On Thu, Apr 19, 2018 at 05:09:16PM +0900, DaeRyong Jeong wrote: > We report the crash: > KASAN: slab-out-of-bounds Write in tty_insert_flip_string_fixed_flag > > This crash has been found in v4.16 using RaceFuzzer (a modified > version of Syzkaller), which we describe more at the end of this > report. Our analysis shows that the race occurs when invoking two > syscalls concurrently, ioctl$TCXONC(r0, 0x540a, 0x2) and > ioctl$TCXONC(r0, 0x540a, 0x1).
Nice! Do you have a kernel patch to resolve this issue? thanks, greg k-h