lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA5B0431-801C-4F2E-85F5-E329F02D364A@morsecom.com>
Date:   Fri, 8 Jan 2021 00:34:30 +0000
From:   Corey Costello <ccostello@...secom.com>
To:     "noloader@...il.com" <noloader@...il.com>
CC:     "Jason A. Donenfeld" <Jason@...c4.com>,
        Netdev <netdev@...r.kernel.org>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
        WireGuard mailing list <wireguard@...ts.zx2c4.com>
Subject: Re: UBSAN: object-size-mismatch in wg_xmit

Get me off this fucking list ffs.



> On Jan 7, 2021, at 2:06 PM, Jeffrey Walton <noloader@...il.com> wrote:
> 
> On Thu, Jan 7, 2021 at 2:03 PM Jason A. Donenfeld <Jason@...c4.com> wrote:
>> 
>> On Thu, Jan 7, 2021 at 1:22 PM Dmitry Vyukov <dvyukov@...gle.com> wrote:
>>> 
>>> On Mon, Dec 21, 2020 at 12:23 PM Jason A. Donenfeld <Jason@...c4.com> wrote:
>>>> 
>>>> ...
>>> 
>>> These UBSAN checks were just enabled recently.
>>> It's indeed super easy to trigger: 133083 VMs were crashed on this already:
>>> https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fsyzkaller.appspot.com%2fbug%3fextid%3d8f90d005ab2d22342b6d&c=E,1,RVpgZsRUCGs2jKlumiMAMnpeOF4QdiW5h8GDIsBJPz-orFNwvwCXnceC9n5Bhr1h-G2EsU0tlC7N4QUpHuF6tIMI7tTnBoRjAo5tT-Bk9-Fhe8CppuOL4mqdkA,,&typo=1
>>> So it's one of the top crashers by now.
>> 
>> Ahh, makes sense. So it is easily reproducible after all.
>> 
>> You're still of the opinion that it's a false positive, right? I
>> shouldn't spend more cycles on this?
> 
> You might consider making a test build with -fno-lto in case LTO is
> mucking things up.
> 
> Google Posts Patches So The Linux Kernel Can Be LTO-Optimized By
> Clang, https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.phoronix.com%2fscan.php%3fpage%3dnews_item%26px%3dLinux-Kernel-Clang-LTO-Patches&c=E,1,7u3-jWadklYo8ai_XrPNvjnu46LLAyg0hqsGIaMPaoQ5UxtcNM84jrHUgSg4VciXKk9XVpwgyBwD85LbbW5_j195jSH6RrAej45I1kr_XfQ,&typo=1
> 
> Jeff

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ