• LK v4.16.x - kernfs_get - warn

    kernfs_get - warn posted & found by zer0day tl;dr Found in LK v4.16.0-rc6. Call Trace (Dump) [ 58.664584] Call Trace: [ 58.664825] dump_stack+0x10a/0x1dd [ 58.665129] ? _atomic_dec_and_lock+0x163/0x163 [ 58.665539] ? kernfs_get+0x40/0x130 [ 58.665857] panic+0x1b3/0x3a4 [ 58.666129] ? add_taint.cold.3+0x16/0x16 [ 58.666486] ? __warn.cold.6+0x17c/0x1a4 [ 58.666867] ? kernfs_get+0x10c/0x130 [ 58.667180] __warn.cold.6+0x197/0x1a4 [...


  • LK v4.16.x - __might_fault - dead lock

    __might_fault - dead lock posted & found by zer0day tl;dr Got from syzkaller & Found in LK v4.16.0-rc6. Call Trace (Dump) WARNING: possible circular locking dependency detected 4.16.0-rc6+ #21 Not tainted ------------------------------------------------------ syz-executor3/13637 is trying to acquire lock: (&mm->mmap_sem){++++}, at: [<0000000083693474>] __might_fault+0xd4/0x1b0 mm/memory.c:4570 but task is already holding lock: (&rp->fetch_lock){+.+.},...


  • LK v4.16.x - xfrm_state_find - oobs

    xfrm_state_find - stack out of bounds posted & found by zer0day tl;dr Found in LK v4.16.0-rc6. stack-out-of-bounds in xfrm_state_find, 4 bytes read. Call Trace (Dump) [ 467.981313] dump_stack+0x10a/0x1dd [ 467.981824] ? _atomic_dec_and_lock+0x163/0x163 [ 467.982417] ? show_regs_print_info+0x12/0x12 [ 467.983088] ? xfrm_state_find+0x3c6/0x30f0 [ 467.983660] print_address_description+0x60/0x224 [ 467.984438] ? xfrm_state_find+0x3c6/0x30f0 [ 467.985208] kasan_report+0x196/0x2a0...


  • LK v4.16.x - socket - memory leak

    socket - memory leak posted & found by zer0day tl;dr Got from syzkaller & Found in LK v4.16.0-rc5 with enabling CONFIG_FAULT_INJECTION. Actually, i had a few of leaks related to socket$sctp worked in the past version of LK (maybe v4.14.x somewhere…). But i just forgot my dumps & codes… :(...


  • LK v4.16.x - perf_trace_buf_alloc - warn

    perf_trace_buf_alloc - warn posted & found by zer0day tl;dr Found in LK v4.16.0-rc5. Call Trace (Dump) [ 100.240063] perf buffer not large enough [ 100.240092] WARNING: CPU: 0 PID: 23132 at kernel/trace/trace_event_perf.c:288 perf_trace_buf_alloc+0x12a/0x170 [ 100.241844] Kernel panic - not syncing: panic_on_warn set ... Code In /include/linux/trace_events.h. #define PERF_MAX_TRACE_SIZE 2048 ......