Re: KASAN: use-after-free Read in __list_add_valid (5)

On Thu, Jul 5, 2018 at 1:26 AM Eric Biggers wrote: > > On Tue, May 15, 2018 at 01:49:23PM -0700, Roland Dreier wrote: > > > Still reproducible on Linus' tree (commit 66e1c94db3cd4e) and on > > > linux-next > > > (next-20180511). Here's a simplified reproducer: > > > > Thanks! That's a

Re: KASAN: use-after-free Read in __list_add_valid (5)

On Tue, May 15, 2018 at 01:49:23PM -0700, Roland Dreier wrote: > > Still reproducible on Linus' tree (commit 66e1c94db3cd4e) and on linux-next > > (next-20180511). Here's a simplified reproducer: > > Thanks! That's a fantastic test case. > > The issue is a race where rdma_listen() sees invalid

Re: KASAN: use-after-free Read in __list_add_valid (5)

On Tue, May 15, 2018 at 01:49:23PM -0700, Roland Dreier wrote: > > Still reproducible on Linus' tree (commit 66e1c94db3cd4e) and on linux-next > > (next-20180511). Here's a simplified reproducer: > > Thanks! That's a fantastic test case. > > The issue is a race where rdma_listen() sees invalid

Re: KASAN: use-after-free Read in __list_add_valid (5)

> Still reproducible on Linus' tree (commit 66e1c94db3cd4e) and on linux-next > (next-20180511). Here's a simplified reproducer: Thanks! That's a fantastic test case. The issue is a race where rdma_listen() sees invalid state in the middle of an rdma_bind_addr() call that will ultimately fail.

Re: KASAN: use-after-free Read in __list_add_valid (5)

> Still reproducible on Linus' tree (commit 66e1c94db3cd4e) and on linux-next > (next-20180511). Here's a simplified reproducer: Thanks! That's a fantastic test case. The issue is a race where rdma_listen() sees invalid state in the middle of an rdma_bind_addr() call that will ultimately fail.

Re: KASAN: use-after-free Read in __list_add_valid (5)

On Sun, Mar 25, 2018 at 05:01:03PM -0700, syzbot wrote: > Hello, > > syzbot hit the following crash on upstream commit > bcfc1f4554662d8f2429ac8bd96064a59c149754 (Sat Mar 24 16:50:12 2018 +) > Merge tag 'pinctrl-v4.16-3' of > git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl

Re: KASAN: use-after-free Read in __list_add_valid (5)

On Sun, Mar 25, 2018 at 05:01:03PM -0700, syzbot wrote: > Hello, > > syzbot hit the following crash on upstream commit > bcfc1f4554662d8f2429ac8bd96064a59c149754 (Sat Mar 24 16:50:12 2018 +) > Merge tag 'pinctrl-v4.16-3' of > git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl

KASAN: use-after-free Read in __list_add_valid (5)

Hello, syzbot hit the following crash on upstream commit bcfc1f4554662d8f2429ac8bd96064a59c149754 (Sat Mar 24 16:50:12 2018 +) Merge tag 'pinctrl-v4.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl syzbot dashboard link:

KASAN: use-after-free Read in __list_add_valid (5)

Hello, syzbot hit the following crash on upstream commit bcfc1f4554662d8f2429ac8bd96064a59c149754 (Sat Mar 24 16:50:12 2018 +) Merge tag 'pinctrl-v4.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl syzbot dashboard link: