lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANp29Y6KHBE-fpfJCXeN5Ju_qSOfUYAp2n+cNrGj25QtU0X=sA@mail.gmail.com> Date: Fri, 16 Dec 2022 15:09:04 +0100 From: Aleksandr Nogikh <nogikh@...gle.com> To: Lee Jones <lee@...nel.org> Cc: "Theodore Ts'o" <tytso@....edu>, syzbot <syzbot+15cd994e273307bf5cfa@...kaller.appspotmail.com>, adilger.kernel@...ger.ca, gregkh@...uxfoundation.org, lczerner@...hat.com, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org, sashal@...nel.org, stable@...r.kernel.org, syzkaller-android-bugs@...glegroups.com, tadeusz.struk@...aro.org Subject: Re: kernel BUG in ext4_free_blocks (2) On Fri, Dec 16, 2022 at 2:01 PM Lee Jones <lee@...nel.org> wrote: > > On Thu, 15 Dec 2022, Theodore Ts'o wrote: > > > On Thu, Dec 15, 2022 at 08:34:35AM -0800, syzbot wrote: > > > This bug is marked as fixed by commit: > > > ext4: block range must be validated before use in ext4_mb_clear_bb() > > > But I can't find it in any tested tree for more than 90 days. > > > Is it a correct commit? Please update it by replying: > > > #syz fix: exact-commit-title > > > Until then the bug is still considered open and > > > new crashes with the same signature are ignored. > > > > I don't know what is going on with syzkaller's commit detection, but > > commit 1e1c2b86ef86 ("ext4: block range must be validated before use > > in ext4_mb_clear_bb()") is an exact match for the commit title, and > > it's been in the upstream kernel since v6.0. > > > > How do we make syzkaller accept this? I'll try this again, but I > > don't hold out much hope. > > I don't see the original bug report (was it posted to a lore > associated list?), so there is no way to tell what branch syzbot was > fuzzing at the time. My assumption is that it was !Mainline. Syzbot is actually reacting here to this bug from the Android namespace: https://syzkaller.appspot.com/bug?id=5266d464285a03cee9dbfda7d2452a72c3c2ae7c > > Although this does appear to be a Stable candidate, I do not see it > in any of the Stable branches yet. So I suspect the answer here is to > wait for the fix to filter down. > > In the mean time, I guess we should discuss whether syzbot should > really be posting scans of downstream trees to upstream lists. In this particular case, syzbot has captured all the recipients from the patch email [1], because that email Cc'd syzbot+15cd994e273307bf5cfa@...kaller.appspotmail.com. To syzbot, all these people were involved in the original bug discussion, and so it notified them about the problem. FWIW I've sent a PR[2] to make the "I can't find it in any tested tree" message include the link to the syzkaller dashboard. Hopefully it will help resolve such confusions faster. [1] https://lore.kernel.org/all/20220713185904.64138-1-tadeusz.struk@linaro.org/ [2] https://github.com/google/syzkaller/pull/3591 -- Aleksandr > > > #syz fix: ext4: block range must be validated before use in ext4_mb_clear_bb() > > > > Syzkaller, go home, you're drunk. > > =:-) > > -- > Lee Jones [李琼斯] > > -- > You received this message because you are subscribed to the Google Groups "syzkaller-android-bugs" group. > To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-android-bugs+unsubscribe@...glegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-android-bugs/Y5xsIkpIznpObOJL%40google.com.
Powered by blists - more mailing lists