On Fri, Jan 1, 2016 at 5:58 AM, Dmitry Vyukov wrote:
> GPF seems to be caused by a data race on socket state.
Seems you are right, I think the following patch should work:
diff --git a/net/nfc/llcp_sock.c b/net/nfc/llcp_sock.c
index ecf0a01..5a91997 100644
--- a/net/nfc/llcp_sock.c
+++ b/net/nfc
On Fri, Jan 1, 2016 at 12:58 PM, Cong Wang wrote:
>
> It looks like we forget to initialize ->service_name_len
> and ->servicce_name before bind().
Never mind, __GFP_ZERO is passed in sk_alloc()...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message
On Fri, Jan 1, 2016 at 5:58 AM, Dmitry Vyukov wrote:
>
> kasan: GPF could be caused by NULL-ptr deref or user memory
> accessgeneral protection fault: [#51] SMP KASAN
> Modules linked in:
> CPU: 2 PID: 4207 Comm: a.out Not tainted 4.4.0-rc7+ #184
> Hardware name: QEMU Standard PC (i440FX + PI
Hello,
The following program triggers GPF in llcp_sock_getname:
// autogenerated by syzkaller (http://github.com/google/syzkaller)
#include
#include
#include
#include
#include
#include
#include
#include
int fd;
void *thr(void *arg)
{
struct sockaddr_nfc_llcp sa;
sa.sa_fa
4 matches
Mail list logo