| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 18 Dec 2016 14:39:40 -0800
From: Darren Hart <dvhart@...radead.org>
To: Peter Zijlstra <peterz@...radead.org>
Cc: tglx@...utronix.de, mingo@...nel.org, juri.lelli@....com,
rostedt@...dmis.org, xlpang@...hat.com, bigeasy@...utronix.de,
linux-kernel@...r.kernel.org, mathieu.desnoyers@...icios.com,
jdesfossez@...icios.com, bristot@...hat.com
Subject: Re: [PATCH -v4 00/10] FUTEX_UNLOCK_PI wobbles
On Sat, Dec 17, 2016 at 02:52:14PM +0100, Peter Zijlstra wrote:
> On Fri, Dec 16, 2016 at 03:31:40PM -0800, Darren Hart wrote:
> > On Tue, Dec 13, 2016 at 09:36:38AM +0100, Peter Zijlstra wrote:
> > > That way, when we drop hb->lock to wait, futex and rt_mutex wait state is
> > > consistent.
> > >
> > >
> > > In any case, it passes our inadequate testing.
> >
> > It passed my CI tools/testing/selftests/futex/functional/run.sh. Did you also
> > happen to run a fuzz tester?
>
> I did not. I'm not sure how good trinity is at poking holes in futexes.
> I would love a domain specific fuzzer for futex, but I suspect it would
> end up being me writing it :-(
>
Trinity had some futex awareness and found several issues in the past, I can't
say how likely it is to find more. I haven't tried ... syzcaller? yet.
I had set out to do this in the futextest suite, which I later merged into
kselftests, but I scrapped the fuzz testing, deferring to trinity. Perhaps that
is a project we should resurrect.
--
Darren Hart
Intel Open Source Technology Center
Powered by blists - more mailing lists