1. Patchew
  2. linux
  3. View series

[syzbot] [jfs?] KASAN: slab-use-after-free Read in dbFreeBits

Edward Adam Davis posted 1 patch 1 year, 5 months ago
There is a newer version of this series
[syzbot] [jfs?] KASAN: slab-use-after-free Read in dbFreeBits
Posted by Edward Adam Davis 1 year, 5 months ago 
sync jfs remount and  jfs ioctrl with s_umount

#syz test: upstream master

diff --git a/fs/jfs/jfs_dmap.c b/fs/jfs/jfs_dmap.c
index cb3cda1390ad..a409ae18454a 100644
--- a/fs/jfs/jfs_dmap.c
+++ b/fs/jfs/jfs_dmap.c
@@ -1645,7 +1645,9 @@ s64 dbDiscardAG(struct inode *ip, int agno, s64 minlen)
 		 * call jfs_issue_discard() itself */
 		if (!(JFS_SBI(sb)->flag & JFS_DISCARD))
 			jfs_issue_discard(ip, tt->blkno, tt->nblocks);
+		down_read(&sb->s_umount);
 		dbFree(ip, tt->blkno, tt->nblocks);
+		up_read(&sb->s_umount);
 		trimmed += tt->nblocks;
 	}
 	kfree(totrim);
Re: [syzbot] [jfs?] KASAN: slab-use-after-free Read in dbFreeBits
Posted by syzbot 1 year, 5 months ago 
Hello,

syzbot has tested the proposed patch and the reproducer did not trigger any issue:

Reported-by: syzbot+3c010e21296f33a5dc16@syzkaller.appspotmail.com
Tested-by: syzbot+3c010e21296f33a5dc16@syzkaller.appspotmail.com

Tested on:

commit:         e5fa841a Merge tag 'pull-fixes' of git://git.kernel.or..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=11dabbd9980000
kernel config:  https://syzkaller.appspot.com/x/.config?x=92c0312151c4e32e
dashboard link: https://syzkaller.appspot.com/bug?extid=3c010e21296f33a5dc16
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
patch:          https://syzkaller.appspot.com/x/patch.diff?x=10ca698d980000

Note: testing is done by a robot and is best-effort only.

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.