syzbot
unread,Apr 8, 2024, 4:31:25 AMApr 8Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to amir...@gmail.com, bra...@kernel.org, chuck...@oracle.com, ja...@suse.cz, jla...@kernel.org, linux-...@vger.kernel.org, linux-...@vger.kernel.org, linu...@vger.kernel.org, syzkall...@googlegroups.com, vi...@zeniv.linux.org.uk
Hello,
syzbot found the following issue on:
HEAD commit: 727900b675b7 Add linux-next specific files for 20240403
git tree: linux-next
console output:
https://syzkaller.appspot.com/x/log.txt?x=15bf53c5180000
kernel config:
https://syzkaller.appspot.com/x/.config?x=afcaf46d374cec8c
dashboard link:
https://syzkaller.appspot.com/bug?extid=454fe737909d37a0e5fe
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image:
https://storage.googleapis.com/syzbot-assets/f8fb4daa7a83/disk-727900b6.raw.xz
vmlinux:
https://storage.googleapis.com/syzbot-assets/d2a6994aee53/vmlinux-727900b6.xz
kernel image:
https://storage.googleapis.com/syzbot-assets/6759e5411c39/bzImage-727900b6.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+454fe7...@syzkaller.appspotmail.com
==================================================================
BUG: KFENCE: memory corruption in handle_to_path fs/fhandle.c:213 [inline]
BUG: KFENCE: memory corruption in do_handle_open+0x4be/0x660 fs/fhandle.c:226
Corrupted memory at 0xffff88823bdccff8 [ 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 ] (in kfence-#229):
handle_to_path fs/fhandle.c:213 [inline]
do_handle_open+0x4be/0x660 fs/fhandle.c:226
do_syscall_64+0xfb/0x240
entry_SYSCALL_64_after_hwframe+0x72/0x7a
kfence-#229: 0xffff88823bdccfe0-0xffff88823bdccff7, size=24, cache=kmalloc-32
allocated by task 5382 on cpu 1 at 75.554801s:
kmalloc_noprof include/linux/slab.h:664 [inline]
handle_to_path fs/fhandle.c:195 [inline]
do_handle_open+0x162/0x660 fs/fhandle.c:226
do_syscall_64+0xfb/0x240
entry_SYSCALL_64_after_hwframe+0x72/0x7a
freed by task 5382 on cpu 1 at 75.554827s:
handle_to_path fs/fhandle.c:213 [inline]
do_handle_open+0x4be/0x660 fs/fhandle.c:226
do_syscall_64+0xfb/0x240
entry_SYSCALL_64_after_hwframe+0x72/0x7a
CPU: 1 PID: 5382 Comm: syz-executor.0 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
==================================================================
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup