From: Dmitry Vyukov <dvyukov@google.com>
To: Lukas Czerner <lczerner@redhat.com>
Cc: syzbot <syzbot+138c9e58e3cb22eae3b4@syzkaller.appspotmail.com>,
adilger.kernel@dilger.ca, cmaiolino@redhat.com,
linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org,
llvm@lists.linux.dev, nathan@kernel.org,
ndesaulniers@google.com, syzkaller-bugs@googlegroups.com,
tytso@mit.edu
Subject: Re: [syzbot] general protection fault in ext4_fill_super
Date: Mon, 7 Feb 2022 12:29:30 +0100 [thread overview]
Message-ID: <CACT4Y+Z-R1swsyGrdgy89zHvmAa8tsBVE=mLngsapr5qPre9ZQ@mail.gmail.com> (raw)
In-Reply-To: <20220207103009.id72sr4dtghgzp5f@work>
On Mon, 7 Feb 2022 at 11:30, Lukas Czerner <lczerner@redhat.com> wrote:
>
> On Sat, Feb 05, 2022 at 02:39:06PM -0800, syzbot wrote:
> > syzbot has bisected this issue to:
> >
> > commit cebe85d570cf84804e848332d6721bc9e5300e07
> > Author: Lukas Czerner <lczerner@redhat.com>
> > Date: Wed Oct 27 14:18:56 2021 +0000
> >
> > ext4: switch to the new mount api
> >
> > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=14902978700000
> > start commit: 0457e5153e0e Merge tag 'for-linus' of git://git.kernel.org..
> > git tree: upstream
> > final oops: https://syzkaller.appspot.com/x/report.txt?x=16902978700000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=12902978700000
> > kernel config: https://syzkaller.appspot.com/x/.config?x=cd57c0f940a9a1ec
> > dashboard link: https://syzkaller.appspot.com/bug?extid=138c9e58e3cb22eae3b4
> > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17f7004fb00000
> > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=178cf108700000
> >
> > Reported-by: syzbot+138c9e58e3cb22eae3b4@syzkaller.appspotmail.com
> > Fixes: cebe85d570cf ("ext4: switch to the new mount api")
> >
> > For information about bisection process see: https://goo.gl/tpsmEJ#bisection
> >
>
> I believe that this has been fixed with upstream commit
>
> commit 7c268d4ce2d3761f666a9950b029c8902bfab710
> Author: Lukas Czerner <lczerner@redhat.com>
> Date: Wed Jan 19 14:02:09 2022 +0100
>
> ext4: fix potential NULL pointer dereference in ext4_fill_super()
>
> By mistake we fail to return an error from ext4_fill_super() in case
> that ext4_alloc_sbi() fails to allocate a new sbi. Instead we just set
> the ret variable and allow the function to continue which will later
> lead to a NULL pointer dereference. Fix it by returning -ENOMEM in the
> case ext4_alloc_sbi() fails.
>
> Fixes: cebe85d570cf ("ext4: switch to the new mount api")
> Reported-by: kernel test robot <lkp@intel.com>
> Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
> Signed-off-by: Lukas Czerner <lczerner@redhat.com>
> Link: https://lore.kernel.org/r/20220119130209.40112-1-lczerner@redhat.com
> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
> Cc: stable@kernel.org
Let's tell syzbot then:
#syz fix: ext4: fix potential NULL pointer dereference in ext4_fill_super()
Thanks
prev parent reply other threads:[~2022-02-07 11:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-17 8:23 [syzbot] general protection fault in ext4_fill_super syzbot
2022-02-05 19:50 ` syzbot
2022-02-05 22:39 ` syzbot
2022-02-07 10:30 ` Lukas Czerner
2022-02-07 11:29 ` Dmitry Vyukov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACT4Y+Z-R1swsyGrdgy89zHvmAa8tsBVE=mLngsapr5qPre9ZQ@mail.gmail.com' \
--to=dvyukov@google.com \
--cc=adilger.kernel@dilger.ca \
--cc=cmaiolino@redhat.com \
--cc=lczerner@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=syzbot+138c9e58e3cb22eae3b4@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.