syzbot


general protection fault in mm_update_next_owner
Status: fixed on 2019/08/27 17:15
Reported-by: syzbot+f625baafb9a1c4bfc3f6@syzkaller.appspotmail.com
Fix commit: 95fa1454 bpf: sockmap/tls, close can race with map free
First crash: 106d, last: 106d
Bisection: introduced by (bisect log):

commit e9db4ef6bf4ca9894bb324c76e01b8f1a16b2650
Author: John Fastabend <john.fastabend@gmail.com>
Date: Sat Jun 30 13:17:47 2018 +0000

  bpf: sockhash fix omitted bucket lock in sock_close

Tree: net
Crash: KASAN: use-after-free Write in bpf_tcp_close (log)
Repro: syz .config
Bisection: fixed by (bisect log):

commit 95fa145479fbc0a0c1fd3274ceb42ec03c042a4a
Author: John Fastabend <john.fastabend@gmail.com>
Date: Fri Jul 19 17:29:22 2019 +0000

  bpf: sockmap/tls, close can race with map free

Tree: net

Sample crash report:

All crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci-upstream-net-this-kasan-gce 2019/06/08 15:49 net 38e406f6 0159583c .config log report syz aarcange@redhat.com, akpm@linux-foundation.org, andrea.parri@amarulasolutions.com, avagin@gmail.com, dbueso@suse.de, ebiederm@xmission.com, linux-kernel@vger.kernel.org, oleg@redhat.com, prsood@codeaurora.org