Re: [syzbot] [io-uring?] KASAN: use-after-free Read in io_worker_get

From: syzbot
Date: Wed Mar 15 2023 - 01:35:44 EST

Next message: kernel test robot: "[ammarfaizi2-block:paulmck/linux-rcu/dev.2023.03.06a] [locktorture] b5f34f7f54: WARNING:at_kernel/locking/locktorture.c:#torture_spin_lock_write_delay"
Previous message: Yang Li: "[PATCH -next] mmc: omap: Use devm_platform_get_and_ioremap_resource()"
Next in thread: Aleksandr Nogikh: "Re: [syzbot] [io-uring?] KASAN: use-after-free Read in io_worker_get"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

syzbot suspects this issue was fixed by commit:

commit e6db6f9398dadcbc06318a133d4c44a2d3844e61
Author: Jens Axboe <axboe@xxxxxxxxx>
Date: Sun Jan 8 17:39:17 2023 +0000

io_uring/io-wq: only free worker if it was allocated for creation

bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=108bc2e2c80000
start commit: a689b938df39 Merge tag 'block-2023-01-06' of git://git.ker..
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=33ad6720950f996d
dashboard link: https://syzkaller.appspot.com/bug?extid=55cc59267340fad29512
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1532ef72480000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10b43f3a480000

If the result looks correct, please mark the issue as fixed by replying with:

#syz fix: io_uring/io-wq: only free worker if it was allocated for creation

For information about bisection process see: https://goo.gl/tpsmEJ#bisection

Next message: kernel test robot: "[ammarfaizi2-block:paulmck/linux-rcu/dev.2023.03.06a] [locktorture] b5f34f7f54: WARNING:at_kernel/locking/locktorture.c:#torture_spin_lock_write_delay"
Previous message: Yang Li: "[PATCH -next] mmc: omap: Use devm_platform_get_and_ioremap_resource()"
Next in thread: Aleksandr Nogikh: "Re: [syzbot] [io-uring?] KASAN: use-after-free Read in io_worker_get"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]