lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CACT4Y+ai3qVzcBcTBoD4KkVTQzKm5nhEskhTjhNDmwuyBWSy-A@mail.gmail.com>
Date:   Thu, 18 Mar 2021 16:00:05 +0100
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Kefeng Wang <wangkefeng.wang@...wei.com>
Cc:     syzbot <syzbot+005654dd9b8f26bd4c07@...kaller.appspotmail.com>,
        Albert Ou <aou@...s.berkeley.edu>,
        LKML <linux-kernel@...r.kernel.org>,
        linux-riscv <linux-riscv@...ts.infradead.org>,
        Marc Zyngier <maz@...nel.org>,
        Palmer Dabbelt <palmer@...belt.com>,
        Paul Walmsley <paul.walmsley@...ive.com>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [syzbot] KASAN: slab-out-of-bounds Read in riscv_intc_irq

On Thu, Mar 18, 2021 at 3:50 PM Kefeng Wang <wangkefeng.wang@...wei.com> wrote:
> >> On 2021/3/14 18:47, Dmitry Vyukov wrote:
> >>> On Sun, Mar 14, 2021 at 11:14 AM syzbot
> >>> <syzbot+005654dd9b8f26bd4c07@...kaller.appspotmail.com> wrote:
> >>>> Hello,
> >>>>
> >>>> syzbot found the following issue on:
> >>>>
> >>>> HEAD commit:    0d7588ab riscv: process: Fix no prototype for arch_dup_tas..
> >>>> git tree:       git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes
> >>>> console output: https://syzkaller.appspot.com/x/log.txt?x=15a35756d00000
> >>>> kernel config:  https://syzkaller.appspot.com/x/.config?x=81c0b708b31626cc
> >>>> dashboard link: https://syzkaller.appspot.com/bug?extid=005654dd9b8f26bd4c07
> >>>> userspace arch: riscv64
> >>>>
> >>>> Unfortunately, I don't have any reproducer for this issue yet.
> >>>>
> >>>> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> >>>> Reported-by: syzbot+005654dd9b8f26bd4c07@...kaller.appspotmail.com
> >>>>
> >>>> ==================================================================
> >>>> BUG: KASAN: slab-out-of-bounds in riscv_intc_irq+0x24/0xcc drivers/irqchip/irq-riscv-intc.c:24
> >>>> Read of size 8 at addr ffffffe00c963bd0 by task kworker/1:1/4388
> >>>>
> >>>> CPU: 1 PID: 4388 Comm: kworker/1:1 Not tainted 5.12.0-rc2-syzkaller-00467-g0d7588ab9ef9 #0
> >>>> Hardware name: riscv-virtio,qemu (DT)
> >>>> Workqueue: events nsim_dev_trap_report_work
> >>>> Call Trace:
> >>>> [<ffffffe0000096c0>] walk_stackframe+0x0/0x23c arch/riscv/kernel/traps.c:201
> >>>>
> >>>> Allocated by task 76347056:
> >>>> (stack is not available)
> >>>>
> >>>> Last potentially related work creation:
> >>> There seems to be some issue with riscv stack unwinder.
> >>> This does not have stacks.
> >> Hi, could you test with the following  patch about the no stack
> >> issue(from v5.11-rc4), I made a mistake when do some cleanup...
> >>
> >> https://lore.kernel.org/linux-riscv/ce5b3533-b75d-c31c-4319-9d29769bbbd5@huawei.com/T/#t
> > Hi Kefeng,
> >
> > Please see:
> > http://bit.do/syzbot#no-custom-patches
> >
> > Is a unit-test for this possible? Fuzzing is not a replacement for unit testing.
>
> ok, I mean that the issue about stack unwinder which may cause by my
> previous patch,
>
> if some one want the stack back, it could try the bugfix.

Everybody wants the stack back!
Good, let's wait when it's merged and we will see stacks in all kernel
testing systems.





> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@...glegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/093ff4d1-3977-1085-404f-ec46a3b1d8f0%40huawei.com.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ