Re: [syzbot] [mptcp?] KASAN: slab-use-after-free Read in mptcp_pm_del_add_timer

From: Eric Dumazet
Date: Mon Nov 17 2025 - 03:32:36 EST

Next message: Heikki Krogerus: "Re: [PATCH v9 01/10] usb: typec: Add notifier functions"
Previous message: Nam Cao: "Re: [PATCH 2/2] rv: Convert to use __free"
In reply to: syzbot: "[syzbot] [mptcp?] KASAN: slab-use-after-free Read in mptcp_pm_del_add_timer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Nov 16, 2025 at 11:50 PM syzbot
<syzbot+2a6fbf0f0530375968df@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 98ac9cc4b445 Merge tag 'f2fs-fix-6.18-rc2' of git://git.ke..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=1712bdcd980000
> kernel config: https://syzkaller.appspot.com/x/.config?x=af9170887d81dea1
> dashboard link: https://syzkaller.appspot.com/bug?extid=2a6fbf0f0530375968df
> compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
>
> Unfortunately, I don't have any reproducer for this issue yet.
>
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/aa708867a71c/disk-98ac9cc4.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/5d853b65c8dc/vmlinux-98ac9cc4.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/f0f012153d60/bzImage-98ac9cc4.xz
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+2a6fbf0f0530375968df@xxxxxxxxxxxxxxxxxxxxxxxxx

I can post a V2 of
https://lore.kernel.org/netdev/20251114223136.113011-1-edumazet@xxxxxxxxxx/T/#u
including two more tags.

Next message: Heikki Krogerus: "Re: [PATCH v9 01/10] usb: typec: Add notifier functions"
Previous message: Nam Cao: "Re: [PATCH 2/2] rv: Convert to use __free"
In reply to: syzbot: "[syzbot] [mptcp?] KASAN: slab-use-after-free Read in mptcp_pm_del_add_timer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]