Displaying 20 results from an estimated 3000 matches similar to: "upstream boot error: KASAN: slab-out-of-bounds Write in virtio_gpu_object_create"
2020 Apr 06
2
upstream boot error: KASAN: slab-out-of-bounds Write in virtio_gpu_object_create
On Mon, Apr 6, 2020 at 10:06 AM Gerd Hoffmann <kraxel at redhat.com> wrote:
>
> On Mon, Apr 06, 2020 at 09:07:44AM +0200, Dmitry Vyukov wrote:
> > On Mon, Apr 6, 2020 at 8:46 AM syzbot
> > <syzbot+d3a7951ed361037407db at syzkaller.appspotmail.com> wrote:
> > >
> > > Hello,
> > >
> > > syzbot found the following crash on:
> >
2020 Apr 06
2
upstream boot error: KASAN: slab-out-of-bounds Write in virtio_gpu_object_create
On Mon, Apr 6, 2020 at 10:06 AM Gerd Hoffmann <kraxel at redhat.com> wrote:
>
> On Mon, Apr 06, 2020 at 09:07:44AM +0200, Dmitry Vyukov wrote:
> > On Mon, Apr 6, 2020 at 8:46 AM syzbot
> > <syzbot+d3a7951ed361037407db at syzkaller.appspotmail.com> wrote:
> > >
> > > Hello,
> > >
> > > syzbot found the following crash on:
> >
2020 Aug 24
2
Is: virtio_gpu_object_shmem_init issues? Was:Re: upstream boot error: general protection fault in swiotlb_map
On Thu, Aug 06, 2020 at 03:46:23AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 47ec5303 Merge git://git.kernel.org/pub/scm/linux/kernel/g..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=16fe1dea900000
> kernel config: https://syzkaller.appspot.com/x/.config?x=7c06047f622c5724
>
2020 Apr 06
0
upstream boot error: KASAN: slab-out-of-bounds Write in virtio_gpu_object_create
On Mon, Apr 06, 2020 at 09:07:44AM +0200, Dmitry Vyukov wrote:
> On Mon, Apr 6, 2020 at 8:46 AM syzbot
> <syzbot+d3a7951ed361037407db at syzkaller.appspotmail.com> wrote:
> >
> > Hello,
> >
> > syzbot found the following crash on:
> >
> > HEAD commit: ffc1c20c Merge tag 'for-5.7/dm-changes' of git://git.kerne..
> > git tree:
2020 Apr 06
0
upstream boot error: KASAN: slab-out-of-bounds Write in virtio_gpu_object_create
Hi,
> > > +drivers/gpu/drm/virtio/virtgpu_object.c maintainers
> > > Now we have both mainline and linux-next boot broken (linux-next is
> > > broken for the past 40 days).
> > > No testing of new code happens.
> > >
> > > > virtio_gpu_object_shmem_init drivers/gpu/drm/virtio/virtgpu_object.c:151 [inline]
> > > >
2018 Jul 31
1
KASAN: use-after-free Read in vhost_transport_send_pkt
On Mon, Jul 30, 2018 at 11:15:03AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: acb1872577b3 Linux 4.18-rc7
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=14eb932c400000
> kernel config: https://syzkaller.appspot.com/x/.config?x=2dc0cd7c2eefb46f
> dashboard link:
2019 Mar 25
2
INFO: task hung in vhost_net_stop_vq
Looks like more iotlb locking mess?
On Tue, Mar 19, 2019 at 10:21:00PM -0700, syzbot wrote:
> syzbot has bisected this bug to:
>
> commit 6b1e6cc7855b09a0a9bfa1d9f30172ba366f161c
> Author: Jason Wang <jasowang at redhat.com>
> Date: Thu Jun 23 06:04:32 2016 +0000
>
> vhost: new device IOTLB API
>
> bisection log:
2019 Mar 25
2
INFO: task hung in vhost_net_stop_vq
Looks like more iotlb locking mess?
On Tue, Mar 19, 2019 at 10:21:00PM -0700, syzbot wrote:
> syzbot has bisected this bug to:
>
> commit 6b1e6cc7855b09a0a9bfa1d9f30172ba366f161c
> Author: Jason Wang <jasowang at redhat.com>
> Date: Thu Jun 23 06:04:32 2016 +0000
>
> vhost: new device IOTLB API
>
> bisection log:
2019 Jul 27
2
INFO: rcu detected stall in vhost_worker
Fri, 26 Jul 2019 08:26:01 -0700 (PDT)
> syzbot has bisected this bug to:
>
> commit 0ecfebd2b52404ae0c54a878c872bb93363ada36
> Author: Linus Torvalds <torvalds at linux-foundation.org>
> Date: Sun Jul 7 22:41:56 2019 +0000
>
> Linux 5.2
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=118810bfa00000
> start commit: 13bf6d6a Add
2019 Jul 24
1
Reminder: 3 open syzbot bugs in vhost subsystem
On 2019/7/24 ??10:38, Eric Biggers wrote:
> [This email was generated by a script. Let me know if you have any suggestions
> to make it better, or if you want it re-generated with the latest status.]
>
> Of the currently open syzbot reports against the upstream kernel, I've manually
> marked 3 of them as possibly being bugs in the vhost subsystem. I've listed
> these
2018 Apr 09
2
kernel BUG at drivers/vhost/vhost.c:LINE! (2)
On Sat, Apr 7, 2018 at 3:02 AM, syzbot
<syzbot+65a84dde0214b0387ccd at syzkaller.appspotmail.com> wrote:
> syzbot hit the following crash on upstream commit
> 38c23685b273cfb4ccf31a199feccce3bdcb5d83 (Fri Apr 6 04:29:35 2018 +0000)
> Merge tag 'armsoc-drivers' of
> git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
> syzbot dashboard link:
>
2018 Apr 09
2
kernel BUG at drivers/vhost/vhost.c:LINE! (2)
On Sat, Apr 7, 2018 at 3:02 AM, syzbot
<syzbot+65a84dde0214b0387ccd at syzkaller.appspotmail.com> wrote:
> syzbot hit the following crash on upstream commit
> 38c23685b273cfb4ccf31a199feccce3bdcb5d83 (Fri Apr 6 04:29:35 2018 +0000)
> Merge tag 'armsoc-drivers' of
> git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
> syzbot dashboard link:
>
2019 Jun 06
1
memory leak in vhost_net_ioctl
On Wed, 05 Jun 2019 16:42:05 -0700 (PDT) syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: 788a0249 Merge tag 'arc-5.2-rc4' of git://git.kernel.org/p..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=15dc9ea6a00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=d5c73825cbdc7326
2019 Jun 06
1
memory leak in vhost_net_ioctl
On Wed, 05 Jun 2019 16:42:05 -0700 (PDT) syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: 788a0249 Merge tag 'arc-5.2-rc4' of git://git.kernel.org/p..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=15dc9ea6a00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=d5c73825cbdc7326
2023 May 30
1
[syzbot] [kvm?] [net?] [virt?] general protection fault in vhost_work_queue
On Tue, May 30, 2023 at 12:30:06AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 933174ae28ba Merge tag 'spi-fix-v6.4-rc3' of git://git.ker..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=138d4ae5280000
> kernel config: https://syzkaller.appspot.com/x/.config?x=f389ffdf4e9ba3f0
2019 Jun 13
2
memory leak in vhost_net_ioctl
Hello Dmitry
On Thu, 13 Jun 2019 20:12:06 +0800 Dmitry Vyukov wrote:
> On Thu, Jun 13, 2019 at 2:07 PM Hillf Danton <hdanton at sina.com> wrote:
> >
> > Hello Jason
> >
> > On Thu, 13 Jun 2019 17:10:39 +0800 Jason Wang wrote:
> > >
> > > This is basically a kfree(ubuf) after the second vhost_net_flush() in
> > > vhost_net_release().
>
2019 Jun 13
2
memory leak in vhost_net_ioctl
Hello Dmitry
On Thu, 13 Jun 2019 20:12:06 +0800 Dmitry Vyukov wrote:
> On Thu, Jun 13, 2019 at 2:07 PM Hillf Danton <hdanton at sina.com> wrote:
> >
> > Hello Jason
> >
> > On Thu, 13 Jun 2019 17:10:39 +0800 Jason Wang wrote:
> > >
> > > This is basically a kfree(ubuf) after the second vhost_net_flush() in
> > > vhost_net_release().
>
2018 Apr 09
1
kernel BUG at drivers/vhost/vhost.c:LINE! (2)
On Mon, Apr 09, 2018 at 05:44:36AM +0300, Michael S. Tsirkin wrote:
> On Mon, Apr 09, 2018 at 10:37:45AM +0800, Stefan Hajnoczi wrote:
> > On Sat, Apr 7, 2018 at 3:02 AM, syzbot
> > <syzbot+65a84dde0214b0387ccd at syzkaller.appspotmail.com> wrote:
> > > syzbot hit the following crash on upstream commit
> > > 38c23685b273cfb4ccf31a199feccce3bdcb5d83 (Fri Apr 6
2018 Mar 27
4
[PATCH net V2] vhost: correctly remove wait queue during poll failure
We tried to remove vq poll from wait queue, but do not check whether
or not it was in a list before. This will lead double free. Fixing
this by switching to use vhost_poll_stop() which zeros poll->wqh after
removing poll from waitqueue to make sure it won't be freed twice.
Cc: Darren Kenny <darren.kenny at oracle.com>
Reported-by: syzbot+c0272972b01b872e604a at
2018 Mar 27
4
[PATCH net V2] vhost: correctly remove wait queue during poll failure
We tried to remove vq poll from wait queue, but do not check whether
or not it was in a list before. This will lead double free. Fixing
this by switching to use vhost_poll_stop() which zeros poll->wqh after
removing poll from waitqueue to make sure it won't be freed twice.
Cc: Darren Kenny <darren.kenny at oracle.com>
Reported-by: syzbot+c0272972b01b872e604a at