On Wed, Nov 08, 2017 at 08:59:15AM +0100, Dmitry Vyukov wrote: > > Also the repro needs to be compiled with -m32 (but it does not compile > without it due to missing __NR_mmap2, so I guess you passed -m32).
OK that's what I was missing. I had hacked it to compile in 64-bit :) However, I still don't understand why it's crashing yet. What is clear is that we're getting a socket policy with xp->family set to zero, and the policy is created via the xfrm code path (as opposed to af_key). The xfrm code path is meant to forbid the creation of such a policy. I don't currently see how this is bypassing that check. But clearly it has found a way through the check since it's crashing. Cheers, -- Email: Herbert Xu <herb...@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
