[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 8 Aug 2019 14:46:54 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: syzbot <syzbot+45b2f40f0778cfa7634e@...kaller.appspotmail.com>,
Michael Hund <mhund@...didactic.de>
Cc: akpm@...ux-foundation.org, andreyknvl@...gle.com, cai@....pw,
keescook@...omium.org, linux-kernel@...r.kernel.org,
linux-mm@...ck.org, linux-usb@...r.kernel.org,
syzkaller-bugs@...glegroups.com, tglx@...utronix.de
Subject: Re: BUG: bad usercopy in ld_usb_read
On Thu, Aug 08, 2019 at 05:38:06AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: e96407b4 usb-fuzzer: main usb gadget fuzzer driver
> git tree: https://github.com/google/kasan.git usb-fuzzer
> console output: https://syzkaller.appspot.com/x/log.txt?x=13aeaece600000
> kernel config: https://syzkaller.appspot.com/x/.config?x=cfa2c18fb6a8068e
> dashboard link: https://syzkaller.appspot.com/bug?extid=45b2f40f0778cfa7634e
> compiler: gcc (GCC) 9.0.0 20181231 (experimental)
>
> Unfortunately, I don't have any reproducer for this crash yet.
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+45b2f40f0778cfa7634e@...kaller.appspotmail.com
>
> ldusb 6-1:0.124: Read buffer overflow, -131383996186150 bytes dropped
That's a funny number :)
Nice overflow found, I see you are now starting to fuzz the char device
nodes of usb drivers...
Michael, care to fix this up?
thanks,
greg k-h
Powered by blists - more mailing lists