Re: [syzbot] KASAN: use-after-free Read in mas_next_nentry
From: Liam R. Howlett
Date: Thu Jan 26 2023 - 08:15:41 EST
syz fix: fs/userfaultfd: Fix maple tree iterator in userfaultfd_unregister()
* syzbot <syzbot+7170d66493145b71afd4@xxxxxxxxxxxxxxxxxxxxxxxxx> [230125 17:04]:
> syzbot suspects this issue was fixed by commit:
>
> commit 59f2f4b8a757412fce372f6d0767bdb55da127a8
> Author: Liam Howlett <liam.howlett@xxxxxxxxxx>
> Date: Mon Nov 7 20:11:42 2022 +0000
>
> fs/userfaultfd: Fix maple tree iterator in userfaultfd_unregister()
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=129e8afe480000
> start commit: b229b6ca5abb Merge tag 'perf-tools-fixes-for-v6.1-2022-10-..
> git tree: upstream
> kernel config: https://syzkaller.appspot.com/x/.config?x=a66c6c673fb555e8
> dashboard link: https://syzkaller.appspot.com/bug?extid=7170d66493145b71afd4
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11bfb2a9880000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10b1d319880000
>
> If the result looks correct, please mark the issue as fixed by replying with:
>
> #syz fix: fs/userfaultfd: Fix maple tree iterator in userfaultfd_unregister()
>
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection