From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752851AbdLDQo5 (ORCPT <rfc822;w@1wt.eu>);
        Mon, 4 Dec 2017 11:44:57 -0500
Received: from zeniv.linux.org.uk ([195.92.253.2]:60880 "EHLO
        ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752162AbdLDQox (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 4 Dec 2017 11:44:53 -0500
Date: Mon, 4 Dec 2017 16:44:52 +0000
From: Al Viro <viro@ZenIV.linux.org.uk>
To: syzbot 
        <bot+7f44246e4b515a3908f27c3ac65d68c7c6cb4544@syzkaller.appspotmail.com>
Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
        syzkaller-bugs@googlegroups.com
Subject: Re: KASAN: use-after-free Read in __fput
Message-ID: <20171204164452.GT21978@ZenIV.linux.org.uk>
References: <001a1146fbf6a6305c055cfdf55e@google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <001a1146fbf6a6305c055cfdf55e@google.com>
User-Agent: Mutt/1.9.0 (2017-09-02)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Nov 02, 2017 at 04:05:01AM -0700, syzbot wrote:
> Hello,
> 
> syzkaller hit the following crash on
> 3a99df9a3d14cd866b5516f8cba515a3bfd554ab
> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
> Raw console output is attached.

That one is almost certainly double-free in kcm_clone() fixed in
https://marc.info/?l=linux-netdev&m=151208776817071&q=raw