From: Xin Long
Date: Sun, 24 Mar 2019 00:48:22 +0800
> When running a syz script, a panic occurred:
...
> It was caused by the netns freed without deleting the discoverer timer,
> while later on the netns would be accessed in the timer handler.
>
> The timer should have been deleted by
Acked-by: Jon Maloy
> -Original Message-
> From: Xin Long
> Sent: 23-Mar-19 17:48
> To: network dev
> Cc: da...@davemloft.net; Jon Maloy ; Ying Xue
> ; tipc-discussion@lists.sourceforge.net;
> syzkal...@googlegroups.com
> Subject: [PATCH net] tipc: change to check tipc_own_id to return
On 3/24/19 12:48 AM, Xin Long wrote:
> When running a syz script, a panic occurred:
>
> [ 156.088228] BUG: KASAN: use-after-free in tipc_disc_timeout+0x9c9/0xb20
> [tipc]
> [ 156.094315] Call Trace:
> [ 156.094844]
> [ 156.095306] dump_stack+0x7c/0xc0
> [ 156.097346]
When running a syz script, a panic occurred:
[ 156.088228] BUG: KASAN: use-after-free in tipc_disc_timeout+0x9c9/0xb20
[tipc]
[ 156.094315] Call Trace:
[ 156.094844]
[ 156.095306] dump_stack+0x7c/0xc0
[ 156.097346] print_address_description+0x65/0x22e
[ 156.100445]