Reminder: 11 open syzbot bugs in block subsystem

From: Eric Biggers
Date: Tue Jun 25 2019 - 02:17:42 EST


[This email was generated by a script. Let me know if you have any suggestions
to make it better.]

Of the currently open syzbot reports against the upstream kernel, I've manually
marked 11 of them as possibly being bugs in the block subsystem. I've listed
these reports below, sorted by an algorithm that tries to list first the reports
most likely to be still valid, important, and actionable.

Of these 11 bugs, 5 were seen in mainline in the last week.

If you believe a bug is no longer valid, please close the syzbot report by
sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to the
original thread, as explained at https://goo.gl/tpsmEJ#status

If you believe I misattributed a bug to the block subsystem, please let me know,
and if possible forward the report to the correct people or mailing list.

Here are the bugs:

--------------------------------------------------------------------------------
Title: KASAN: use-after-free Read in debugfs_remove (3)
Last occurred: 0 days ago
Reported: 257 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=6d5c55bc531f0ef83e8faca014cc123b4498f7a6
Original thread: https://lkml.kernel.org/lkml/000000000000140c370577db5ece@xxxxxxxxxx/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+903b72a010ad6b7a40f2@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000140c370577db5ece@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: WARNING in generic_make_request_checks
Last occurred: 0 days ago
Reported: 319 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=ff9ab4a23afa7553fb79f745a92be87ba4144508
Original thread: https://lkml.kernel.org/lkml/0000000000003c4e6d0572f85eb2@xxxxxxxxxx/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+21cfe1f803e0e158acf1@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000003c4e6d0572f85eb2@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: WARNING in md_ioctl
Last occurred: 1 day ago
Reported: 421 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=fbf9eaea2e65bfcabb4e2750c3ab0892867edea1
Original thread: https://lkml.kernel.org/lkml/000000000000a52337056b065fb3@xxxxxxxxxx/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+1e46a0864c1a6e9bd3d8@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000a52337056b065fb3@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: KASAN: use-after-free Read in relay_switch_subbuf
Last occurred: 2 days ago
Reported: 271 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=13849f0d9b1b818b087341691be6cc3ac6a6bfb7
Original thread: https://lkml.kernel.org/lkml/0000000000002e4a260576c1589d@xxxxxxxxxx/T/#u

Unfortunately, this bug does not have a reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+29093015c21333d1c46d@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000002e4a260576c1589d@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: memory leak in bio_copy_user_iov
Last occurred: 8 days ago
Reported: 6 days ago
Branches: Mainline
Dashboard link: https://syzkaller.appspot.com/bug?id=3327fb1975fd130ad77d601f4facd655f0b5fa8c
Original thread: https://lkml.kernel.org/lkml/000000000000c75fb7058ba0c0e4@xxxxxxxxxx/T/#u

This bug has a C reproducer.

No one has replied to the original thread for this bug yet.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+03e5c8ebd22cc6c3a8cb@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please reply to the original
thread. For the git send-email command to use, or tips on how to reply if the
thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000c75fb7058ba0c0e4@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: WARNING in kernfs_remove_by_name_ns
Last occurred: 4 days ago
Reported: 1 day ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=7cc35138dcc87c3cc819ad5e34eceab2360d4047
Original thread: https://lkml.kernel.org/lkml/0000000000001bbe63058bfd26d9@xxxxxxxxxx/T/#u

Unfortunately, this bug does not have a reproducer.

No one has replied to the original thread for this bug yet.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+b76f1b62f3f98711bd93@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please reply to the original
thread. For the git send-email command to use, or tips on how to reply if the
thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000001bbe63058bfd26d9@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: KMSAN: kernel-infoleak in copy_page_to_iter (2)
Last occurred: 201 days ago
Reported: 284 days ago
Branches: Mainline (with KMSAN patches)
Dashboard link: https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8
Original thread: https://lkml.kernel.org/lkml/00000000000016eb330575bd2fab@xxxxxxxxxx/T/#u

This bug has a C reproducer.

The original thread for this bug received 5 replies; the last was 40 days ago.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+2dcfeaf8cb49b05e8f1a@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/00000000000016eb330575bd2fab@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: general protection fault in relay_close_buf
Last occurred: 60 days ago
Reported: 48 days ago
Branches: Mainline
Dashboard link: https://syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046
Original thread: https://lkml.kernel.org/lkml/000000000000cff4d50588490e45@xxxxxxxxxx/T/#u

Unfortunately, this bug does not have a reproducer.

The original thread for this bug has received 1 reply, 48 days ago.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+58320b7171734bf79d26@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000cff4d50588490e45@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: general protection fault in debugfs_remove
Last occurred: 70 days ago
Reported: 62 days ago
Branches: Mainline
Dashboard link: https://syzkaller.appspot.com/bug?id=fab43e1b35f4b1004751d97182979a68a8449388
Original thread: https://lkml.kernel.org/lkml/000000000000b20dd60587350ae0@xxxxxxxxxx/T/#u

Unfortunately, this bug does not have a reproducer.

The original thread for this bug has received 1 reply, 62 days ago.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+c091783d82e47615bb28@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000b20dd60587350ae0@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: KASAN: use-after-free Read in disk_map_sector_rcu
Last occurred: 108 days ago
Reported: 171 days ago
Branches: Mainline
Dashboard link: https://syzkaller.appspot.com/bug?id=f81f92bd0974739a6c3ded8d0ea7aaafb039628e
Original thread: https://lkml.kernel.org/lkml/0000000000003804ff057ea47d37@xxxxxxxxxx/T/#u

Unfortunately, this bug does not have a reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+e01322aeded15e015bbd@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000003804ff057ea47d37@xxxxxxxxxx

--------------------------------------------------------------------------------
Title: general protection fault in relay_switch_subbuf
Last occurred: 151 days ago
Reported: 123 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=329e956ea2ff61441908dc7706656920c4ddb2e9
Original thread: https://lkml.kernel.org/lkml/000000000000336578058268a553@xxxxxxxxxx/T/#u

Unfortunately, this bug does not have a reproducer.

The original thread for this bug received 1 reply, 123 days ago.

If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+8e789999f280ccd6930f@xxxxxxxxxxxxxxxxxxxxxxxxx

If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000336578058268a553@xxxxxxxxxx