Re: [syzbot] [kernel?] KASAN: slab-use-after-free Read in task_work_run

From: Hillf Danton
Date: Fri Feb 28 2025 - 19:06:21 EST

Next message: pr-tracker-bot: "Re: [git pull] IOMMU Fixes for Linux v6.14-rc4"
Previous message: Namhyung Kim: "Re: [PATCH 0/6 v2] Fixups for kernel maps insertion"
In reply to: syzbot: "[syzbot] [kernel?] KASAN: slab-use-after-free Read in task_work_run"
Next in thread: syzbot: "Re: [syzbot] [kernel?] KASAN: slab-use-after-free Read in task_work_run"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 27 Feb 2025 08:59:23 -0800
> syzbot found the following issue on:
>
> HEAD commit: 63817c771194 selftests/bpf: Test struct_ops program with _..
> git tree: bpf-next
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12d306e4580000

#syz test

--- x/kernel/events/core.c
+++ y/kernel/events/core.c
@@ -5368,6 +5368,7 @@ static void _free_event(struct perf_even

exclusive_event_destroy(event);
module_put(event->pmu->module);
+ perf_pending_task_sync(event);

call_rcu(&event->rcu_head, free_event_rcu);
}
--

Next message: pr-tracker-bot: "Re: [git pull] IOMMU Fixes for Linux v6.14-rc4"
Previous message: Namhyung Kim: "Re: [PATCH 0/6 v2] Fixups for kernel maps insertion"
In reply to: syzbot: "[syzbot] [kernel?] KASAN: slab-use-after-free Read in task_work_run"
Next in thread: syzbot: "Re: [syzbot] [kernel?] KASAN: slab-use-after-free Read in task_work_run"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]