| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <00000000000025403d061df1d927@google.com> Date: Tue, 23 Jul 2024 15:40:27 -0700 From: syzbot <syzbot+cea4fad5485bc30243a9@...kaller.appspotmail.com> To: jfs-discussion@...ts.sourceforge.net, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, shaggy@...nel.org, syzkaller-bugs@...glegroups.com Subject: Re: [syzbot] [jfs?] KASAN: user-memory-access Read in jfs_statfs syzbot has found a reproducer for the following issue on: HEAD commit: 28bbe4ea686a Merge tag 'i2c-for-6.11-rc1-second-batch' of .. git tree: upstream console+strace: https://syzkaller.appspot.com/x/log.txt?x=157aa8e3980000 kernel config: https://syzkaller.appspot.com/x/.config?x=9d240b438cabdc8e dashboard link: https://syzkaller.appspot.com/bug?extid=cea4fad5485bc30243a9 compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13d35b1d980000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=120152b1980000 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/cd50d9d26f43/disk-28bbe4ea.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/5cc17b9d307f/vmlinux-28bbe4ea.xz kernel image: https://storage.googleapis.com/syzbot-assets/bfb78d6d09b6/bzImage-28bbe4ea.xz mounted in repro: https://storage.googleapis.com/syzbot-assets/0522d99a5f0b/mount_0.gz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+cea4fad5485bc30243a9@...kaller.appspotmail.com ================================================================== BUG: KASAN: user-memory-access in instrument_atomic_read include/linux/instrumented.h:68 [inline] BUG: KASAN: user-memory-access in atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline] BUG: KASAN: user-memory-access in jfs_statfs+0x20e/0x510 fs/jfs/super.c:140 Read of size 4 at addr 00000000000050c0 by task syz-executor415/5092 CPU: 1 UID: 0 PID: 5092 Comm: syz-executor415 Not tainted 6.10.0-syzkaller-12084-g28bbe4ea686a #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 print_report+0xe8/0x550 mm/kasan/report.c:491 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 instrument_atomic_read include/linux/instrumented.h:68 [inline] atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline] jfs_statfs+0x20e/0x510 fs/jfs/super.c:140 statfs_by_dentry fs/statfs.c:66 [inline] vfs_statfs fs/statfs.c:90 [inline] user_statfs+0x213/0x460 fs/statfs.c:105 __do_sys_statfs fs/statfs.c:195 [inline] __se_sys_statfs fs/statfs.c:192 [inline] __x64_sys_statfs+0xe8/0x1a0 fs/statfs.c:192 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa111cece59 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fa111c82218 EFLAGS: 00000246 ORIG_RAX: 0000000000000089 RAX: ffffffffffffffda RBX: 00007fa111d7b718 RCX: 00007fa111cece59 RDX: 00007fa111cece59 RSI: 0000000000000000 RDI: 00000000200003c0 RBP: 00007fa111d7b710 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa111d4829c R13: 0032656c69662f2e R14: a92483129444e42d R15: 00007ffecd531438 </TASK> ================================================================== --- If you want syzbot to run the reproducer, reply with: #syz test: git://repo/address.git branch-or-commit-hash If you attach or paste a git patch, syzbot will apply it before testing.
Powered by blists - more mailing lists