Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp74770pxb; Tue, 21 Sep 2021 19:11:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyFRTUJarFntx6eM5pRwW1ERQVp2BWoXvmc7sgA+W/uscHOBGp0RIByG0wwoIMPvKYpmJ1u X-Received: by 2002:a05:6e02:1a03:: with SMTP id s3mr24025367ild.156.1632276694922; Tue, 21 Sep 2021 19:11:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632276694; cv=none; d=google.com; s=arc-20160816; b=ZgluImWSBrFrfForqq8mE1Q/i0cY2Tg2zO3TGmZ02TDJK/7lmIuBxqqsH/I39A7MDb 9yQThd4riNGFrpfnNeiTED1Hw+lqZwC1YU02xkijbKT3ioUdxGGZMLZjRP0uXhfx6xaE mRa4eVk49ciQKdD1PDN/vEuuKfb00nNbIBrrVsRXoHPcHwhnXDo902ibqLODIlpzNOq4 71++LU5yDLmqOsgkxrLv+tNsoat4vVNaY7yev3YLJvzFVLCWdhmQy6DVhvXwhgLVozw/ F13B+ijMzwHJrVF+2YjqVqCIyH0fQyyKaaMEMM5M0CEf7vnZlTlfl7uS+5l72FaQoKIn OhHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=dNeVX2/AAU67gCQ2hLPQYiycq7pGX1S/cb+hnnulRMw=; b=fnPACwk3orodkwhSGz7Ll9iRUyzbhAEp/BDrT20aTqBt/IAP/4+suouCsUH2oTTSx0 LMtqmmtHDTKEG3bwrs+bfalOTcBpriZQ8zGtqMJOVGQ/xndh7hzVZPxoFN70L2T7jGoF iaWLKp9V/aVNSh+Wz5KYgRYp3/nF+mSf0YjrDN41umN4sPKGBGTnIWU1sQdPJkrWVHj7 eo2+kdXEDSZ0hZPl96XeaeveRVB27TIk6qLVZJJN3AGd+hUCeGSzD6AENZycUBZ2CO1O MO97fGPtHSjh9YxJvM3mUCR7PUYEA8suk0XQBFutIrVNC2sDoRKJY3Iiu+nb1j4BAjn5 MDZg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Hl16FOFh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t6si770760ilj.70.2021.09.21.19.11.24; Tue, 21 Sep 2021 19:11:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Hl16FOFh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232598AbhIVB6b (ORCPT + 99 others); Tue, 21 Sep 2021 21:58:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53030 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230433AbhIVB6a (ORCPT ); Tue, 21 Sep 2021 21:58:30 -0400 Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DF0C6C061574 for ; Tue, 21 Sep 2021 18:57:00 -0700 (PDT) Received: by mail-qk1-x730.google.com with SMTP id 194so4018127qkj.11 for ; Tue, 21 Sep 2021 18:57:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dNeVX2/AAU67gCQ2hLPQYiycq7pGX1S/cb+hnnulRMw=; b=Hl16FOFhcPKOG3yu6QEh+1sf7oVY/P5Z6rCp241WQfOqSMZID/pCn1e66RwsiAj6+p mQKSvbAI+fBwkeW59i9hjFY99JHNIklaNSmeFVpWLb+iZqsxPShD0uwDwyO29txT0tf2 vvV4brKiBtJ1KNRnM9cCx2B24t7Pe9udL7/qbQIOuNDk7uzde6GVNRKNSP2Zl4UTHwP9 eWX0ma/R8aurBgiNUi3tQu9HWfwU+lzyMk8quwUEvwGukDHqFo7HRCPJ+WwBYB6gTZpE zcEV7F+KyARmpAhcwZzvbja6nuSNnbw2EHcO/vnhdxGxp9eg8Ebs+SBqcS16o0E14T7b f0bg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dNeVX2/AAU67gCQ2hLPQYiycq7pGX1S/cb+hnnulRMw=; b=6IM+xYq/y2SrUWPEU0wvuaBk80hEpj7HY/4B0cYDxw4jm5lEDvBHlyv/2ZRqxxMa/f vz/g51GDh4ybHIOBNtJs1g86oR3G/+p8mnKeEwup8XAiwIa5wMMIbRs+jA9E1O8Gax13 D7oVKZqZugR5Qh/Icxl4mS2kA0R80yfPnmMLgleWhZ/nMD9yTouK9EzqircwrQj9zSJQ G13tYEYQmFYLl/tiCWtciflVH8Z0M5jctdaKiBkEqc+3qLwhLNwBtyfGLSfiAar8OY6B pBpAiHLcur2zxKpZQc/dOlr61+suXio5opR7ETPBBZD7vcSdNBee4bHjLHDd17pJ6IHw Fmbw== X-Gm-Message-State: AOAM5322w4k8RAR0jFSwriipeNAi6QACx65GY1jh46r9ZARJ0yPw5XGH 3IeD+dz72RmwW7FpyTmfmHGP3PW2DT37/NNOLNIamA== X-Received: by 2002:a5b:783:: with SMTP id b3mr38459854ybq.328.1632275819299; Tue, 21 Sep 2021 18:56:59 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Eric Dumazet Date: Tue, 21 Sep 2021 18:56:48 -0700 Message-ID: Subject: Re: KASAN: use-after-free Read in tcp_write_timer_handler To: Hao Sun Cc: David Miller , David Ahern , Jakub Kicinski , netdev , Hideaki YOSHIFUJI , Andrii Nakryiko , Alexei Starovoitov , bpf , Daniel Borkmann , John Fastabend , Martin KaFai Lau , Linux Kernel Mailing List , Song Liu , Yonghong Song Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 21, 2021 at 6:43 PM Hao Sun wrote: > > Hello, > > When using Healer to fuzz the latest Linux kernel, the following crash > was triggered. > We have dozens of such reports provided already by syzbot. If you do not provide a repro, there is little hope.