lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <914a01e5-9c7d-4f2c-9d2b-c5c8c99b4a0e@rowland.harvard.edu>
Date: Thu, 29 Feb 2024 11:12:27 -0500
From: Alan Stern <stern@...land.harvard.edu>
To: Aleksandr Nogikh <nogikh@...gle.com>
Cc: syzbot <syzbot+28748250ab47a8f04100@...kaller.appspotmail.com>,
  bvanassche@....org, emilne@...hat.com, gregkh@...uxfoundation.org,
  linux-kernel@...r.kernel.org, linux-usb@...r.kernel.org,
  martin.petersen@...cle.com, syzkaller-bugs@...glegroups.com,
  tasos@...ossah.com, usb-storage@...ts.one-eyed-alien.net
Subject: Re: [syzbot] [usb-storage?] divide error in isd200_ata_command

On Thu, Feb 29, 2024 at 04:40:05PM +0100, Aleksandr Nogikh wrote:
> On Wed, Feb 28, 2024 at 8:18 PM Alan Stern <stern@...land.harvard.edu> wrote:
> >
> > On Wed, Feb 28, 2024 at 05:52:50PM +0100, Aleksandr Nogikh wrote:
> > > Hi Alan,
> > >
> > > Please try it once more with the full commit hash.
> >
> > Thanks for the advice.  Are you a good person to complain to about the
> > difference between what syzbot provides and what it will accept?  This
> > bug report states
> >
> > HEAD commit:    f2e367d6ad3b Merge tag 'for-6.8/dm-fix-3' of git://git.ker..
> > git tree:       upstream
> >
> > But if I specify "upstream" as the git tree on a syz test request, it
> > doesn't accept it.  Now you're suggesting that if I put f2e367d6ad3b as
> > the commit ID, it won't accept it.
> >
> > There's probably already a bugfix request for this, but I'd like to push
> > on it some more.  Syzbot's output should be acceptable as its input!
> 
> That all totally makes sense. Thanks for highlighting the problems!
> 
> For accepting "upstream" (and alike) as input, there was already a github issue:
> https://github.com/google/syzkaller/issues/2265
> That syzbot is not able to fetch commits by their short hashes was
> only discovered yesterday.
> 
> I've just sent PRs with fixes for both issues.
> 
> If there's anything else that can make syzbot reports better, please
> let me know :)

That's great news!  Thanks a lot.

How will we know when the fixes have been accepted and we can use them?

Alan Stern

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ