lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5241D905.9030001@canonical.com>
Date:	Tue, 24 Sep 2013 14:25:09 -0400
From:	Joseph Salisbury <joseph.salisbury@...onical.com>
To:	Jiri Kosina <jkosina@...e.cz>
CC:	Dan Carpenter <dan.carpenter@...cle.com>, thomas@...3r.de,
	list@...osl.org, Haiyang Zhang <haiyangz@...rosoft.com>,
	LKML <linux-kernel@...r.kernel.org>, open@...osl.org,
	HID CORE LAYER <linux-input@...r.kernel.org>,
	devel@...uxdriverproject.org
Subject: Re: [v3.11][Regression] HID: hyperv: convert alloc+memcpy to memdup

On 09/24/2013 05:29 AM, Jiri Kosina wrote:
> On Mon, 16 Sep 2013, Joseph Salisbury wrote:
>
>>>> Can you explain a little further?  Mark commit a4a23f6 as bad?  An
>>>> initial bisect already reported that was the first bad commit, so it
>>>> can't be marked bad.  The oops on memcpy() happens after commit a4a23f6
>>>> is reverted.  The oops on memcpy() did not happen before a4a23f6 was
>>>> committed, so I assume this new oops was introduced by a change later.
>>>>
>>>> Right now I'm bisecting down the oops on memcpy() by updating the bisect
>>>> with good or bad, depending if the test kernel hit the oops.  I then
>>>> revert a4a23f6, so that revert is the HEAD of the tree each time before
>>>> building the kernel again(As long as the commit spit out by bisect is
>>>> after when a4a23f6 was introduced).
>>> Yep.  Please continue bisecting the memcpy() oops.
>>>
>>> kmemdup() is just a kzalloc() followed by a memcpy().  When we split it
>>> apart by reverting the patch then we would expect the oops to move to
>>> the memcpy() part.  Somehow "desc" is a bogus pointer, but I don't
>>> immediately see how that is possible.
>>>
>>> regards,
>>> dan carpenter
>> Thanks for the details.  We'll continue the bisect and let you know how
>> it goes.
> Did this please yield any useful result?
>
> Thanks,
>

We also tested the 3.12-rc2 kernel, but it also produces an oops and
lockup.  In case it's of use, the 3.12-rc2 oops can be seen at:
https://launchpadlibrarian.net/151359441/kern.log
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ