KASAN: use-after-free Read in rpc_net_ns
Status: upstream: reported syz repro on 2020/05/07 09:36
Fix commit: 31e9a7f3 SUNRPC: fix use-after-free in rpc_free_client_work()
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386]
First crash: 70d, last: 60d

Cause bisection: introduced by (bisect log):

commit 7c4310ff56422ea43418305d22bbc5fe19150ec4
Author: NeilBrown <>
Date: Fri Apr 3 03:33:41 2020 +0000

  SUNRPC: defer slow parts of rpc_free_client() to a workqueue.

Crash: KASAN: use-after-free Read in rpc_net_ns (log)
Repro: syz .config

Sample crash report:

Crashes (10):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci-upstream-kasan-gce-root 2020/05/06 05:16 upstream dc56c5ac 35b8eb30 .config log report syz,,,,,,,,
ci-upstream-kasan-gce-selinux-root 2020/05/03 10:16 upstream f66ed1eb 5457883a .config log report syz,,,,,,,,
ci-upstream-kasan-gce-root 2020/05/13 09:31 upstream 24085f70 a44eb8f7 .config log report,,,,,,,,
ci-upstream-kasan-gce-smack-root 2020/05/12 20:12 upstream 24085f70 160c7698 .config log report,,,,,,,,
ci-upstream-kasan-gce-smack-root 2020/05/11 09:52 upstream 2ef96a5b f8f57555 .config log report,,,,,,,,
ci-upstream-kasan-gce-smack-root 2020/05/10 10:35 upstream 1d3962ae 8742a2b9 .config log report,,,,,,,,
ci-upstream-kasan-gce-smack-root 2020/05/08 15:25 upstream 79dede78 2b98fdbc .config log report,,,,,,,,
ci-upstream-kasan-gce-root 2020/05/06 02:48 upstream dc56c5ac 35b8eb30 .config log report,,,,,,,,
ci-upstream-kasan-gce-selinux-root 2020/05/05 13:42 upstream 47cf1b42 4b76dd25 .config log report,,,,,,,,
ci-upstream-kasan-gce-selinux-root 2020/05/03 09:26 upstream f66ed1eb 5457883a .config log report,,,,,,,,