代码拉取完成,页面将自动刷新
问题报告:
==================================================================
BUG: KASAN: use-after-free in do_update_region+0x5ba/0x640
Read of size 2 at addr ffff888000100000 by task syz-executor.7/14761
CPU: 0 PID: 14761 Comm: syz-executor.7 Not tainted 4.19.90 #2
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
Call Trace:
dump_stack+0x111/0x19e
print_address_description+0x60/0x223
kasan_report.cold+0xae/0x2d8
do_update_region+0x5ba/0x640
csi_J+0x5fb/0xb20
do_con_trol+0x1d16/0x61b0
do_con_write.part.0+0xf59/0x1dc0
con_write+0x41/0xe0
n_tty_write+0x3fd/0x1070
tty_write+0x458/0x7a0
__vfs_write+0xf9/0x690
vfs_write+0x203/0x560
ksys_write+0x12b/0x2a0
do_syscall_64+0xc3/0x520
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45c479
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f2bafb6bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f2bafb6c6d4 RCX: 000000000045c479
RDX: 0000000000001878 RSI: 0000000020000840 RDI: 0000000000000003
RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000cd9 R14: 00000000004cebd5 R15: 000000000076bf2c
The buggy address belongs to the page:
page:ffffea0000004000 count:0 mapcount:-128 mapping:0000000000000000 index:0x0
flags: 0x0()
raw: 0000000000000000 ffff88807ffdc300 ffff88807ffdc300 0000000000000000
raw: 0000000000000000 0000000000000008 00000000ffffff7f 0000000000000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
ffff8880000fff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8880000fff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff888000100000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
^
ffff888000100080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ffff888000100100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
==================================================================
重现程序:
# {Threaded:false Collide:false Repeat:false RepeatTimes:0 Procs:1 Sandbox: Fault:false FaultCall:-1 FaultNth:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false UseTmpDir:false HandleSegv:false Repro:false Trace:false}
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000000)={0x4d, 0x1000, 0xf1})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r2, 0x4b3a, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf32(r3, &(0x7f0000000840)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x6, 0x5, 0x9, 0xfffffffffffffffa, 0x3, 0x3, 0x117, 0x45, 0x38, 0x1df, 0x5, 0x4, 0x20, 0x2, 0x1ff, 0x55, 0xfffb}, [{0x4, 0x4, 0x4, 0x1, 0x1, 0x3, 0x7, 0xfff}, {0x3, 0x5, 0x3, 0x1, 0x3f, 0x200, 0x4, 0x7}], "8b9fd8bb231117f4eba21908b0e4e5e998811b2448aafd8c0115eba2f62838d9a4d34ffc917c663eb0bfe01815d4e2335f2b09274c9c4694aecd3927d973f7fbb531e9ef671cd2350c0371caec86388af1ceb33dc60643b904e440910df3c997cfc2012b20a1906537ef89cade7bb15141c8e997689346e71c49997fcdb86a0e5b99e20aaf613c07ac5873c19e10da8925eb7762388cca509368725332b7eeb8532b3299ce87e4cf1f572aa98c1b0f0b48cd4600abadd895e8b671b0470586945c4f88351ee7f79ebc3f86a814bfe8be20b1d03105848dceea90ca8dd42ebb57dcb7ae182d07796a85a05701ff0f13fe9eebf18cc7d08e68e584fd390e1677ea006f71941bfcd598f7ea68bdd38dbd39489fd60a2f95042881f670b9e4de9092d298f10b3627657f59f3ef4373c5246905c0244131c593400013bf5f66fbf626d8b9df58f1c67d35cbbb8d285373b5c10e24ab76be1258fbd366a73bad899fb5495d8d3b29fd4ea2a8dae6f7b8245c6c5040db9e146ae30059ee55441f45cf3791ebc9c263ec183089850079af65c6a990045e685cf5c09fe2f185cdb3a783b385b0292427f4be72bde3078d256b6358b7ce71b876099dd0ec944c72a017828326ee81be0cff70163848f43edbe09f6b8895b2b6b77619eea09111d5b3c42e5e9ec4627bf72814f90af02b5c2341393f3812e2f1a170a66bc844d92b02646921444dd8500df701b2b06a43257478187230425e364c653dee51dac25593655bb4923bf9002c6e1804e81b409a577efb3fef89cee98ea4c15b63ec26e6102e6925847797b2fb870b1127dbd3d47f5e9e332ed3b29b22eb29eb3661c2d022af794061e7dfce88d606439dec6f5720927338376581d6e6278a50b8937cdc1ff0fe013f9f3c6c1b7aa893bf3a066a1802792f629b12165faa80c7fec2add9eca6617cda79f3c5852f2bcda253bc7154eb32758238edf02a6aadc256fe751481ee03321ab8f9925a066fd4c0765f2bee5168c44c0f86e95153e78d60d2c8c2f745eefa046ba06118f47dc5461352b0e68d4e534916269a07c178a8617d435e1412f98d6b6bacb178863fc6c2f2ee6547126fb2ef8a4d83fde68ce969221b8b2bfa0d75c1b9777d1e4403fa2ed882d7157b247b65626dff84ba3c0295b3a915c912d5d7f79da1fcf0080e47fbbbed26f5232d071176045e8289eff0952415e2ebf6499ea29f67ce97f88421d69f1f955de0e8c2e037f20f648cfe883a0da65436b02445d02970b8fd4ba6e344a8d7efa2435a04c164e16d32aebba9a67e9a6d660f2951e842f403dddce04c828beb004da1686fa085f0b2d7dd2afe33498f69faf3a07cd2107416ed790d569c3df52d39de5b5372f5570efc3d06c9c315ba7f70be89faaf16d1ead56a847112604b7728beee7eff62d4fc56d89360b7cbe105576941d304733a4e8fc534368b690a69ca776ab15bdc2422bb16562b5b0f658f7dc99596a170485a836efcc5325e61f66bca65960a736f2ff33833a48c40ae369c43dac340c8dd642799b347f3c10fcd5703520eead98f436c9773d68cd5e7f08a5f447155e9c61156833ba05ad949895b04697ae000d6b433d5e7d6fc99f5b2fbb9957afdd9371f7e7d91e7a47ba8fed232f014cf9f12ff5cbfa70ad06a8ee71d0b69df7b5817dcf43dc0e2847a5319cc044257249bdd16ef06c817ad445b0eafc6e2ca5780547888de21c8eba3a1affc6d2bd8e154e65a3e78c9c6e91919141e38df9af3ae627288a5d0c604ca80d382e9edec95c22c309556318234bf39381e893ac9f8f328592c82a536b3733c35f18adec30bf16365b83d878b34017d8b57cda98569556f7e292aeb16a1ba3a53e1e68ee2a527599aae6bfb5c97fa20583c5ac56a01aad4882371fd79b8def194c4ea9723d96763e426a04115c4371f24df5090bd79968b07c9ab5e36c97a3b2e02fa1234fba26dc4f7e36da4c27565758368792a33577ef5f937d016ae7e710a2e2034fbdc6ad9bcdabb80279a4d917210a809e7b1709b03076b06a3c5bd90840a4b137a5580b79965e42d5507995c3f1015a3e5f78c69740f73289eb7cddab9ee9888c2014a8fb90487675cd691f7d86021b3fc01520ce4a6e45c0d6ec108bc57783ca0ffd41c9421444e77459e37e7e2ab3bd62e89c5090d76a2b40e1fc087da87f9da4fe8a500375780d98043dd37289206b1d3800851dec69324c8292fb769b2211b7bc0636bbb2ff4ae2c5c3aab116ae03ef877122f0533dc0dbde37149162bd9c4cdd5a72b60b7d1b54599e449fd05be9b9714b5f2aa5bd6cd7ecfa0ea9b4a01ec9a9eb9461e1fd7b9462e0ab8f89890b4a444fdf032f4a89f02236cd13fe9fe839ea286712d2cdb5c565cb50d4d08e374c3bacf00558e0373e8a91ae87663b6f3c141b3089b7b429278acad1ae44fbc68641c910d1da184882f5123b743798f83e5ce419d4af6492538ac80d6728312869c39690d36966e0bd87f8fc90a5035829c145169a34dee2c78fda826c8c157b8f816b010d1e126d3f199b804ec24035f720ba0b510d58d50f96a2e704dbc51515aa4602edf591f6c7c21f2d9a4546ae705bada46c9a88d7d3de23e4def484d14cadd33ec118cf6f878ad2fbc95ff56760025a8a78536b610ccf71b90d250f5d1b8f52fd3ad06ed852982ced5d3dcc9ca8dfa7a6e3031e60bcefc5af7b744d06b41091ce270093679748182eb9e867a35dbfddeab5b2e514099237ca82b0554002d732aaae32ba5933b47f079f8e42cbddc269ff6a097a3c8aa08cefa390621308a4c497db3f9b20c0db3dab014f683b70bd1e189f18b4547fe95c6a720bca4c2db64c33ad41a0cf7a3a9b6aef6a67eeef175f643c9b6bd085869f1a0711338e7f2381859d5aaf0b3e90881b371db3bad38b0b016f5fe372e6d4ed8c91a8f09fbecdc80af283974451dd4231c08d67f529bea5d65b546b5f6fe73fa52fa58506c3a119f812b25b6fb3e459e96c62ce94ce8e671543060033b97b0941167d0d68500c62eb51d28ebc4308c7ef517cc2b44b95df6662a2ee06dc806b9f667d98d9d4a964c5934c356af34fdb3c4aad8604b2ca575d81265b763d5ae2c93567fc573adee2de3df383b0e240b6c92d404c921d5d59e8b61b5e1eb2d1f90ed7fb680c3d191194951776422974af269453bf3bccf4392679d8bb2f83a176cd348a4aa27fb09c2147d992a486b6a6605901f40436562d5f166af76635359b704b7da1b42a9c0764cd1cc2aa6b2735168042807fa28a640b3d5183d6860962366032d44a0c9cabecdb77987667f90051b42aa13efc92e79cba6715eadf19daa95a01a5c1c8c04f894fb23518d758d3d04a32fdaec818c7b43ce19512ef9e76c66571ee4e26299f743355733f5d54fb481366b304890a17b3f8bab79e42e5efcccb2681d86e9198cd5c04a9a5c8fbae05e4ad2c0925825dd1501c1409391734ba20df8ec2a295f918765085d3010056ac193acf6c6985595b21a95480805409b3fe3c9d6811705a84c924f3b0a6dfbf563ca48800dbe4cff497b3782331ef242aaae15a634c6eb260370d3042679bc030b5ac3da8625dab51d42cfdac46ce713920be41f6eb6900cb91d0c43b1aa43d2afe9e397f76948b717e37594d4af806d8b6f255992477124f4ac87244b1c3b46375c86e55071ab54af58fdc185fb453726d8e76dee538d684de5b3690257a84ca13c1f094d928248c14bb92caaf7672eaf18db16cd2499e551edbecd3a377b9bdd4293cb1d9213afec426c85a043ad18ce113f661c241151a47900f096b8527b05a232bbb970477f411b764098d0890ddbb69b3ffba4f7a6083bb8bd7fd9300912cff744d5119bb4c1e76944f4e0a517d2926932f78cc70bb3db055a78958336b30c0e0e8fdf0d6cd37a72bd031126f25d3c57e5caa30aa5340dd1e7b730d1b7ed830f61d2d93bc438682836dad5a650598a1f36877552be94557dddfecfd87ae796d406f543541c6e6efef870d13b31516669a769898391088e48972b1fa2e9b2c662e128d6dad8c17f5f7f5f62880e8fdc07aee15933bfd24983452cef624bc845182ad251297fcffd5c16bd5b0eac037b5862b20e08ce1a8d755fde1d49cf32d81fd63f74654dba692b272dd15ae19e0b873395e850e06666c9d3043149c95b79242f2f4a9ddcf716d7aee13463e81c1fff4e47be68db7a656c04b6260d8db00b9087c087203a74218ce6b76745976030b3d9a76e08dee9191a5e194495264d3dc2b1c3980806965f54ea88d79250e81c2a94f7a96be32c1d15cf4cbef1853d30fdea3def8020a6f64e64792a7c74c4e5703a8a326bc22a41c65847df3f68e40681e5cedd0b05d82a9e85e33f6b185eb16c561efaeca1aebea909656bc79efc9ae77665b589cc0c40117bb51d624d98c86c97a814fcde48948486f91b66936852b78ed4bc0f5101a12347b11403f456ad6486e0635ee39cdc400ec1002ebe95e71350cbfac520b290214a0f5e8bd43e5831b21db09859fa428d76436918923e25f1d7a5403cff3963274ecf4a6870a143e61383bdb3eac2ab7fda058a8104243b284de0ca062a27339116fb1d55bda68c215eac5a6d712833efc71d320323daf3fcd16cba1ef521569fbba2c75d64378da3dfd6d4e9ac7f974feba3db5297f21bd7e3053e28adfea25eae9fd6cccd3bd86ff88f3596895b5eb4cd3da9338e43bb2a454b25e62da99385bb38ecf611fa4d38787295e8bee0de84171b66751e246cbffc362c66bf1c207bad1a8c5e25db537fb21a705abdd9dd27c8ac87d54fd0a7293f71e3d9344771cb5f5b9f6cbf1e88883e04277aa3a77f7e22168a8eeb8b2bb35ac93580cd519ad4b0dffc327f24ff8e7cd94e8cceaffa274d6ab1483e9aa03a5a88f88859d959c1edd9cc78a86e46d3d331d8000e48bca9543e319530b5ba6db864ac3c83e71fc23c35133684807d9ddb5ce99821b89d936f3445ed8895c56261d211a728db535b1c997813a12f612791b9bc9b845bea29a3ecec90b8dd5cbcd32a73b1e1c25745312006c36eb6f1691fa16e1aa3126ba714d5ad647cd8cc603080b06f0aaae7456b35834194bef795d2b45404d046c4f29f00ce13444fbcfffb117a9c7f1e35c90deeadb75d3a4e01b7a5a10f93dd31efc86c0c119b55d83ebda29a9001b32842a0f228fc993540e1b472dca603750dc9133f9b0750c59f6e571b0f2c53cd4504616182a3ed9cf881d254b5d72e8bfba33a1ca79b2e190b75f431631b980ec075dd6bccffe1060737e26f84d6d1ee5de0ba083f5fe1fa25d4a88f402a01af6c035b684125ebdd1a404e1cc390d85f282d833d63d1cc6b93cd69d621094ab1dae7a3cebf192be1c77880116a6ba16a69c99f86b20a51c72038ccd2f5bcd5e88339f8ee555c32fbc36f4090de5e748d41314abba10be7a9df3f4ae9a89842d7a382a2312b6a0a08fa2a0d8aed22983e9aaf639d38a61b88bac9018dd2492626e57f94665d324bd1f39cd5d0fa261b166d206ce84044a979123207f6ce4e0d363be08f9e38d94d73c5d1cef23823eb6067f57f4a26b73f555f862dda59095097fbc9020036ad019efe18e0ec04ce0d32525d20c8d6a0c8595cf4b8febb75f34f07a9bec67bcc768299be8f648c20f57635882264401ccf882f47a9c649b81d42babc3b5a75fe7d698364d9cf09e4d1802e8f1ae6f72cb01691740a849c90e17234d90d8070e3f6cbfa0fa7b762efb845d927525516fdb4cc1b2200789ac444fb2c56a36bfe5a79979bf369a5", [[], [], [], [], [], [], [], []]}, 0x1878)
Hey @ccoder, Welcome to openEuler Community.
All of the projects in openEuler Community are maintained by @openeuler-ci-bot.
That means the developers can comment below every pull request or issue to trigger Bot Commands.
Please follow instructions at https://gitee.com/openeuler/community/blob/master/en/sig-infrastructure/command.md to find the details.
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
CONFIG_VGACON_SOFT_SCROLLBACK 这代码没人维护,被 Linus 删除掉了
不再合入此patch,关闭
登录 后才可以发表评论
