Re: KASAN: use-after-free Read in rds_tcp_dev_event

On Tue, Nov 14, 2017 at 4:30 AM, Girish Moodalbail wrote: > On 11/7/17 12:28 PM, syzbot wrote: >> >> Hello, >> >> syzkaller hit the following crash on >> 287683d027a3ff83feb6c7044430c79881664ecf >>

Re: KASAN: use-after-free Read in rds_tcp_dev_event

On Tue, Nov 14, 2017 at 4:30 AM, Girish Moodalbail wrote: > On 11/7/17 12:28 PM, syzbot wrote: >> >> Hello, >> >> syzkaller hit the following crash on >> 287683d027a3ff83feb6c7044430c79881664ecf >> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master >> compiler: gcc (GCC)

Re: KASAN: use-after-free Read in rds_tcp_dev_event

On (11/13/17 19:30), Girish Moodalbail wrote: > (L538-540). However, it leaves behind some of the rds_tcp connections that > shared the same underlying RDS connection (L534 and 535). These connections > with pointer to stale network namespace are left behind in the global list. It leaves behind

Re: KASAN: use-after-free Read in rds_tcp_dev_event

On (11/13/17 19:30), Girish Moodalbail wrote: > (L538-540). However, it leaves behind some of the rds_tcp connections that > shared the same underlying RDS connection (L534 and 535). These connections > with pointer to stale network namespace are left behind in the global list. It leaves behind

Re: KASAN: use-after-free Read in rds_tcp_dev_event

On 11/7/17 12:28 PM, syzbot wrote: Hello, syzkaller hit the following crash on 287683d027a3ff83feb6c7044430c79881664ecf git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master compiler: gcc (GCC) 7.1.1 20170620 .config is attached Raw console output is attached.

Re: KASAN: use-after-free Read in rds_tcp_dev_event

On 11/7/17 12:28 PM, syzbot wrote: Hello, syzkaller hit the following crash on 287683d027a3ff83feb6c7044430c79881664ecf git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master compiler: gcc (GCC) 7.1.1 20170620 .config is attached Raw console output is attached.