On Wed, Aug 22, 2018 at 11:16:31PM -0700, Eric Biggers wrote: > Hello RDMA / InfiniBand maintainers, > > This is an RDMA bug and it still occurs on Linus' tree as of today > (commit 815f0ddb346c1960). > > I've also simplified the reproducer for it; see below after the original report. > Apparently it involves a race between RDMA_USER_CM_CMD_RESOLVE_IP and > RDMA_USER_CM_CMD_LISTEN. That is an amazing reproducer! I have a feeling this is the same cause as all the other syzkaller bugs in this code: lack of any sane locking at all :\ We've talked about chucking a big lock around this whole thing, but nobody has done it yet.. It isn't so simple. Jason
