From: Eric Dumazet
Date: Sun, 28 Apr 2019 12:22:25 -0700
> We had many syzbot reports that seem to be caused by use-after-free
> of struct fib6_info.
>
> ip6_dst_destroy(), fib6_drop_pcpu_from() and rt6_remove_exception()
> are writers vs rt->from, and use non consistent synchronization among
>
On Sun, Apr 28, 2019 at 12:24 PM Eric Dumazet wrote:
>
> We had many syzbot reports that seem to be caused by use-after-free
> of struct fib6_info.
>
> ip6_dst_destroy(), fib6_drop_pcpu_from() and rt6_remove_exception()
> are writers vs rt->from, and use non consistent synchronization among
> them
On Sun, Apr 28, 2019 at 12:22:25PM -0700, Eric Dumazet wrote:
> We had many syzbot reports that seem to be caused by use-after-free
> of struct fib6_info.
>
> ip6_dst_destroy(), fib6_drop_pcpu_from() and rt6_remove_exception()
> are writers vs rt->from, and use non consistent synchronization among
On 4/28/19 1:22 PM, Eric Dumazet wrote:
> We had many syzbot reports that seem to be caused by use-after-free
> of struct fib6_info.
>
> ip6_dst_destroy(), fib6_drop_pcpu_from() and rt6_remove_exception()
> are writers vs rt->from, and use non consistent synchronization among
> themselves.
>
> Sw
We had many syzbot reports that seem to be caused by use-after-free
of struct fib6_info.
ip6_dst_destroy(), fib6_drop_pcpu_from() and rt6_remove_exception()
are writers vs rt->from, and use non consistent synchronization among
themselves.
Switching to xchg() will solve the issues with no possible
