Re: KASAN: null-ptr-deref Write in media_request_close

From: Ricardo CaÃuelo
Date: Fri Jun 19 2020 - 10:14:35 EST

Next message: Jens Axboe: "Re: [PATCH 3/3] io_uring: add support for zone-append"
Previous message: Eric W. Biederman: "[PATCH] proc: Avoid a thundering herd of threads freeing proc dentries"
In reply to: syzbot: "Re: KASAN: null-ptr-deref Write in media_request_close"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On jue 18-06-2020 15:38:16, Ezequiel Garcia wrote:
> Adding Ricardo.
>
> Are we seeing this due to the recent syzkaller media controller additions?
>
> Thanks,
> Ezequiel

It seems like it, yes. The MEDIA_IOC_REQUEST_ALLOC ioctl was defined in
https://github.com/google/syzkaller/commit/c5e085d96d1cdc855365b7fd9c1825b886f266f6

It's impressive how quickly it started yielding some results, especially
considering that the description was very basic and that there's no
other specific info about this api guiding the fuzzer.

Thanks for letting me know!

Cheers,
Ricardo

Next message: Jens Axboe: "Re: [PATCH 3/3] io_uring: add support for zone-append"
Previous message: Eric W. Biederman: "[PATCH] proc: Avoid a thundering herd of threads freeing proc dentries"
In reply to: syzbot: "Re: KASAN: null-ptr-deref Write in media_request_close"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]