| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220221054618-mutt-send-email-mst@kernel.org>
Date: Mon, 21 Feb 2022 05:48:48 -0500
From: "Michael S. Tsirkin" <mst@...hat.com>
To: Hillf Danton <hdanton@...a.com>
Cc: syzbot <syzbot+3140b17cb44a7b174008@...kaller.appspotmail.com>,
jasowang@...hat.com, linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] kernel BUG in vhost_get_vq_desc
On Mon, Feb 21, 2022 at 06:15:38PM +0800, Hillf Danton wrote:
> On Mon, 21 Feb 2022 04:17:02 -0500 Michael S. Tsirkin wrote:
> > On Mon, Feb 21, 2022 at 04:52:27PM +0800, Hillf Danton wrote:
> > > Another round of attempts to quiesce the
> > > WARNING: CPU: 1 PID: 4069 at drivers/vhost/vhost.c:715 after the
> > > BUG at drivers/vhost/vhost.c:2337 went home.
> >
> > Could you pls clarify what do you mean by "went home" here?
>
> The reproducer failed to trigger it.
>
> Hillf
You mean this patch?
@@ -2207,7 +2209,10 @@ int vhost_get_vq_desc(struct vhost_virtq
__virtio16 avail_idx;
__virtio16 ring_head;
int ret, access;
+ bool was_set = !!(vq->used_flags & VRING_USED_F_NO_NOTIFY);
+ if (!was_set)
+ return -EINVAL;
/* Check it isn't doing very strange things with descriptor numbers. */
last_avail_idx = vq->last_avail_idx;
However, I do not understand how do we enter vhost_get_vq_desc
with vq->used_flags & VRING_USED_F_NO_NOTIFY being clear.
Do you?
Powered by blists - more mailing lists