Re: general protection fault in selinux_socket_sendmsg (2)

From: Tetsuo Handa
Date: Mon Nov 25 2019 - 17:05:04 EST


On 2019/11/26 4:28, syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit:ÂÂÂ 6b8a7946 Merge tag 'for_linus' of git://git.kernel.org/pub..
> git tree:ÂÂÂÂÂÂ upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=1680ab8ce00000
> kernel config:Â https://syzkaller.appspot.com/x/.config?x=4737c15fc47048f2
> dashboard link: https://syzkaller.appspot.com/bug?extid=314db21f0d5c1f53856c
> compiler:ÂÂÂÂÂÂ gcc (GCC) 9.0.0 20181231 (experimental)
>
> Unfortunately, I don't have any reproducer for this crash yet.

Original bug has syz reproducer.

>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+314db21f0d5c1f53856c@xxxxxxxxxxxxxxxxxxxxxxxxx
>

net/rxrpc/output.c:655

#syz dup: KMSAN: use-after-free in rxrpc_send_keepalive