Re: KASAN: use-after-free Read in sctp_sock_dump

From: Eric Dumazet
Date: Mon Oct 28 2019 - 17:18:10 EST

Next message: Robert Jarzmik: "Re: [PATCH 24/46] ARM: pxa: magician: use platform driver for audio"
Previous message: Robert Jarzmik: "Re: [PATCH 23/46] ARM: pxa: z2: use gpio lookup for audio device"
In reply to: Marcelo Ricardo Leitner: "Re: KASAN: use-after-free Read in sctp_sock_dump"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/28/19 8:36 AM, Marcelo Ricardo Leitner wrote:
> On Mon, Oct 28, 2019 at 08:32:08AM -0700, syzbot wrote:
>> Hello,
>>
>> syzbot found the following crash on:
>>
>> HEAD commit: d6d5df1d Linux 5.4-rc5
>> git tree: upstream
>> console output: https://syzkaller.appspot.com/x/log.txt?x=17ef5a70e00000
>> kernel config: https://syzkaller.appspot.com/x/.config?x=2bcb64e504d04eff
>> dashboard link: https://syzkaller.appspot.com/bug?extid=e5b57b8780297657b25b
>> compiler: gcc (GCC) 9.0.0 20181231 (experimental)
>> userspace arch: i386
>> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16cd8800e00000
>>
>> The bug was bisected to:
>>
>> commit 61086f391044fd587af9d70a9b8f6f800dd474ba
>> Author: Vlad Buslov <vladbu@xxxxxxxxxxxx>
>> Date: Fri Aug 2 19:21:56 2019 +0000
>>
>> net/mlx5e: Protect encap hash table with mutex
>>
>> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=135960af600000
>
> This is weird. This mlx5e commit has nothing to do with SCTP diag
> dump.

syzbot bisections results might be wrong, it happens quite often.

But the SCTP bug is probably real.

Next message: Robert Jarzmik: "Re: [PATCH 24/46] ARM: pxa: magician: use platform driver for audio"
Previous message: Robert Jarzmik: "Re: [PATCH 23/46] ARM: pxa: z2: use gpio lookup for audio device"
In reply to: Marcelo Ricardo Leitner: "Re: KASAN: use-after-free Read in sctp_sock_dump"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]