| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20191105080554.GA1006@gandi.net>
Date: Tue, 5 Nov 2019 09:05:54 +0100
From: Thibaut Sautereau <thibaut.sautereau@...p-os.org>
To: Eric Dumazet <eric.dumazet@...il.com>
Cc: netdev@...r.kernel.org, linux-mm@...ck.org,
linux-kernel@...r.kernel.org,
"David S. Miller" <davem@...emloft.net>,
Laura Abbott <labbott@...hat.com>,
Kees Cook <keescook@...omium.org>,
Alexander Potapenko <glider@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>, clipos@....gouv.fr
Subject: Re: Double free of struct sk_buff reported by
SLAB_CONSISTENCY_CHECKS with init_on_free
On Mon, Nov 04, 2019 at 09:33:18AM -0800, Eric Dumazet wrote:
>
>
> On 11/4/19 9:03 AM, Thibaut Sautereau wrote:
> >
> > We first encountered this issue under huge network traffic (system image
> > download), and I was able to reproduce by simply sending a big packet
> > with `ping -s 65507 <ip>`, which crashes the kernel every single time.
> >
>
> Since you have a repro, could you start a bisection ?
>From my previous email:
"Bisection points to the following commit: 1b7e816fc80e ("mm: slub:
Fix slab walking for init_on_free"), and indeed the BUG is not
triggered when init_on_free is disabled."
Or are you meaning something else?
--
Thibaut Sautereau
CLIP OS developer
Powered by blists - more mailing lists