lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y5x84fb+YegSendN@google.com> Date: Fri, 16 Dec 2022 14:12:49 +0000 From: Lee Jones <lee@...nel.org> To: Aleksandr Nogikh <nogikh@...gle.com> Cc: Theodore Ts'o <tytso@....edu>, syzbot <syzbot+15cd994e273307bf5cfa@...kaller.appspotmail.com>, adilger.kernel@...ger.ca, gregkh@...uxfoundation.org, lczerner@...hat.com, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org, sashal@...nel.org, stable@...r.kernel.org, syzkaller-android-bugs@...glegroups.com, tadeusz.struk@...aro.org Subject: Re: kernel BUG in ext4_free_blocks (2) On Fri, 16 Dec 2022, Aleksandr Nogikh wrote: > On Fri, Dec 16, 2022 at 2:01 PM Lee Jones <lee@...nel.org> wrote: > > > > On Thu, 15 Dec 2022, Theodore Ts'o wrote: > > > > > On Thu, Dec 15, 2022 at 08:34:35AM -0800, syzbot wrote: > > > > This bug is marked as fixed by commit: > > > > ext4: block range must be validated before use in ext4_mb_clear_bb() > > > > But I can't find it in any tested tree for more than 90 days. > > > > Is it a correct commit? Please update it by replying: > > > > #syz fix: exact-commit-title > > > > Until then the bug is still considered open and > > > > new crashes with the same signature are ignored. > > > > > > I don't know what is going on with syzkaller's commit detection, but > > > commit 1e1c2b86ef86 ("ext4: block range must be validated before use > > > in ext4_mb_clear_bb()") is an exact match for the commit title, and > > > it's been in the upstream kernel since v6.0. > > > > > > How do we make syzkaller accept this? I'll try this again, but I > > > don't hold out much hope. > > > > I don't see the original bug report (was it posted to a lore > > associated list?), so there is no way to tell what branch syzbot was > > fuzzing at the time. My assumption is that it was !Mainline. > > Syzbot is actually reacting here to this bug from the Android namespace: > > https://syzkaller.appspot.com/bug?id=5266d464285a03cee9dbfda7d2452a72c3c2ae7c > > > Although this does appear to be a Stable candidate, I do not see it > > in any of the Stable branches yet. So I suspect the answer here is to > > wait for the fix to filter down. > > > > In the mean time, I guess we should discuss whether syzbot should > > really be posting scans of downstream trees to upstream lists. > > In this particular case, syzbot has captured all the recipients from > the patch email [1], because that email Cc'd > syzbot+15cd994e273307bf5cfa@...kaller.appspotmail.com. To syzbot, all > these people were involved in the original bug discussion, and so it > notified them about the problem. > > FWIW I've sent a PR[2] to make the "I can't find it in any tested > tree" message include the link to the syzkaller dashboard. Hopefully > it will help resolve such confusions faster. That's helpful, thank you. -- Lee Jones [李琼斯]
Powered by blists - more mailing lists