Re: [syzbot] KASAN: use-after-free Read in io_wq_worker_wake

From: syzbot
Date: Mon Jan 09 2023 - 12:59:36 EST

Next message: sdf: "Re: [PATCH HID for-next v1 1/9] selftests: hid: add vmtest.sh"
Previous message: Conor Dooley: "Re: [PATCH v3 1/3] dt-bindings: rng: Add StarFive TRNG module"
In reply to: syzbot: "Re: [syzbot] KASAN: use-after-free Read in io_wq_worker_wake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

syzbot has bisected this issue to:

commit af82425c6a2d2f347c79b63ce74fca6dc6be157f
Author: Jens Axboe <axboe@xxxxxxxxx>
Date: Mon Jan 2 23:49:46 2023 +0000

io_uring/io-wq: free worker if task_work creation is canceled

bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=12cda5d2480000
start commit: 1fe4fd6f5cad Merge tag 'xfs-6.2-fixes-2' of git://git.kern..
git tree: upstream
final oops: https://syzkaller.appspot.com/x/report.txt?x=11cda5d2480000
console output: https://syzkaller.appspot.com/x/log.txt?x=16cda5d2480000
kernel config: https://syzkaller.appspot.com/x/.config?x=8b79b14037065d92
dashboard link: https://syzkaller.appspot.com/bug?extid=b3ba2408ce0c74bb9230
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1388e5f2480000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=127f1aa4480000

Reported-by: syzbot+b3ba2408ce0c74bb9230@xxxxxxxxxxxxxxxxxxxxxxxxx
Fixes: af82425c6a2d ("io_uring/io-wq: free worker if task_work creation is canceled")

For information about bisection process see: https://goo.gl/tpsmEJ#bisection

Next message: sdf: "Re: [PATCH HID for-next v1 1/9] selftests: hid: add vmtest.sh"
Previous message: Conor Dooley: "Re: [PATCH v3 1/3] dt-bindings: rng: Add StarFive TRNG module"
In reply to: syzbot: "Re: [syzbot] KASAN: use-after-free Read in io_wq_worker_wake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]