KASAN: user-memory-access Write in tomoyo_domain
閲覧: 4 回
最初の未読メッセージにスキップ
syzbot
2021/05/17 7:48:182021/05/17
To: syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: e3d35712 Add linux-next specific files for 20210423
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=15638aa5d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=e370221d7500b26a
dashboard link: https://syzkaller.appspot.com/bug?extid=fa0570ba55bb556f03fd
CC: [jmo...@namei.org linux-...@vger.kernel.org linux-secu...@vger.kernel.org penguin...@I-love.SAKURA.ne.jp se...@hallyn.com take...@nttdata.co.jp]
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+fa0570...@syzkaller.appspotmail.com
==================================================================
BUG: KASAN: user-memory-access in instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
BUG: KASAN: user-memory-access in atomic_dec include/asm-generic/atomic-instrumented.h:330 [inline]
BUG: KASAN: user-memory-access in tomoyo_domain+0xee/0x150 security/tomoyo/tomoyo.c:21
Write of size 4 at addr 00000000000010a2 by task systemd-udevd/4868
CPU: 0 PID: 4868 Comm: systemd-udevd Not tainted 5.12.0-rc8-next-20210423-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:79 [inline]
dump_stack+0x141/0x1d7 lib/dump_stack.c:120
__kasan_report mm/kasan/report.c:423 [inline]
kasan_report.cold+0x5f/0xd8 mm/kasan/report.c:436
check_region_inline mm/kasan/generic.c:180 [inline]
kasan_check_range+0x13d/0x180 mm/kasan/generic.c:186
instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
atomic_dec include/asm-generic/atomic-instrumented.h:330 [inline]
tomoyo_domain+0xee/0x150 security/tomoyo/tomoyo.c:21
tomoyo_init_request_info+0x1e2/0x370 security/tomoyo/util.c:1026
tomoyo_path_number_perm+0x149/0x590 security/tomoyo/file.c:719
tomoyo_path_mknod+0x10d/0x190 security/tomoyo/tomoyo.c:240
security_path_mknod+0xf9/0x170 security/security.c:1131
may_o_create fs/namei.c:3036 [inline]
lookup_open.isra.0+0x475/0x13d0 fs/namei.c:3178
open_last_lookups fs/namei.c:3285 [inline]
path_openat+0x9af/0x27d0 fs/namei.c:3491
do_filp_open+0x190/0x3d0 fs/namei.c:3521
do_sys_openat2+0x16d/0x420 fs/open.c:1187
do_sys_open fs/open.c:1203 [inline]
__do_sys_open fs/open.c:1211 [inline]
__se_sys_open fs/open.c:1207 [inline]
__x64_sys_open+0x119/0x1c0 fs/open.c:1207
do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fedf1482840
Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24
RSP: 002b:00007ffebb20d468 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007fedf1482840
RDX: 00000000000001a4 RSI: 0000000000080141 RDI: 00005588139d3369
RBP: 00005588139d3369 R08: 80c0fefc00000000 R09: 0000000000000004
R10: 8a619fd8edb7aa85 R11: 0000000000000246 R12: 00005588147b5010
R13: 00000000fffffffe R14: 0000000000000000 R15: 0000000000000001
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: e3d35712 Add linux-next specific files for 20210423
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=15638aa5d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=e370221d7500b26a
dashboard link: https://syzkaller.appspot.com/bug?extid=fa0570ba55bb556f03fd
CC: [jmo...@namei.org linux-...@vger.kernel.org linux-secu...@vger.kernel.org penguin...@I-love.SAKURA.ne.jp se...@hallyn.com take...@nttdata.co.jp]
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+fa0570...@syzkaller.appspotmail.com
==================================================================
BUG: KASAN: user-memory-access in instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
BUG: KASAN: user-memory-access in atomic_dec include/asm-generic/atomic-instrumented.h:330 [inline]
BUG: KASAN: user-memory-access in tomoyo_domain+0xee/0x150 security/tomoyo/tomoyo.c:21
Write of size 4 at addr 00000000000010a2 by task systemd-udevd/4868
CPU: 0 PID: 4868 Comm: systemd-udevd Not tainted 5.12.0-rc8-next-20210423-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:79 [inline]
dump_stack+0x141/0x1d7 lib/dump_stack.c:120
__kasan_report mm/kasan/report.c:423 [inline]
kasan_report.cold+0x5f/0xd8 mm/kasan/report.c:436
check_region_inline mm/kasan/generic.c:180 [inline]
kasan_check_range+0x13d/0x180 mm/kasan/generic.c:186
instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
atomic_dec include/asm-generic/atomic-instrumented.h:330 [inline]
tomoyo_domain+0xee/0x150 security/tomoyo/tomoyo.c:21
tomoyo_init_request_info+0x1e2/0x370 security/tomoyo/util.c:1026
tomoyo_path_number_perm+0x149/0x590 security/tomoyo/file.c:719
tomoyo_path_mknod+0x10d/0x190 security/tomoyo/tomoyo.c:240
security_path_mknod+0xf9/0x170 security/security.c:1131
may_o_create fs/namei.c:3036 [inline]
lookup_open.isra.0+0x475/0x13d0 fs/namei.c:3178
open_last_lookups fs/namei.c:3285 [inline]
path_openat+0x9af/0x27d0 fs/namei.c:3491
do_filp_open+0x190/0x3d0 fs/namei.c:3521
do_sys_openat2+0x16d/0x420 fs/open.c:1187
do_sys_open fs/open.c:1203 [inline]
__do_sys_open fs/open.c:1211 [inline]
__se_sys_open fs/open.c:1207 [inline]
__x64_sys_open+0x119/0x1c0 fs/open.c:1207
do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fedf1482840
Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24
RSP: 002b:00007ffebb20d468 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007fedf1482840
RDX: 00000000000001a4 RSI: 0000000000080141 RDI: 00005588139d3369
RBP: 00005588139d3369 R08: 80c0fefc00000000 R09: 0000000000000004
R10: 8a619fd8edb7aa85 R11: 0000000000000246 R12: 00005588147b5010
R13: 00000000fffffffe R14: 0000000000000000 R15: 0000000000000001
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
2021/06/28 4:40:122021/06/28
To: syzkaller-upst...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
全員に返信
投稿者に返信
転送
新着メール 0 件