Re: KASAN: slab-out-of-bounds Read in ip6_tnl_parse_tlv_enc_lim

From: Jason Gunthorpe
Date: Tue Dec 10 2019 - 17:11:12 EST

Next message: Thomas Anderson: "[PATCH] drm/edid: Increase size of VDB and CMDB bitmaps to 256 bits"
Previous message: Andrew Jeffery: "Re: [PATCH] gpio: aspeed: avoid return type warning"
In reply to: syzbot: "Re: KASAN: slab-out-of-bounds Read in ip6_tnl_parse_tlv_enc_lim"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 10, 2019 at 02:08:01PM -0800, syzbot wrote:
> syzbot suspects this bug was fixed by commit:
>
> commit 30471d4b20335d9bd9ae9b2382a1e1e97d18d86d
> Author: Leon Romanovsky <leonro@xxxxxxxxxxxx>
> Date: Sun Feb 3 12:55:50 2019 +0000
>
> RDMA/core: Share driver structure size with core
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=16b7bb7ae00000
> start commit: 3a5af36b Merge tag '4.19-rc3-smb3-cifs' of git://git.samba..
> git tree: upstream
> kernel config: https://syzkaller.appspot.com/x/.config?x=9c4a80625153107e
> dashboard link: https://syzkaller.appspot.com/bug?extid=68dce7caebd8543121de
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1068a44e400000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=146386c6400000
>
> If the result looks correct, please mark the bug fixed by replying with:
>
> #syz fix: RDMA/core: Share driver structure size with core
>
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection

Seems pretty unlikely

Jason

Next message: Thomas Anderson: "[PATCH] drm/edid: Increase size of VDB and CMDB bitmaps to 256 bits"
Previous message: Andrew Jeffery: "Re: [PATCH] gpio: aspeed: avoid return type warning"
In reply to: syzbot: "Re: KASAN: slab-out-of-bounds Read in ip6_tnl_parse_tlv_enc_lim"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]