[rds-devel] KASAN: out-of-bounds Read in rds_cong_queue_updates (2)
Sowmini Varadhan
sowmini.varadhan at oracle.com
Wed Jun 13 03:19:29 PDT 2018
On (06/13/18 09:52), Dmitry Vyukov wrote:
> I think this is:
>
> #syz dup: KASAN: use-after-free Read in rds_cong_queue_updates
Indeed. We'd had a discussion about getting a dump of threads
using sysrq (or similar), given the challenges around actually
getting a crash dump, is that now possible? That will certainly help.
another missing bit is that we still need the sychronize_net()
in rds_release(). I realize synchronize_net() is sub-optimal for perf,
but leaving this existing hole where races can occur in unexpected
manifestations is not ideal either.
(See https://www.spinics.net/lists/netdev/msg475074.html for earlier
discussion thread)
--Sowmini
More information about the rds-devel
mailing list