On 10/23/22 15:03, syzbot wrote: > syzbot has found a reproducer for the following issue on: > > HEAD commit: 4d48f589d294 Add linux-next specific files for 20221021 > git tree: linux-next > console+strace: https://syzkaller.appspot.com/x/log.txt?x=165e09b4880000 > kernel config: https://syzkaller.appspot.com/x/.config?x=2c4b7d600a5739a6 > dashboard link: https://syzkaller.appspot.com/bug?extid=1b27d7a2722eabc2c5d5 > compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1546e96a880000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=123eabd2880000 Thanks for the reproducer! > Downloadable assets: > disk image: https://storage.googleapis.com/syzbot-assets/0c86bd0b39a0/disk-4d48f589.raw.xz > vmlinux: https://storage.googleapis.com/syzbot-assets/074059d37f1f/vmlinux-4d48f589.xz > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > Reported-by: syzbot+1b27d7a2722eabc2c5d5@xxxxxxxxxxxxxxxxxxxxxxxxx > > ================================================================== > BUG: KASAN: use-after-free in instrument_atomic_read include/linux/instrumented.h:72 [inline] > BUG: KASAN: use-after-free in atomic_long_read include/linux/atomic/atomic-instrumented.h:1265 [inline] > BUG: KASAN: use-after-free in is_rwsem_reader_owned kernel/locking/rwsem.c:193 [inline] > BUG: KASAN: use-after-free in __down_read_common kernel/locking/rwsem.c:1262 [inline] > BUG: KASAN: use-after-free in __down_read_common kernel/locking/rwsem.c:1255 [inline] > BUG: KASAN: use-after-free in __down_read kernel/locking/rwsem.c:1269 [inline] > BUG: KASAN: use-after-free in down_read+0x1d3/0x450 kernel/locking/rwsem.c:1511 > Read of size 8 at addr ffff88801263a508 by task syz-executor409/3698 Verified this is indeed addressed with, https://lore.kernel.org/linux-mm/20221023025047.470646-1-mike.kravetz@xxxxxxxxxx/ -- Mike Kravetz
