Received: by 10.213.65.68 with SMTP id h4csp2117874imn; Sun, 8 Apr 2018 20:09:02 -0700 (PDT) X-Google-Smtp-Source: AIpwx4/GYh74Qt7pk1emmMQKYosM/qX6ODMa0mVHfeytIrkh8zfKuqejq2ALOH6Tyjg99eCDb/I0 X-Received: by 10.167.128.207 with SMTP id a15mr19839683pfn.116.1523243341983; Sun, 08 Apr 2018 20:09:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523243341; cv=none; d=google.com; s=arc-20160816; b=c3+DClIG30zyYOa+mOP3vmC0lsMWKE/5Qoq9JUI8smja0xwwor9drupL2AUCdMK4Qu ZdJu+CxQFo37WWwidngr9ckAWZSG6i/0YpmfQtjZ7L6NszzICw8pMJpKxanalOFY5gA3 F0kzyMrHPV3YeC553odWmPq3wIzAORbkb+WUbK8tC7/i+81musRIRvu7DN7OgYGkafCJ w8oxrXXmKWCxHWjYWdUS/EYTUm2X+dMAyqKNIA+UJBKZmjKNhyurUM3RWDUuS5/H857k 1XrCZuj/udBD+Qe8EVq3Fyu5g++uT6KeyVLQLRF87J+trFJIQJn9EuWZ2+UuF/zyBYtG y4Fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=SraPyjFzRx2L7PT/nMIvqGHHtj1lM5GnlkS43uwH0Zw=; b=g36b9m6AEJGKpTIhzd/H4QPHSLzYiDClmTH6LatJPEv1r6bdwi31GnFkACAhxX4tEq IReWQUvoGP+dsa4TYq1B80DHrHOjoLrtDaex6nxAwdn5YOnG4xjGcRg6TyY9dZxpYkEe 3uLD+HdqcHbAZE9DMXTUFVx0N3MPaLj1zvK1biBNkX8rV03eOiw2ITQJhblaCeveh9nm C+F+Rxjb6qinZyP4PWXSVa61RT3wS4KHT4LmmBHg21yOWJdu/Pw9pVC9jLf6D1wuJhn9 dxSTAgF8LuL38KT0mOBNEwLvrcn9JYsWmha6Fmdhu2LOK6MN/zdu1osYJnwp8QvF9sN2 rlJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=Q+ys9tV1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q2si8003751pfh.196.2018.04.08.20.08.25; Sun, 08 Apr 2018 20:09:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=Q+ys9tV1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933292AbeDIBFL (ORCPT + 99 others); Sun, 8 Apr 2018 21:05:11 -0400 Received: from aserp2130.oracle.com ([141.146.126.79]:45180 "EHLO aserp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933135AbeDIBFI (ORCPT ); Sun, 8 Apr 2018 21:05:08 -0400 Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1]) by aserp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w3914OuB025480; Mon, 9 Apr 2018 01:04:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to; s=corp-2017-10-26; bh=SraPyjFzRx2L7PT/nMIvqGHHtj1lM5GnlkS43uwH0Zw=; b=Q+ys9tV10OKRoap+Y+EWXLwZjZLKA/cp8VWNJ73YlLkOz1CgnkCDuKOB9TAPnQVzYTHl 1OiBr4seKDvGc4Ee7L6Y27IVGR+8TsvQCDOwLJHqTaw/7pV8NqSpbrnNoqih6ehLf6f8 wYcbP8PNzGglTf+O02NxmCr14FF0Sj6OXfHe3tCJuHZasXxc3Esjcfx57UMsUm963Hzd dMgMSgCkgKy7Gw1yyneP5O9XxZxOf2YLsK4aaZKjbpV5d3JawxoDIKmhWKL52TNmkQN4 4nuPLuP+vnSntx+fRO1WYhbYUgXf250MdHU5IpodINbMpJCJCFH87w46qWrs32wHMUqX uA== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2130.oracle.com with ESMTP id 2h6kgt37v6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 09 Apr 2018 01:04:36 +0000 Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w3914YSY020114 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 9 Apr 2018 01:04:35 GMT Received: from abhmp0011.oracle.com (abhmp0011.oracle.com [141.146.116.17]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w3914X79022730; Mon, 9 Apr 2018 01:04:33 GMT Received: from oracle.com (/10.39.200.145) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Sun, 08 Apr 2018 18:04:33 -0700 Date: Sun, 8 Apr 2018 21:04:31 -0400 From: Sowmini Varadhan To: Eric Biggers Cc: linux-rdma@vger.kernel.org, rds-devel@oss.oracle.com, Santosh Shilimkar , syzbot , davem@davemloft.net, kuznet@ms2.inr.ac.ru, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, syzkaller-bugs@googlegroups.com, yoshfuji@linux-ipv6.org Subject: Re: KASAN: use-after-free Read in inet_create Message-ID: <20180409010431.GA32646@oracle.com> References: <001a1144d1c8e819f6055fee7118@google.com> <20180408231756.GI685@sol.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180408231756.GI685@sol.localdomain> User-Agent: Mutt/1.5.24 (2015-08-30) X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8857 signatures=668698 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=2 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=597 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1804090011 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org #syz dup: KASAN: use-after-free Read in rds_cong_queue_updates There are a number of manifestations of this bug, basically all suggest that the connect/reconnect etc workqs are somehow being scheduled after the netns is deleted, despite the code refactoring in Commit 3db6e0d172c (and looks like the WARN_ONs in that commit are not even being triggered). We've not been able to reproduce this issues, and without a crash dump (or some hint of other threads that were running at the time of the problem) are working on figuring out the root-cause by code-inspection. --Sowmini