Re: [syzbot] KASAN: use-after-free Write in io_submit_one

[Pavel Begunkov]

On 12/8/21 05:04, syzbot wrote:
> syzbot has bisected this issue to:
>
> commit 54a88eb838d37af930c9f19e1930a4fba6789cb5
> Author: Pavel Begunkov <asml.silence@xxxxxxxxx>
> Date:   Sat Oct 23 16:21:32 2021 +0000
>
>      block: add single bio async direct IO helper

Looks that's the same George reported yesterday, a fix is queued:
https://git.kernel.dk/cgit/linux-block/commit/?h=block-5.16&id=75feae73a28020e492fbad2323245455ef69d687

#syz fix: block: fix single bio async DIO error handling


> bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=1615e2b9b00000
> start commit:   04fe99a8d936 Add linux-next specific files for 20211207
> git tree:       linux-next
> final oops:     https://syzkaller.appspot.com/x/report.txt?x=1515e2b9b00000
> console output: https://syzkaller.appspot.com/x/log.txt?x=1115e2b9b00000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=4589399873466942
> dashboard link: https://syzkaller.appspot.com/bug?extid=3587cbbc6e1868796292
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=17db884db00000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=14e9eabdb00000
>
> Reported-by: syzbot+3587cbbc6e1868796292@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: 54a88eb838d3 ("block: add single bio async direct IO helper")
>
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection

--
Pavel Begunkov