| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Jul 2019 20:05:23 -0700
From: syzbot <syzbot+@...kaller.appspotmail.com>
To: Jason Wang <jasowang@...hat.com>
Cc: jasowang@...hat.com, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, mst@...hat.com,
netdev@...r.kernel.org, syzkaller-bugs@...glegroups.com,
virtualization@...ts.linux-foundation.org
Subject: Re: Re: Reminder: 3 open syzbot bugs in vhost subsystem
> On 2019/7/24 上午10:38, Eric Biggers wrote:
>> [This email was generated by a script. Let me know if you have any
>> suggestions
>> to make it better, or if you want it re-generated with the latest
>> status.]
>> Of the currently open syzbot reports against the upstream kernel, I've
>> manually
>> marked 3 of them as possibly being bugs in the vhost subsystem. I've
>> listed
>> these reports below, sorted by an algorithm that tries to list first the
>> reports
>> most likely to be still valid, important, and actionable.
>> Of these 3 bugs, 2 were seen in mainline in the last week.
>> Of these 3 bugs, 2 were bisected to commits from the following person:
>> Jason Wang <jasowang@...hat.com>
>> If you believe a bug is no longer valid, please close the syzbot report
>> by
>> sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to
>> the
>> original thread, as explained at https://goo.gl/tpsmEJ#status
>> If you believe I misattributed a bug to the vhost subsystem, please let
>> me know,
>> and if possible forward the report to the correct people or mailing list.
>> Here are the bugs:
>> --------------------------------------------------------------------------------
>> Title: KASAN: use-after-free Write in tlb_finish_mmu
>> Last occurred: 5 days ago
>> Reported: 4 days ago
>> Branches: Mainline
>> Dashboard link:
>> https://syzkaller.appspot.com/bug?id=d57b94f89e48c85ef7d95acc208209ea4bdc10de
>> Original thread:
>> https://lkml.kernel.org/lkml/00000000000045e7a1058e02458a@google.com/T/#u
>> This bug has a syzkaller reproducer only.
>> This bug was bisected to:
>> commit 7f466032dc9e5a61217f22ea34b2df932786bbfc
>> Author: Jason Wang <jasowang@...hat.com>
>> Date: Fri May 24 08:12:18 2019 +0000
>> vhost: access vq metadata through kernel virtual address
>> No one has replied to the original thread for this bug yet.
>> If you fix this bug, please add the following tag to the commit:
>> Reported-by: syzbot+8267e9af795434ffadad@...kaller.appspotmail.com
>> If you send any email or patch for this bug, please reply to the original
>> thread. For the git send-email command to use, or tips on how to reply
>> if the
>> thread isn't in your mailbox, see the "Reply instructions" at
>> https://lkml.kernel.org/r/00000000000045e7a1058e02458a@google.com
>> --------------------------------------------------------------------------------
>> Title: KASAN: use-after-free Read in finish_task_switch (2)
>> Last occurred: 5 days ago
>> Reported: 4 days ago
>> Branches: Mainline
>> Dashboard link:
>> https://syzkaller.appspot.com/bug?id=9a98fcad6c8bd31f5c3afbdc6c75de9f082c0ffa
>> Original thread:
>> https://lkml.kernel.org/lkml/000000000000490679058e0245ee@google.com/T/#u
>> This bug has a syzkaller reproducer only.
>> This bug was bisected to:
>> commit 7f466032dc9e5a61217f22ea34b2df932786bbfc
>> Author: Jason Wang <jasowang@...hat.com>
>> Date: Fri May 24 08:12:18 2019 +0000
>> vhost: access vq metadata through kernel virtual address
>> No one has replied to the original thread for this bug yet.
> Hi:
> We believe above two bugs are duplicated with the report "WARNING in
> __mmdrop". Can I just dup them with
> #syz dup "WARNING in __mmdrop"
I see the command but can't find the corresponding bug.
Please resend the email to syzbot+HASH@...kaller.appspotmail.com address
that is the sender of the bug report (also present in the Reported-by tag).
> (If yes, just wonder how syzbot differ bugs, technically, several
> different bug can hit the same warning).
>> If you fix this bug, please add the following tag to the commit:
>> Reported-by: syzbot+7f067c796eee2acbc57a@...kaller.appspotmail.com
>> If you send any email or patch for this bug, please reply to the original
>> thread. For the git send-email command to use, or tips on how to reply
>> if the
>> thread isn't in your mailbox, see the "Reply instructions" at
>> https://lkml.kernel.org/r/000000000000490679058e0245ee@google.com
>> --------------------------------------------------------------------------------
>> Title: memory leak in vhost_net_ioctl
>> Last occurred: 22 days ago
>> Reported: 48 days ago
>> Branches: Mainline
>> Dashboard link:
>> https://syzkaller.appspot.com/bug?id=12ba349d7e26ccfe95317bc376e812ebbae2ee0f
>> Original thread:
>> https://lkml.kernel.org/lkml/000000000000188da1058a9c25e3@google.com/T/#u
>> This bug has a C reproducer.
>> The original thread for this bug has received 4 replies; the last was 39
>> days
>> ago.
>> If you fix this bug, please add the following tag to the commit:
>> Reported-by: syzbot+0789f0c7e45efd7bb643@...kaller.appspotmail.com
> I do remember it can not be reproduced upstream, let me double check and
> close this one.
> Thanks
>> If you send any email or patch for this bug, please consider replying to
>> the
>> original thread. For the git send-email command to use, or tips on how
>> to reply
>> if the thread isn't in your mailbox, see the "Reply instructions" at
>> https://lkml.kernel.org/r/000000000000188da1058a9c25e3@google.com
> --
> You received this message because you are subscribed to the Google
> Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to syzkaller-bugs+unsubscribe@...glegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/syzkaller-bugs/fabf96ac-e472-c7fd-07ff-486fe03e6433%40redhat.com.
Powered by blists - more mailing lists