subject:"KASAN\: use\-after\-free Read in vgem_gem_dumb

KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-01 Thread syzbot

Hello, syzbot found the following crash on: HEAD commit:39bed42d Merge tag 'for-linus-hmm' of git://git.kernel.org.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=179465bee0 kernel config: https://syzkaller.appspot.com/x/.config?x=2646535f8818ae25 das

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-01-31 Thread Dan Carpenter

I don't totally understand the stack trace but I do see a double free bug. drivers/gpu/drm/vgem/vgem_drv.c 186 static struct drm_gem_object *vgem_gem_create(struct drm_device *dev, 187struct drm_file *file, 188

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-01 Thread Dan Carpenter

On Sat, Feb 01, 2020 at 12:32:09PM +0800, Hillf Danton wrote: > > Fri, 31 Jan 2020 14:28:10 -0800 (PST) > > syzbot found the following crash on: > > > > HEAD commit:39bed42d Merge tag 'for-linus-hmm' of git://git.kernel.org.. > > git tree: upstream > > console output: https://syzkaller.

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-01 Thread Dan Carpenter

On Sat, Feb 01, 2020 at 05:02:47PM +0800, Hillf Danton wrote: > > On Sat, 1 Feb 2020 09:17:57 +0300 Dan Carpenter wrote: > > On Sat, Feb 01, 2020 at 12:32:09PM +0800, Hillf Danton wrote: > > > > > > Release obj in error path. > > > > > > --- a/drivers/gpu/drm/vgem/vgem_drv.c > > > +++ b/drivers/g

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-01 Thread Hillf Danton

Fri, 31 Jan 2020 14:28:10 -0800 (PST) > syzbot found the following crash on: > > HEAD commit:39bed42d Merge tag 'for-linus-hmm' of git://git.kernel.org.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=179465bee0 > kernel config: https://syzkaller.

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-01 Thread Hillf Danton

On Sat, 1 Feb 2020 09:17:57 +0300 Dan Carpenter wrote: > On Sat, Feb 01, 2020 at 12:32:09PM +0800, Hillf Danton wrote: > > > > Release obj in error path. > > > > --- a/drivers/gpu/drm/vgem/vgem_drv.c > > +++ b/drivers/gpu/drm/vgem/vgem_drv.c > > @@ -196,10 +196,10 @@ static struct drm_gem_object

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-02 Thread Daniel Vetter

On Sat, Feb 1, 2020 at 5:26 PM Dan Carpenter wrote: > > On Sat, Feb 01, 2020 at 05:02:47PM +0800, Hillf Danton wrote: > > > > On Sat, 1 Feb 2020 09:17:57 +0300 Dan Carpenter wrote: > > > On Sat, Feb 01, 2020 at 12:32:09PM +0800, Hillf Danton wrote: > > > > > > > > Release obj in error path. > > >

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-02 Thread Daniel Vetter

On Fri, Jan 31, 2020 at 11:28 PM syzbot wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit:39bed42d Merge tag 'for-linus-hmm' of git://git.kernel.org.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=179465bee0 > kernel config:

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-03 Thread syzbot

syzbot has found a reproducer for the following crash on: HEAD commit:94f2630b Merge tag '5.6-rc-small-smb3-fix-for-stable' of g.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=11d6c776e0 kernel config: https://syzkaller.appspot.com/x/.config?x=99db4e4

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-03 Thread Dan Carpenter

On Sun, Feb 02, 2020 at 02:19:18PM +0100, Daniel Vetter wrote: > On Fri, Jan 31, 2020 at 11:28 PM syzbot > wrote: > > > > Hello, > > > > syzbot found the following crash on: > > > > HEAD commit:39bed42d Merge tag 'for-linus-hmm' of git://git.kernel.org.. > > git tree: upstream > > consol

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

2020-02-03 Thread Christian König

Am 03.02.20 um 10:06 schrieb Dan Carpenter: On Sun, Feb 02, 2020 at 02:19:18PM +0100, Daniel Vetter wrote: On Fri, Jan 31, 2020 at 11:28 PM syzbot wrote: Hello, syzbot found the following crash on: HEAD commit:39bed42d Merge tag 'for-linus-hmm' of git://git.kernel.org.. git tree: u

KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

Re: KASAN: use-after-free Read in vgem_gem_dumb_create

11 matches

Site Navigation

Mail list logo

Footer information