[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CACT4Y+a=9DQhgq243k9c6SPiyAhDQG5y2GqT4Da_P97t5n4Brw@mail.gmail.com>
Date:   Wed, 20 Mar 2019 10:39:59 +0100
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     syzbot <syzbot+d89b30c46434c433dbf8@...kaller.appspotmail.com>
Cc:     Chris von Recklinghausen <crecklin@...hat.com>,
        David Miller <davem@...emloft.net>,
        Kees Cook <keescook@...omium.org>,
        Alexey Kuznetsov <kuznet@....inr.ac.ru>,
        LKML <linux-kernel@...r.kernel.org>,
        Linux-MM <linux-mm@...ck.org>, linux-net@...r.kernel.org,
        netdev <netdev@...r.kernel.org>,
        Stefano Brivio <sbrivio@...hat.com>,
        Sabrina Dubroca <sd@...asysnail.net>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
        Matthew Wilcox <willy@...radead.org>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>
Subject: Re: WARNING: bad usercopy in corrupted (2)
On Wed, Mar 20, 2019 at 1:49 AM syzbot
<syzbot+d89b30c46434c433dbf8@...kaller.appspotmail.com> wrote:
>
> syzbot has bisected this bug to:
>
> commit b8a51b38e4d4dec3e379d52c0fe1a66827f7cf1e
> Author: Stefano Brivio <sbrivio@...hat.com>
> Date:   Thu Nov 8 11:19:23 2018 +0000
>
>      fou, fou6: ICMP error handlers for FoU and GUE
>
> bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=14a57f83200000
> start commit:   b8a51b38 fou, fou6: ICMP error handlers for FoU and GUE
> git tree:       net-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=12a57f83200000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=c36a72af2123e78a
> dashboard link: https://syzkaller.appspot.com/bug?extid=d89b30c46434c433dbf8
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=170f6a47400000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=12e1df7b400000
>
> Reported-by: syzbot+d89b30c46434c433dbf8@...kaller.appspotmail.com
> Fixes: b8a51b38 ("fou, fou6: ICMP error handlers for FoU and GUE")
That commit caused lots of crashes that look completely differently.
Now all that is fixed. The last crash for this bugs happened 2+ months
ago. So let's just do:
#syz fix: fou: Prevent unbounded recursion in GUE error handler also
with UDP-Lite
Powered by blists - more mailing lists
 
