Re: KASAN: use-after-free Read in tls_wait_data

From: Jakub Kicinski
Date: Thu Aug 08 2019 - 20:20:47 EST


On Thu, 08 Aug 2019 09:44:07 -0700, syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: 7b4980e0 Add linux-next specific files for 20190802
> git tree: linux-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=14a749b4600000
> kernel config: https://syzkaller.appspot.com/x/.config?x=7e1348afd44b5e02
> dashboard link: https://syzkaller.appspot.com/bug?extid=30c791a76814a3c6c9f9
> compiler: gcc (GCC) 9.0.0 20181231 (experimental)
>
> Unfortunately, I don't have any reproducer for this crash yet.
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+30c791a76814a3c6c9f9@xxxxxxxxxxxxxxxxxxxxxxxxx

Also old tree, pretty confidently I can say:

#syz fix: net/tls: partially revert fix transition through disconnect with close