lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAJg=8jw-ZfYjuxUVK5WZU9n+-igfonpeN=mBfy9qqmvnUUe1YQ@mail.gmail.com>
Date: Wed, 16 Oct 2024 20:39:31 -0700
From: Marius Fleischer <fleischermarius@...il.com>
To: Dave Hansen <dave.hansen@...el.com>
Cc: Jens Axboe <axboe@...nel.dk>, Andy Lutomirski <luto@...nel.org>, 
	Peter Zijlstra <peterz@...radead.org>, Thomas Gleixner <tglx@...utronix.de>, 
	Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, linux-kernel@...r.kernel.org, 
	syzkaller@...glegroups.com, harrisonmichaelgreen@...il.com, 
	Pavel Begunkov <asml.silence@...il.com>, io-uring@...r.kernel.org
Subject: Re: WARNING in get_pat_info

Hi Dave,

> > TL;DR compile syzkaller, copy syz-execprog, syz-executor, repro.syz into
> > the VM and run the command below inside the VM
> > ./syz-execprog -executor=./syz-executor -procs=8 -repeat=0 repro.syz
> >
> > Please let me know if you need more details from us!
>
> It didn't reproduce for me, either, at least ~10k executed programs in.
> How long should it take?
>

This is surprising to me - it triggers the crash within 4 seconds for
me. syz-execprog
should not even get to the state of printing the number of executed programs.
Could you try compiling an older version of syzkaller, specifically the
commit bf285f0cf1f7863e0b0d17980de703fab89476bb? I noticed that the
instructions I linked to above mention that a difference in syzkaller version
can lead to issues.
Not sure if this is relevant, but I am using the bullseye image created with
the script provided by syzkaller as described here
https://github.com/google/syzkaller/blob/master/docs/linux/setup_ubuntu-host_qemu-vm_x86-64-kernel.md#image.

> The next step would be to figure out specifically why get_pat_info()
> failed.  To double check that io_uring is the thing that's involved and
> (presumably) why follow_phys() failed.  Basically, I think we need to
> know what state the page tables and the VMA were in.

Sorry, I am very inexperienced in debugging such crashes. Could you
expand a little bit on what state of page tables and VMA exactly means?
Are there some specific kernel structs I should dump?

Best,
Marius

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ