lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Jan 2019 15:20:50 +0100 From: Florian Westphal <fw@...len.de> To: Dmitry Vyukov <dvyukov@...gle.com> Cc: Florian Westphal <fw@...len.de>, syzbot <syzbot+e6e1fe9148cffa18cf97@...kaller.appspotmail.com>, David Miller <davem@...emloft.net>, Herbert Xu <herbert@...dor.apana.org.au>, LKML <linux-kernel@...r.kernel.org>, netdev <netdev@...r.kernel.org>, Steffen Klassert <steffen.klassert@...unet.com>, syzkaller-bugs <syzkaller-bugs@...glegroups.com> Subject: Re: general protection fault in __xfrm_policy_bysel_ctx Dmitry Vyukov <dvyukov@...gle.com> wrote: > > syzbot <syzbot+e6e1fe9148cffa18cf97@...kaller.appspotmail.com> wrote: > > > Hello, > > > > > > syzbot found the following crash on: > > > > > > HEAD commit: 085c4c7dd2b6 net: lmc: remove -I. header search path > > > git tree: net-next > > > console output: https://syzkaller.appspot.com/x/log.txt?x=12347128c00000 > > > kernel config: https://syzkaller.appspot.com/x/.config?x=505743eba4e4f68 > > > dashboard link: https://syzkaller.appspot.com/bug?extid=e6e1fe9148cffa18cf97 > > > compiler: gcc (GCC) 9.0.0 20181231 (experimental) > > > > > > Unfortunately, I don't have any reproducer for this crash yet. > > > > net-next doesn't contain the fixes for the rbtree fallout yet, so > > this might already be fixed (fingers crossed). > > Hi Florian, > > What is that fix for the record? I don't know. I managed to add every bug class imagineable in that series 8-( The last (most recent) fix from the 'fallout cleanup' is: 12750abad517a991c4568969bc748db302ab52cd ("xfrm: policy: fix infinite loop when merging src-nodes") so if syzkaller can generate a splat with that change present something is still broken. > We will need to close this later. Or perhaps we can already mark this > as fixed by that patch with "#syz fix:" command? There are a lot of open xfrm related splats that could all be explained by the rbtree bugs (one had a reproducer, the fix has appropriate reported-by tag). It would be great if there was a way to tell syzkaller to report those again if they still appear. I could pretend and claim above commit as "sys-fix", but it seems fishy. Let me know and I can tag all of them.
Powered by blists - more mailing lists