lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANp29Y68VeE9NHM2ekCvuZNVVaEZkmaG_NhyaUTH5DMOu0=QgA@mail.gmail.com>
Date:   Mon, 31 Oct 2022 11:57:00 -0700
From:   Aleksandr Nogikh <nogikh@...gle.com>
To:     Matthew Wilcox <willy@...radead.org>
Cc:     syzbot <syzbot+8edfa01e46fd9fe3fbfb@...kaller.appspotmail.com>,
        akpm@...ux-foundation.org, clm@...com, dsterba@...e.com,
        hch@....de, josef@...icpanda.com, linmiaohe@...wei.com,
        linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org,
        syzkaller-bugs@...glegroups.com, torvalds@...ux-foundation.org
Subject: Re: [syzbot] WARNING in btrfs_space_info_update_bytes_may_use

On Mon, Oct 31, 2022 at 6:50 AM Matthew Wilcox <willy@...radead.org> wrote:
>
> Dmitry, I don't see a way to tell syzbot that its bisection has gone
> astray.  Can you add one or document it if it already exists?

No, unfortunately it's not possible now. I've filed an issue:
https://github.com/google/syzkaller/issues/3491

>
> On Mon, Oct 31, 2022 at 04:51:22AM -0700, syzbot wrote:
> > syzbot has bisected this issue to:
> >
> > commit 0c7c575df56b957390206deb018c41acbb412159
> > Author: Matthew Wilcox (Oracle) <willy@...radead.org>
> > Date:   Wed Feb 24 20:01:52 2021 +0000
> >
> >     mm/filemap: remove dynamically allocated array from filemap_read
>
> This change affects the read path.  The crash happens in the unmount
> path.  The data structure that's being checked is modified in the write
> path.  I just can't see how this commit is in any way related.

Most likely the bisection pointed at your patch because it removed
kmalloc while the reproducer for the bug does fault injection (see the
"(fail_nth: 10)" line in syz repro). So it might have inadvertently
made the issue more visible to the fuzzer.

>
> > bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=119e21b6880000
> > start commit:   b229b6ca5abb Merge tag 'perf-tools-fixes-for-v6.1-2022-10-..
> > git tree:       upstream
> > final oops:     https://syzkaller.appspot.com/x/report.txt?x=139e21b6880000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=159e21b6880000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=a66c6c673fb555e8
> > dashboard link: https://syzkaller.appspot.com/bug?extid=8edfa01e46fd9fe3fbfb
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=17db9ab1880000
> > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=124e21b6880000
> >
> > Reported-by: syzbot+8edfa01e46fd9fe3fbfb@...kaller.appspotmail.com
> > Fixes: 0c7c575df56b ("mm/filemap: remove dynamically allocated array from filemap_read")
> >
> > For information about bisection process see: https://goo.gl/tpsmEJ#bisection
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@...glegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/Y1/SqIuP4tbszPAW%40casper.infradead.org.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ