Re: KASAN: slab-out-of-bounds Read in rds_cong_queue_updates

From: Dmitry Vyukov
Date: Mon Mar 19 2018 - 02:47:53 EST

Next message: Guo Ren: "Re: [PATCH 02/19] csky: Exception handling and syscall"
Previous message: Stephen Rothwell: "linux-next: manual merge of the akpm-current tree with the sparc-next tree"
In reply to: Sowmini Varadhan: "Re: KASAN: slab-out-of-bounds Read in rds_cong_queue_updates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 19, 2018 at 9:37 AM, Sowmini Varadhan
<sowmini.varadhan@xxxxxxxxxx> wrote:
> On (03/19/18 09:29), Dmitry Vyukov wrote:
>>
>> This looks the same as:
>>
>> #syz dup: KASAN: use-after-free Read in rds_cong_queue_updates
>
> correct, seems like the rds_destroy_pending() fixes did not seal
> this race condition. I need to look at this more carefully to see
> what race I missed.. no easy answer here, I am afraid.

Hi Sowmini,

What fix do you mean? syzbot does not know about any fixes for any of
the bugs as far as I see. So maybe your fix actually fixed it, but
it's not in upstream yes, and syzbot still finds this in upstream.
We tell syzbot about fixes (with Reported-by tags or "#syz fix" email
commands) to be able to later make sense of the state of the bugs.

Next message: Guo Ren: "Re: [PATCH 02/19] csky: Exception handling and syscall"
Previous message: Stephen Rothwell: "linux-next: manual merge of the akpm-current tree with the sparc-next tree"
In reply to: Sowmini Varadhan: "Re: KASAN: slab-out-of-bounds Read in rds_cong_queue_updates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]