KASAN: slab-out-of-bounds Read in bitmap_ip_ext_cleanup

Dan Carpenter dan.carpenter at oracle.com
Mon Jan 20 09:46:15 PST 2020


On Mon, Jan 20, 2020 at 02:19:31PM +0100, Christian Brauner wrote:
> On Sun, Jan 19, 2020 at 05:35:01PM -0800, syzbot wrote:
> > syzbot has bisected this bug to:
> > 
> > commit d68dbb0c9ac8b1ff52eb09aa58ce6358400fa939
> > Author: Christian Brauner <christian at brauner.io>
> > Date:   Thu Jun 20 23:26:35 2019 +0000
> > 
> >     arch: handle arches who do not yet define clone3
> > 
> > bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=1456fed1e00000
> > start commit:   09d4f10a net: sched: act_ctinfo: fix memory leak
> > git tree:       net
> > final crash:    https://syzkaller.appspot.com/x/report.txt?x=1656fed1e00000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=1256fed1e00000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=7e89bd00623fe71e
> > dashboard link: https://syzkaller.appspot.com/bug?extid=6491ea8f6dddbf04930e
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=141af959e00000
> > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1067fa85e00000
> > 
> > Reported-by: syzbot+6491ea8f6dddbf04930e at syzkaller.appspotmail.com
> > Fixes: d68dbb0c9ac8 ("arch: handle arches who do not yet define clone3")
> > 
> > For information about bisection process see: https://goo.gl/tpsmEJ#bisection
> 
> This bisect seems bogus.
> 

Yeah.  József Kadlecsik already fixed the bug in a different thread.  It
was reported as seven different bugs so there was a bunch of threads for
it.

regards,
dan carpenter



More information about the linux-arm-kernel mailing list