270 fs/open.c:1231
do_syscall_64+0x34/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7f7969805909
Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fffdc1184c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007fffdc1184d8 RCX: 00007f7969805909
RDX: 0000000000000034 RSI: 0000000000080082 RDI: 0000000020000040
RBP: 00007fffdc1184d0 R08: 00007f79697c3bd0 R09: 00007f79697c3bd0
R10: 00007f79697c3bd0 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
---[ end trace 0fd24476f99204e4 ]---
Modules linked in:
RIP: 0010:cdev_get fs/char_dev.c:350 [inline]
RIP: 0010:chrdev_open+0xb3/0x680 fs/char_dev.c:400
Code: 00 4c 89 fb 48 c1 eb 03 42 80 3c 33 00 74 08 4c 89 ff e8 50 25 f7 ff 4d 8b 2f 4d 85 ed 74 40 49 8d 5d 60 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 74 08 48 89 df e8 2e 25 f7 ff 48 8b 1b 48 85 db 0f
RSP: 0018:ffffc90000c077a0 EFLAGS: 00010206
RAX: 000000000000000c RBX: 0000000000000062 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000c07720
RBP: ffffc90000c07880 R08: dffffc0000000000 R09: 0000000000000003
R10: fffff52000180ee5 R11: 1ffff92000180ee4 R12: 1ffff92000180efc
R13: 0000000000000002 R14: dffffc0000000000 R15: ffff8881199fdbc0
FS: 00005555564453c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f652f57e6a8 CR3: 00000001061ab000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
0: 00 4c 89 fb add %cl,-0x5(%rcx,%rcx,4)
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
4: 48 c1 eb 03 shr $0x3,%rbx
8: 42 80 3c 33 00 cmpb $0x0,(%rbx,%r14,1)
d: 74 08 je 0x17
f: 4c 89 ff mov %r15,%rdi
12: e8 50 25 f7 ff callq 0xfff72567
17: 4d 8b 2f mov (%r15),%r13
1a: 4d 85 ed test %r13,%r13
1d: 74 40 je 0x5f
1f: 49 8d 5d 60 lea 0x60(%r13),%rbx
23: 48 89 d8 mov %rbx,%rax
26: 48 c1 e8 03 shr $0x3,%rax
* 2a: 42 80 3c 30 00 cmpb $0x0,(%rax,%r14,1) <-- trapping instruction
1d: 74 40 je 0x5f
1f: 49 8d 5d 60 lea 0x60(%r13),%rbx
23: 48 89 d8 mov %rbx,%rax
26: 48 c1 e8 03 shr $0x3,%rax
2f: 74 08 je 0x39
31: 48 89 df mov %rbx,%rdi
34: e8 2e 25 f7 ff callq 0xfff72567
31: 48 89 df mov %rbx,%rdi
syzbot
Sep 12, 2022, 4:56:22 PM9/12/22
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
This bug is marked as fixed by commit:
9p: missing chunk of "fs/9p: Don't update file type when
But I can't find it in any tested tree for more than 90 days.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
new crashes with the same signature are ignored.
9p: missing chunk of "fs/9p: Don't update file type when
But I can't find it in any tested tree for more than 90 days.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
new crashes with the same signature are ignored.
Tadeusz Struk
Sep 12, 2022, 5:09:03 PM9/12/22
to syzbot, syzkaller-a...@googlegroups.com, tade...@google.com
#syz fix: fs/9p: Don't update file type when updating file attributes
syzbot
Dec 11, 2022, 4:09:24 PM12/11/22
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
This bug is marked as fixed by commit:
fs/9p: Don't update file type when updating file attributes
But I can't find it in any tested tree for more than 90 days.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
new crashes with the same signature are ignored.
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and
syzbot
Dec 25, 2022, 4:09:27 PM12/25/22
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
This bug is marked as fixed by commit:
fs/9p: Don't update file type when updating file attributes
But I can't find it in the tested trees[1] for more than 90 days.
fs/9p: Don't update file type when updating file attributes
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and new crashes with
the same signature are ignored.
Kernel: Android 5.10
#syz fix: exact-commit-title
Until then the bug is still considered open and new crashes with
the same signature are ignored.
Dashboard link: https://syzkaller.appspot.com/bug?extid=16342c5db3ef64c0f60a
---
[1] I expect the commit to be present in:
1. android12-5.10-lts branch of
https://android.googlesource.com/kernel/common
syzbot
Jan 8, 2023, 4:10:29 PM1/8/23
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
syzbot
Jan 22, 2023, 4:11:31 PM1/22/23
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
syzbot
Feb 5, 2023, 4:12:38 PM2/5/23
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
syzbot
Feb 19, 2023, 4:13:39 PM2/19/23
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
syzbot
Mar 5, 2023, 4:14:30 PM3/5/23
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
syzbot
Mar 19, 2023, 5:14:41 PM3/19/23
to syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
Aleksandr Nogikh
Mar 20, 2023, 5:54:57 AM3/20/23
to syzbot, syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com, Tudor-Dan Ambarus, Lee Jones
Cc Tudor and Lee
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-android-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-android...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-android-bugs/000000000000718afa05f7474cb6%40google.com.
> You received this message because you are subscribed to the Google Groups "syzkaller-android-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-android...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-android-bugs/000000000000718afa05f7474cb6%40google.com.
Lee Jones
Mar 20, 2023, 6:15:55 AM3/20/23
to Aleksandr Nogikh, syzbot, syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com, Tudor-Dan Ambarus
That patch isn't anywhere to be seen.
What I do see (in every upstream and ACK tree) however is:
9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"
| ||||||||||
Tudor Ambarus
Mar 20, 2023, 6:17:04 AM3/20/23
to Aleksandr Nogikh, syzbot, syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com, Lee Jones
Hi, Aleksandr,
Thanks for the cc.
On 3/20/23 09:54, Aleksandr Nogikh wrote:
> Cc Tudor and Lee
>
> On Sun, Mar 19, 2023 at 10:14 PM syzbot
> <syzbot+16342c...@syzkaller.appspotmail.com> wrote:
>>
>> This bug is marked as fixed by commit:
>> fs/9p: Don't update file type when updating file attributes
>>
>> But I can't find it in the tested trees[1] for more than 90 days.
>> Is it a correct commit? Please update it by replying:
$ git log --oneline aosp/android12-5.10-lts | grep "fs/9p: Don't update
updating file attributes"
45089142b149 fs/9p: Don't update file type when updating file attributes
That patch was integrated in linux v3.2, so it's there. Maybe syzbot is
searching for the patch in some window and not throughout the entire kernel?
Cheers,
ta
Thanks for the cc.
On 3/20/23 09:54, Aleksandr Nogikh wrote:
> Cc Tudor and Lee
>
> On Sun, Mar 19, 2023 at 10:14 PM syzbot
> <syzbot+16342c...@syzkaller.appspotmail.com> wrote:
>>
>> This bug is marked as fixed by commit:
>> fs/9p: Don't update file type when updating file attributes
>>
>> But I can't find it in the tested trees[1] for more than 90 days.
>> Is it a correct commit? Please update it by replying:
file type when updating file attributes"
56a7f57da5d0 9p: missing chunk of "fs/9p: Don't update file type when
updating file attributes"
45089142b149 fs/9p: Don't update file type when updating file attributes
That patch was integrated in linux v3.2, so it's there. Maybe syzbot is
searching for the patch in some window and not throughout the entire kernel?
Cheers,
ta
Lee Jones
Mar 20, 2023, 6:21:28 AM3/20/23
to Tudor Ambarus, Aleksandr Nogikh, syzbot, syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com
On Mon, 20 Mar 2023 at 10:17, Tudor Ambarus <tudo...@google.com> wrote:
Hi, Aleksandr,
Thanks for the cc.
On 3/20/23 09:54, Aleksandr Nogikh wrote:
> Cc Tudor and Lee
>
> On Sun, Mar 19, 2023 at 10:14 PM syzbot
> <syzbot+16342c...@syzkaller.appspotmail.com> wrote:
>>
>> This bug is marked as fixed by commit:
>> fs/9p: Don't update file type when updating file attributes
>>
>> But I can't find it in the tested trees[1] for more than 90 days.
>> Is it a correct commit? Please update it by replying:
$ git log --oneline aosp/android12-5.10-lts | grep "fs/9p: Don't update
file type when updating file attributes"
56a7f57da5d0 9p: missing chunk of "fs/9p: Don't update file type when
updating file attributes"
45089142b149 fs/9p: Don't update file type when updating file attributes
That patch was integrated in linux v3.2, so it's there. Maybe syzbot is
searching for the patch in some window and not throughout the entire kernel?
My tooling only looks back as far as v4.4.
The patch you are looking for is the latter one.
See: b/235348640
Tudor Ambarus
Mar 20, 2023, 6:30:16 AM3/20/23
to syzbot, Aleksandr Nogikh, syzbot, syzkaller-a...@googlegroups.com, Lee Jones
On 3/20/23 10:21, Lee Jones wrote:
> On Mon, 20 Mar 2023 at 10:17, Tudor Ambarus <tudo...@google.com
> <mailto:tudo...@google.com>> wrote:
>
> Hi, Aleksandr,
>
> Thanks for the cc.
>
> On 3/20/23 09:54, Aleksandr Nogikh wrote:
> > Cc Tudor and Lee
> >
> > On Sun, Mar 19, 2023 at 10:14 PM syzbot
> > <syzbot+16342c...@syzkaller.appspotmail.com
> <mailto:syzbot%2B16342c5db...@syzkaller.appspotmail.com>> wrote:
> >>
> >> This bug is marked as fixed by commit:
> >> fs/9p: Don't update file type when updating file attributes
> >>
> >> But I can't find it in the tested trees[1] for more than 90 days.
> >> Is it a correct commit? Please update it by replying:
>
>
> $ git log --oneline aosp/android12-5.10-lts | grep "fs/9p: Don't update
> file type when updating file attributes"
> 56a7f57da5d0 9p: missing chunk of "fs/9p: Don't update file type when
> updating file attributes"
> 45089142b149 fs/9p: Don't update file type when updating file attributes
>
> That patch was integrated in linux v3.2, so it's there. Maybe syzbot is
> searching for the patch in some window and not throughout the entire
> kernel?
>
>
> My tooling only looks back as far as v4.4.
>
> The patch you are looking for is the latter one.
>
> See: b/235348640
>
syz fix: "9p: missing chunk of "fs/9p: Don't update file type when
> >>
> >> This bug is marked as fixed by commit:
> >> fs/9p: Don't update file type when updating file attributes
> >>
> >> But I can't find it in the tested trees[1] for more than 90 days.
> >> Is it a correct commit? Please update it by replying:
>
>
> $ git log --oneline aosp/android12-5.10-lts | grep "fs/9p: Don't update
> file type when updating file attributes"
> 56a7f57da5d0 9p: missing chunk of "fs/9p: Don't update file type when
> updating file attributes"
> 45089142b149 fs/9p: Don't update file type when updating file attributes
>
> That patch was integrated in linux v3.2, so it's there. Maybe syzbot is
> searching for the patch in some window and not throughout the entire
> kernel?
>
>
> My tooling only looks back as far as v4.4.
>
> The patch you are looking for is the latter one.
>
> See: b/235348640
>
updating file attributes""
Tudor Ambarus
Mar 20, 2023, 6:31:29 AM3/20/23
to syzbot, Aleksandr Nogikh, syzkaller-a...@googlegroups.com, Lee Jones
updating file attributes""
Tudor Ambarus
Mar 20, 2023, 6:33:07 AM3/20/23
to syzbot, Aleksandr Nogikh, syzkaller-a...@googlegroups.com, Lee Jones
syzbot
Apr 22, 2023, 4:07:39 AM4/22/23
to syzkaller-a...@googlegroups.com
Auto-closing this bug as obsolete.
No recent activity, existing reproducers are no longer triggering the issue.
No recent activity, existing reproducers are no longer triggering the issue.
syzbot
Jun 18, 2023, 6:34:49 AM6/18/23
to jone...@google.com, nog...@google.com, syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com, tudo...@google.com
This bug is marked as fixed by commit:
9p: missing chunk of "fs/9p: Don't update file type when
But I can't find it in the tested trees[1] for more than 90 days.
Is it a correct commit? Please update it by replying:
Is it a correct commit? Please update it by replying:
#syz fix: exact-commit-title
Until then the bug is still considered open and new crashes with
the same signature are ignored.
Kernel: Android 5.10
Dashboard link: https://syzkaller.appspot.com/bug?extid=16342c5db3ef64c0f60a
---
[1] I expect the commit to be present in:
1. android13-5.10-lts branch of
Until then the bug is still considered open and new crashes with
the same signature are ignored.
Kernel: Android 5.10
Dashboard link: https://syzkaller.appspot.com/bug?extid=16342c5db3ef64c0f60a
---
[1] I expect the commit to be present in:
https://android.googlesource.com/kernel/common
syzbot
Jul 2, 2023, 6:36:45 AM7/2/23
to jone...@google.com, nog...@google.com, syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com, tudo...@google.com
syzbot
Jul 16, 2023, 6:37:46 AM7/16/23
to jone...@google.com, nog...@google.com, syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com, tudo...@google.com
syzbot
Jul 30, 2023, 6:38:49 AM7/30/23
to jone...@google.com, nog...@google.com, syzkaller-a...@googlegroups.com, tadeus...@linaro.org, tade...@google.com, tudo...@google.com
Reply all
Reply to author
Forward
0 new messages