Re: KASAN: use-after-free Read in __queue_work (2)

From: syzbot
Date: Sat Dec 07 2019 - 14:46:08 EST

Next message: Kees Cook: "[GIT PULL] treewide conversion to sizeof_member() for v5.5-rc1"
Previous message: Sowjanya Komatineni: "Re: [PATCH v3 06/15] clk: tegra: Remove tegra_pmc_clk_init along with clk ids"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

syzbot suspects this bug was fixed by commit:

commit 430ac66eb4c5b5c4eb846b78ebf65747510b30f1
Author: Tomas Bortoli <tomasbortoli@xxxxxxxxx>
Date: Fri Jul 20 09:27:30 2018 +0000

net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()

bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15661282e00000
start commit: ca04b3cc Merge tag 'armsoc-fixes' of git://git.kernel.org/..
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=2ca6c7a31d407f86
dashboard link: https://syzkaller.appspot.com/bug?extid=1c9db6a163a4000d0765
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1473a452400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14087748400000

If the result looks correct, please mark the bug fixed by replying with:

#syz fix: net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()

For information about bisection process see: https://goo.gl/tpsmEJ#bisection

Next message: Kees Cook: "[GIT PULL] treewide conversion to sizeof_member() for v5.5-rc1"
Previous message: Sowjanya Komatineni: "Re: [PATCH v3 06/15] clk: tegra: Remove tegra_pmc_clk_init along with clk ids"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]