Re: KASAN: use-after-free Read in j1939_session_get_by_addr
From: Dmitry Vyukov
Date: Tue Nov 05 2019 - 03:39:42 EST
On Tue, Nov 5, 2019 at 9:35 AM Marc Kleine-Budde <mkl@xxxxxxxxxxxxxx> wrote:
>
> On 11/5/19 9:21 AM, Jose Abreu wrote:
> > From: syzbot <syzbot+d9536adc269404a984f8@xxxxxxxxxxxxxxxxxxxxxxxxx>
> > Date: Nov/05/2019, 08:05:01 (UTC+00:00)
> >
> >> syzbot has bisected this bug to:
> >>
> >> commit 2af6106ae949651d529c8c3f0734c3a7babd0d4b
> >> Author: Jose Abreu <Jose.Abreu@xxxxxxxxxxxx>
> >> Date: Tue Jul 9 08:03:00 2019 +0000
> >>
> >> net: stmmac: Introducing support for Page Pool
> >
> > From the config provided, stmmac driver is not even enabled. Can you
> > please confirm the bisection process ?
>
> Looks like a false positive, as j1939 (net/can/j1939/) hit mainline with
> v5.4-rc1~131^2~78^2.
>
> While the bisected commit is v5.3-rc1~140^2~13^2.
Yes, the commit is most likely irrelevant. As you can see in the
bisection log the process was diverged by "WARNING: ODEBUG bug in
netdev_freemem". I think it's not the first and not the second time I
see that crash breaks bisection:
https://syzkaller.appspot.com/bug?id=96a64fde216dca408a5c25db4e57838c51e435aa