Re: KASAN: use-after-free Read in tcf_block_find

From: Eric Dumazet
Date: Thu Sep 27 2018 - 09:24:10 EST

Next message: Colin King: "[PATCH] RDMA/hns: fix spelling mistake "reseved" -> "reserved""
Previous message: Dietmar Eggemann: "Re: [PATCH] sched/fair: vruntime should normalize when switching from fair"
In reply to: Dmitry Vyukov: "Re: KASAN: use-after-free Read in tcf_block_find"
Next in thread: Dmitry Vyukov: "Re: KASAN: use-after-free Read in tcf_block_find"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09/27/2018 06:02 AM, Dmitry Vyukov wrote:

> I am not suggesting to commit this. This is just a hack for debugging.
> It in fact lead to some warnings, but still allowed me to reproduce
> the bug reliably.
>

Had you got more meaningful stack traces ?

(Showing which context was actually doing the dst_release())

>>> + dst_destroy_rcu(&dst->rcu_head);
>>> + }
>>> + }
>>> }
>>> }

Thanks.

Next message: Colin King: "[PATCH] RDMA/hns: fix spelling mistake "reseved" -> "reserved""
Previous message: Dietmar Eggemann: "Re: [PATCH] sched/fair: vruntime should normalize when switching from fair"
In reply to: Dmitry Vyukov: "Re: KASAN: use-after-free Read in tcf_block_find"
Next in thread: Dmitry Vyukov: "Re: KASAN: use-after-free Read in tcf_block_find"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]