| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20181117140356.GA29895@fieldses.org>
Date: Sat, 17 Nov 2018 09:03:56 -0500
From: Bruce Fields <bfields@...ldses.org>
To: Jeff Layton <jlayton@...nel.org>
Cc: Dmitry Vyukov <dvyukov@...gle.com>, NeilBrown <neilb@...e.com>,
syzbot <syzbot+a4a3d526b4157113ec6a@...kaller.appspotmail.com>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
syzkaller-bugs@...glegroups.com, Al Viro <viro@...iv.linux.org.uk>
Subject: Re: KASAN: use-after-free Read in locks_delete_block
On Sat, Nov 17, 2018 at 08:33:27AM -0500, Jeff Layton wrote:
> Thanks for the explanation, Dmitry. I've added the tag to the patch in
> my tree. It should show up in linux-next soon.
>
> I still find it a little misleading to say that syzbot reported a bug
> when it actually found a bug inside an earlier version of the patch, but
> I'll just learn to get over it.
The usual tag for someone that found a bug in an earlier version of a
patch would be Reviewed-by:. Is there any reason we can't use that
here? The "syzbot+..." email should be enough on its own, I can't see a
reason why their scripts would need to require a particular tag. Or
maybe we could use Tested-by:, or some other tag made up for this case?
I do worry that someone who sees "Reported-by:..." might for example
mistakenly assume that it would help to backport that patch if they see
a similar-looking oops.
--b.
Powered by blists - more mailing lists