| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200507095949.GD9365@kadam>
Date: Thu, 7 May 2020 12:59:49 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Hillf Danton <hdanton@...a.com>
Cc: syzbot <syzbot+e73ceacfd8560cc8a3ca@...kaller.appspotmail.com>,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: BUG: stack guard page was hit in unwind_next_frame
On Sun, May 03, 2020 at 06:22:20PM +0800, Hillf Danton wrote:
> Bail out if it's detected to handle the event more than once.
>
> --- a/drivers/net/bonding/bond_main.c
> +++ b/drivers/net/bonding/bond_main.c
> @@ -3273,9 +3273,19 @@ static int bond_netdev_event(struct noti
> return ret;
> }
>
> - if (event_dev->flags & IFF_SLAVE)
> - return bond_slave_netdev_event(event, event_dev);
> + if (event_dev->flags & IFF_SLAVE) {
> + static void *tail_spin = NULL;
^^^^^^^^^^^^^^^^
assigning NULL
> + void *token = (void *) this + (void *) event_dev;
Adding a pointer to a pointer doesn't make any sense. But the result
is non-NULL because event_dev is non-NULL.
> +
> + if (tail_spin == token) {
^^^^^^^^^^^^^^^^^^
Impossible because tail_spin is NULL and token is non-NULL.
> + tail_spin = NULL;
^^^^^^^^^^^^^^^^
re-assigning NULL. local variable assigned right before a return is
pointless.
> + return NOTIFY_DONE;
> + }
> + if (tail_spin == NULL)
Always true condition.
> + tail_spin = token;
Pointless assign.
>
> + return bond_slave_netdev_event(event, event_dev);
This whole patch is a very complicated no-op. :P I'm not sure at all
what was intended by this patch.
> + }
> return NOTIFY_DONE;
> }
regards,
dan carpenter
Powered by blists - more mailing lists