* Re: KASAN: use-after-free Read in tty_open [not found] <000000000000dd04830598d50133@google.com> @ 2019-12-04 2:45 ` syzbot 2019-12-04 6:53 ` Dmitry Vyukov 2020-04-25 0:23 ` syzbot 1 sibling, 1 reply; 4+ messages in thread From: syzbot @ 2019-12-04 2:45 UTC (permalink / raw) To: gleb, gregkh, gwshan, hpa, jslaby, kvm, linux-kernel, mingo, mpe, pbonzini, ruscur, stewart, syzkaller-bugs, tglx, x86 syzbot has bisected this bug to: commit 2de50e9674fc4ca3c6174b04477f69eb26b4ee31 Author: Russell Currey <ruscur@russell.cc> Date: Mon Feb 8 04:08:20 2016 +0000 powerpc/powernv: Remove support for p5ioc2 bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15e5fc32e00000 start commit: 76bb8b05 Merge tag 'kbuild-v5.5' of git://git.kernel.org/p.. git tree: upstream final crash: https://syzkaller.appspot.com/x/report.txt?x=17e5fc32e00000 console output: https://syzkaller.appspot.com/x/log.txt?x=13e5fc32e00000 kernel config: https://syzkaller.appspot.com/x/.config?x=dd226651cb0f364b dashboard link: https://syzkaller.appspot.com/bug?extid=9af6d43c1beabec8fd05 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16d15061e00000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14b69aeae00000 Reported-by: syzbot+9af6d43c1beabec8fd05@syzkaller.appspotmail.com Fixes: 2de50e9674fc ("powerpc/powernv: Remove support for p5ioc2") For information about bisection process see: https://goo.gl/tpsmEJ#bisection ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: KASAN: use-after-free Read in tty_open 2019-12-04 2:45 ` KASAN: use-after-free Read in tty_open syzbot @ 2019-12-04 6:53 ` Dmitry Vyukov 0 siblings, 0 replies; 4+ messages in thread From: Dmitry Vyukov @ 2019-12-04 6:53 UTC (permalink / raw) To: syzbot Cc: Gleb Natapov, Greg Kroah-Hartman, gwshan, H. Peter Anvin, Jiri Slaby, KVM list, LKML, Ingo Molnar, Michael Ellerman, Paolo Bonzini, Russell Currey, stewart, syzkaller-bugs, Thomas Gleixner, the arch/x86 maintainers On Wed, Dec 4, 2019 at 3:45 AM syzbot <syzbot+9af6d43c1beabec8fd05@syzkaller.appspotmail.com> wrote: > > syzbot has bisected this bug to: > > commit 2de50e9674fc4ca3c6174b04477f69eb26b4ee31 > Author: Russell Currey <ruscur@russell.cc> > Date: Mon Feb 8 04:08:20 2016 +0000 > > powerpc/powernv: Remove support for p5ioc2 > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=15e5fc32e00000 > start commit: 76bb8b05 Merge tag 'kbuild-v5.5' of git://git.kernel.org/p.. > git tree: upstream > final crash: https://syzkaller.appspot.com/x/report.txt?x=17e5fc32e00000 > console output: https://syzkaller.appspot.com/x/log.txt?x=13e5fc32e00000 > kernel config: https://syzkaller.appspot.com/x/.config?x=dd226651cb0f364b > dashboard link: https://syzkaller.appspot.com/bug?extid=9af6d43c1beabec8fd05 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16d15061e00000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14b69aeae00000 > > Reported-by: syzbot+9af6d43c1beabec8fd05@syzkaller.appspotmail.com > Fixes: 2de50e9674fc ("powerpc/powernv: Remove support for p5ioc2") > > For information about bisection process see: https://goo.gl/tpsmEJ#bisection This should have been detected as "does not affect binary", but there is something I don't understand/missing: This is bisected to 2de50e9674fc4ca3c6174b04477f69eb26b4ee31 and it has this parent: $ git log -n 1 --format="%P" 2de50e9674fc4ca3c6174b04477f69eb26b4ee31 388f7b1d6e8ca06762e2454d28d6c3c55ad0fe95 But the parent was never tested during bisection... how is this possible? Mentioned this here: https://github.com/google/syzkaller/issues/1271#issuecomment-561504032 ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: KASAN: use-after-free Read in tty_open [not found] <000000000000dd04830598d50133@google.com> 2019-12-04 2:45 ` KASAN: use-after-free Read in tty_open syzbot @ 2020-04-25 0:23 ` syzbot 2020-04-25 2:18 ` Eric Biggers 1 sibling, 1 reply; 4+ messages in thread From: syzbot @ 2020-04-25 0:23 UTC (permalink / raw) To: dvyukov, ebiggers, gleb, gregkh, gwshan, hpa, jslaby, jslaby, kvm, linux-kernel, mingo, mpe, pbonzini, ruscur, stewart, syzkaller-bugs, tglx, x86 syzbot suspects this bug was fixed by commit: commit ca4463bf8438b403596edd0ec961ca0d4fbe0220 Author: Eric Biggers <ebiggers@google.com> Date: Sun Mar 22 03:43:04 2020 +0000 vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=11594fc8100000 start commit: 07c4b9e9 Merge tag 'scsi-fixes' of git://git.kernel.org/pu.. git tree: upstream kernel config: https://syzkaller.appspot.com/x/.config?x=79f79de2a27d3e3d dashboard link: https://syzkaller.appspot.com/bug?extid=9af6d43c1beabec8fd05 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=113886fae00000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1263520ae00000 If the result looks correct, please mark the bug fixed by replying with: #syz fix: vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console For information about bisection process see: https://goo.gl/tpsmEJ#bisection ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: KASAN: use-after-free Read in tty_open 2020-04-25 0:23 ` syzbot @ 2020-04-25 2:18 ` Eric Biggers 0 siblings, 0 replies; 4+ messages in thread From: Eric Biggers @ 2020-04-25 2:18 UTC (permalink / raw) To: syzbot Cc: dvyukov, gleb, gregkh, gwshan, hpa, jslaby, jslaby, kvm, linux-kernel, mingo, mpe, pbonzini, ruscur, stewart, syzkaller-bugs, tglx, x86 On Fri, Apr 24, 2020 at 05:23:03PM -0700, syzbot wrote: > syzbot suspects this bug was fixed by commit: > > commit ca4463bf8438b403596edd0ec961ca0d4fbe0220 > Author: Eric Biggers <ebiggers@google.com> > Date: Sun Mar 22 03:43:04 2020 +0000 > > vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=11594fc8100000 > start commit: 07c4b9e9 Merge tag 'scsi-fixes' of git://git.kernel.org/pu.. > git tree: upstream > kernel config: https://syzkaller.appspot.com/x/.config?x=79f79de2a27d3e3d > dashboard link: https://syzkaller.appspot.com/bug?extid=9af6d43c1beabec8fd05 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=113886fae00000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1263520ae00000 > > If the result looks correct, please mark the bug fixed by replying with: > > #syz fix: vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console > > For information about bisection process see: https://goo.gl/tpsmEJ#bisection #syz fix: vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-04-25 2:18 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <000000000000dd04830598d50133@google.com>
2019-12-04 2:45 ` KASAN: use-after-free Read in tty_open syzbot
2019-12-04 6:53 ` Dmitry Vyukov
2020-04-25 0:23 ` syzbot
2020-04-25 2:18 ` Eric Biggers
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox