All of lore.kernel.org
 help / color / mirror / Atom feed
From: Eric Biggers <ebiggers@kernel.org>
To: v9fs-developer@lists.sourceforge.net,
	Eric Van Hensbergen <ericvh@gmail.com>,
	Latchesar Ionkov <lucho@ionkov.net>,
	Dominique Martinet <asmadeus@codewreck.org>
Cc: linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Reminder: 18 open syzbot bugs in "fs/9p" subsystem
Date: Mon, 1 Jul 2019 23:29:35 -0700	[thread overview]
Message-ID: <20190702062935.GD3054@sol.localdomain> (raw)

[This email was generated by a script.  Let me know if you have any suggestions
to make it better, or if you want it re-generated with the latest status.]

Of the currently open syzbot reports against the upstream kernel, I've manually
marked 18 of them as possibly being bugs in the "fs/9p" subsystem.  I've listed
these reports below, sorted by an algorithm that tries to list first the reports
most likely to be still valid, important, and actionable.

Of these 18 bugs, 3 were seen in mainline in the last week.

If you believe a bug is no longer valid, please close the syzbot report by
sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to the
original thread, as explained at https://goo.gl/tpsmEJ#status

If you believe I misattributed a bug to the "fs/9p" subsystem, please let me
know, and if possible forward the report to the correct people or mailing list.

Here are the bugs:

--------------------------------------------------------------------------------
Title:              KASAN: use-after-free Read in __queue_work (2)
Last occurred:      4 days ago
Reported:           358 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=c14270323f22e896228f470164aac59114d388be
Original thread:    https://lkml.kernel.org/lkml/000000000000f665a30570885589@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+1c9db6a163a4000d0765@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000f665a30570885589@google.com

--------------------------------------------------------------------------------
Title:              WARNING: refcount bug in p9_req_put
Last occurred:      0 days ago
Reported:           228 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=af5bada8b8d40472d6cd6a34a9cc1dc4b46d03df
Original thread:    https://lkml.kernel.org/lkml/000000000000eb6a8e057ab79f82@google.com/T/#u

This bug has a syzkaller reproducer only.

The original thread for this bug received 1 reply, 226 days ago.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+edec7868af5997928fe9@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000eb6a8e057ab79f82@google.com

--------------------------------------------------------------------------------
Title:              memory leak in v9fs_cache_session_get_cookie
Last occurred:      0 days ago
Reported:           41 days ago
Branches:           Mainline
Dashboard link:     https://syzkaller.appspot.com/bug?id=f012bdf297a7a4c860c38a88b44fbee43fd9bbf3
Original thread:    https://lkml.kernel.org/lkml/0000000000001b266f058965f9a7@google.com/T/#u

This bug has a C reproducer.

No one has replied to the original thread for this bug yet.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+3a030a73b6c1e9833815@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000001b266f058965f9a7@google.com

--------------------------------------------------------------------------------
Title:              KASAN: use-after-free Read in p9_fd_poll
Last occurred:      323 days ago
Reported:           355 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=1b726e0a253ee75e902d090f68705da3d42d6ae0
Original thread:    https://lkml.kernel.org/lkml/000000000000afbebb0570be9bf3@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+0442e6e2f7e1e33b1037@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000afbebb0570be9bf3@google.com

--------------------------------------------------------------------------------
Title:              KMSAN: uninit-value in unix_find_other
Last occurred:      356 days ago
Reported:           358 days ago
Branches:           Mainline (with KMSAN patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=a18dffaab644e1a6f8c7e85ff0e18b6293ba8af6
Original thread:    https://lkml.kernel.org/lkml/0000000000004a927105708ab2d9@google.com/T/#u

This bug has a C reproducer.

The original thread for this bug received 1 reply, 357 days ago.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+75d51fe5bf4ebe988518@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000004a927105708ab2d9@google.com

--------------------------------------------------------------------------------
Title:              KMSAN: uninit-value in p9_client_rpc
Last occurred:      354 days ago
Reported:           356 days ago
Branches:           Mainline (with KMSAN patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=a90ca45133088ce07550f7cee0be028ee079c3f4
Original thread:    https://lkml.kernel.org/lkml/000000000000c541110570a978a4@google.com/T/#u

This bug has a C reproducer.

The original thread for this bug received 1 reply, 354 days ago.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+4de40388f584432bf004@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000c541110570a978a4@google.com

--------------------------------------------------------------------------------
Title:              general protection fault in p9_conn_cancel
Last occurred:      337 days ago
Reported:           355 days ago
Branches:           Mainline
Dashboard link:     https://syzkaller.appspot.com/bug?id=914af3becc310b7a00c1107f0c97bc6a1834e81d
Original thread:    https://lkml.kernel.org/lkml/000000000000ee4dab0570be896c@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+4d29d76a0da7a8c4d86c@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000ee4dab0570be896c@google.com

--------------------------------------------------------------------------------
Title:              KASAN: use-after-free Read in ep_scan_ready_list
Last occurred:      320 days ago
Reported:           355 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=f668a9aa79ed08cc1f386be0930a529f285a4ec8
Original thread:    https://lkml.kernel.org/lkml/0000000000005e2bf90570bbe2ab@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+78b902c73c69102cb767@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000005e2bf90570bbe2ab@google.com

--------------------------------------------------------------------------------
Title:              KASAN: use-after-free Read in p9_conn_cancel
Last occurred:      319 days ago
Reported:           358 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=cc9f4ab3d1198237b0ee1f751ca02e21f8d46445
Original thread:    https://lkml.kernel.org/lkml/000000000000d13b2e05708a9ca0@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+f0fdc967350bd580a80b@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000d13b2e05708a9ca0@google.com

--------------------------------------------------------------------------------
Title:              INFO: task hung in iterate_supers
Last occurred:      63 days ago
Reported:           356 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=3c0c173ff55822aacb81ce7ae27a6676fba29a5c
Original thread:    https://lkml.kernel.org/lkml/000000000000da8a9b0570a29c01@google.com/T/#u

This bug has a C reproducer.

The original thread for this bug received 4 replies; the last was 353 days ago.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+2349f5067b1772c1d8a5@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000da8a9b0570a29c01@google.com

--------------------------------------------------------------------------------
Title:              INFO: task hung in flush_work
Last occurred:      60 days ago
Reported:           420 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=70f8f16aafb20820a026882ea1ab613b4bfa2216
Original thread:    https://lkml.kernel.org/lkml/000000000000b15fb3056b9f94e7@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+2e7b6af5956e05e5cff7@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000b15fb3056b9f94e7@google.com

--------------------------------------------------------------------------------
Title:              BUG: corrupted list in p9_write_work
Last occurred:      280 days ago
Reported:           325 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=151aa3d92ac4b94c54797bd48465387068b1fddd
Original thread:    https://lkml.kernel.org/lkml/0000000000002a2fdf0573107004@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+1788bd5d4e051da6ec08@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000002a2fdf0573107004@google.com

--------------------------------------------------------------------------------
Title:              BUG: corrupted list in p9_conn_cancel
Last occurred:      257 days ago
Reported:           357 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=ed87cd63ebd6e82af690c83e59a3790276572fd1
Original thread:    https://lkml.kernel.org/lkml/00000000000054395605708fbd13@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+ad0832746849421bba05@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/00000000000054395605708fbd13@google.com

--------------------------------------------------------------------------------
Title:              BUG: corrupted list in p9_read_work (2)
Last occurred:      82 days ago
Reported:           220 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=5df4f85d764ee89863d0294b4e0c87ef2fd2c624
Original thread:    https://lkml.kernel.org/lkml/000000000000807fe4057b4f19c6@google.com/T/#u

This bug has a syzkaller reproducer only.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+77a25acfa0382e06ab23@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000807fe4057b4f19c6@google.com

--------------------------------------------------------------------------------
Title:              WARNING: ODEBUG bug in p9_fd_close
Last occurred:      318 days ago
Reported:           358 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=751ed5b74aa9a00ac4b39c32881fd32d6f6b875c
Original thread:    https://lkml.kernel.org/lkml/00000000000024f01405708aab83@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+d702a81aadeedd565723@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/00000000000024f01405708aab83@google.com

--------------------------------------------------------------------------------
Title:              KASAN: use-after-free Read in generic_perform_write
Last occurred:      335 days ago
Reported:           347 days ago
Branches:           linux-next
Dashboard link:     https://syzkaller.appspot.com/bug?id=ffccb5b7eaae1bd46ec0bd18aa9923cee7cfdb60
Original thread:    https://lkml.kernel.org/lkml/00000000000047116205715df655@google.com/T/#u

This bug has a C reproducer.

The original thread for this bug received 3 replies; the last was 346 days ago.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+b173e77096a8ba815511@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/00000000000047116205715df655@google.com

--------------------------------------------------------------------------------
Title:              general protection fault in do_raw_spin_unlock
Last occurred:      350 days ago
Reported:           350 days ago
Branches:           linux-next
Dashboard link:     https://syzkaller.appspot.com/bug?id=ed176b6fd7180236cd56d904bd6dcabd6e2f318b
Original thread:    https://lkml.kernel.org/lkml/000000000000fedc1105711f11fd@google.com/T/#u

This bug has a syzkaller reproducer only.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+83a25334ef203851dc81@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000fedc1105711f11fd@google.com

--------------------------------------------------------------------------------
Title:              general protection fault in p9_client_prepare_req
Last occurred:      278 days ago
Reported:           347 days ago
Branches:           linux-next
Dashboard link:     https://syzkaller.appspot.com/bug?id=993a3caa9e6efc13b53cd9531eeb9dc50d59a4e4
Original thread:    https://lkml.kernel.org/lkml/0000000000007870ef0571590bb2@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+77a28a63a0ece0fbba97@syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000007870ef0571590bb2@google.com


             reply	other threads:[~2019-07-02  6:29 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-02  6:29 Eric Biggers [this message]
2019-07-24  1:46 Reminder: 18 open syzbot bugs in "fs/9p" subsystem Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190702062935.GD3054@sol.localdomain \
    --to=ebiggers@kernel.org \
    --cc=asmadeus@codewreck.org \
    --cc=ericvh@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lucho@ionkov.net \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=v9fs-developer@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.