Re: [PATCH] sock: Fix sk_sleep return invalid pointer
From: Paolo Abeni <pabeni@redhat.com>
Date: 2023-08-22 15:31:54
Also in:
linux-hams, lkml
From: Paolo Abeni <pabeni@redhat.com>
Date: 2023-08-22 15:31:54
Also in:
linux-hams, lkml
On Tue, 2023-08-22 at 20:44 +0800, eadavis@sina.com wrote:
From: Edward AD <redacted> The parameter sk_sleep(sk) passed in when calling prepare_to_wait may return an invalid pointer due to nr-release reclaiming the sock. Here, schedule_timeout_interruptible is used to replace the combination of 'prepare_to_wait, schedule, finish_wait' to solve the problem. Reported-and-tested-by: syzbot+666c97e4686410e79649@syzkaller.appspotmail.com Signed-off-by: Edward AD <redacted>
This looks wrong. No syscall should race with sock_release(). It looks like you are papering over the real issue. As the reproducer shows a disconnect on an connected socket, I'm wild guessing something alike 4faeee0cf8a5d88d63cdbc3bab124fb0e6aed08c should be more appropriate. Cheers, Paolo