Re: [RFC] block: fix access of uninitialized pointer address in bt_for_each()

From: Bart Van Assche
Date: Sat Apr 18 2020 - 11:27:02 EST

Next message: Horatiu Vultur: "Re: [RFC net-next v5 3/9] bridge: mrp: Expose function br_mrp_port_open"
Previous message: Jonathan Cameron: "Re: [PATCH] iio: core: fail early in iio_device_alloc() if we can't get a device id"
In reply to: yukuai (C): "Re: [RFC] block: fix access of uninitialized pointer address in bt_for_each()"
Next in thread: Ming Lei: "Re: [RFC] block: fix access of uninitialized pointer address in bt_for_each()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2020-04-18 02:42, yukuai (C) wrote:
> [ÂÂ 61.988933] BUG: KASAN: use-after-free in bt_iter+0x29e/0x310
> [ÂÂ 61.989446] Read of size 8 at addr ffff88824f5d8c00 by task dd/2659
> [ÂÂ 61.989996]
> [ÂÂ 61.990136] CPU: 2 PID: 2659 Comm: dd Not tainted
> 4.19.90-00001-g9c3fb8226112-dirty #44

Hi Yu Kuai,

So this use-after-free was encountered with kernel version 4.19? Please
develop block layer kernel patches against Jens' for-next branch from
git://git.kernel.dk/linux-block. If it wouldn't be possible to reproduce
this issue with Jens' for-next branch, the next step is to check which
patch(es) fixed this issue and to ask Greg KH to backport these patches
to the stable tree.

Thanks,

Bart.

Next message: Horatiu Vultur: "Re: [RFC net-next v5 3/9] bridge: mrp: Expose function br_mrp_port_open"
Previous message: Jonathan Cameron: "Re: [PATCH] iio: core: fail early in iio_device_alloc() if we can't get a device id"
In reply to: yukuai (C): "Re: [RFC] block: fix access of uninitialized pointer address in bt_for_each()"
Next in thread: Ming Lei: "Re: [RFC] block: fix access of uninitialized pointer address in bt_for_each()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]