From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 47EFFC76186 for ; Wed, 24 Jul 2019 01:48:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 0AE98229ED for ; Wed, 24 Jul 2019 01:48:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1563932928; bh=xWPuqjdVfcT3qt7jHBWtrnwFueRLSmJj6r6ilFHQc6A=; h=Date:From:To:Cc:Subject:List-ID:From; b=FMQr1f9lvrGP76QyakCltWj2xhQV9Yo8RDjoT/Dvzq080f+iOURClq3Rsl0xhSFrF MJ+7YHOZOrStJcz3X7uhja4tv/7RypPQOM2BEW8zQcazodIOozSpUftpRAHa9Sj1iK Kky0WS4LnGzHIf6UR1C+tQU2gXP6eonXT/H2nNWE= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728005AbfGXBsn (ORCPT ); Tue, 23 Jul 2019 21:48:43 -0400 Received: from mail.kernel.org ([198.145.29.99]:57774 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725837AbfGXBsn (ORCPT ); Tue, 23 Jul 2019 21:48:43 -0400 Received: from sol.localdomain (c-24-5-143-220.hsd1.ca.comcast.net [24.5.143.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 522D82238C; Wed, 24 Jul 2019 01:48:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1563932922; bh=xWPuqjdVfcT3qt7jHBWtrnwFueRLSmJj6r6ilFHQc6A=; h=Date:From:To:Cc:Subject:From; b=TYw2xcll1IVLZQUMkOJ9XPOzS/DkbB96jZ1NvwNC0yetRp/99Kg1wdEkUkSM1Wxdg 43p35ba8FmnEEsI3MFiiFqqouu5jMnwh9usXkDcc9tbJlJVJKw2L+6Rdn/aQMRRKfy PsH3UPr5be5Pt/hsGj6j9anvY8WnEjMycZuftXeA= Date: Tue, 23 Jul 2019 18:48:40 -0700 From: Eric Biggers To: linux-rdma@vger.kernel.org, Doug Ledford , Jason Gunthorpe , Yishai Hadas Cc: linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com Subject: Reminder: 11 open syzbot bugs in RDMA subsystem Message-ID: <20190724014840.GL643@sol.localdomain> Mail-Followup-To: linux-rdma@vger.kernel.org, Doug Ledford , Jason Gunthorpe , Yishai Hadas , linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.12.1 (2019-06-15) Sender: linux-rdma-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-rdma@vger.kernel.org [This email was generated by a script. Let me know if you have any suggestions to make it better, or if you want it re-generated with the latest status.] Of the currently open syzbot reports against the upstream kernel, I've manually marked 11 of them as possibly being bugs in the RDMA subsystem. I've listed these reports below, sorted by an algorithm that tries to list first the reports most likely to be still valid, important, and actionable. Of these 11 bugs, 1 was seen in mainline in the last week. Of these 11 bugs, 1 was bisected to a commit from the following person: Yishai Hadas If you believe a bug is no longer valid, please close the syzbot report by sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to the original thread, as explained at https://goo.gl/tpsmEJ#status If you believe I misattributed a bug to the RDMA subsystem, please let me know, and if possible forward the report to the correct people or mailing list. Here are the bugs: -------------------------------------------------------------------------------- Title: KASAN: use-after-free Read in rdma_listen (2) Last occurred: 3 days ago Reported: 115 days ago Branches: Mainline and others Dashboard link: https://syzkaller.appspot.com/bug?id=8dc0bcd9dd6ec915ba10b3354740eb420884acaa Original thread: https://lkml.kernel.org/lkml/00000000000012a4cd05854a1d0a@google.com/T/#u This bug has a syzkaller reproducer only. No one replied to the original thread for this bug. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+adb15cf8c2798e4e0db4@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/00000000000012a4cd05854a1d0a@google.com -------------------------------------------------------------------------------- Title: WARNING: bad unlock balance in ucma_destroy_id Last occurred: 27 days ago Reported: 329 days ago Branches: Mainline and others Dashboard link: https://syzkaller.appspot.com/bug?id=c600e111223ce0a20e5f2fb4e9a4ebdff54d7fa6 Original thread: https://lkml.kernel.org/lkml/0000000000003b9c4b0574806070@google.com/T/#u This bug has a syzkaller reproducer only. This bug was bisected to: commit e1c30298ccab87151a0c4241fc5985c591598361 Author: Yishai Hadas Date: Thu Aug 13 15:32:07 2015 +0000   IB/ucma: HW Device hot-removal support No one replied to the original thread for this bug. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+4b628fcc748474003457@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/0000000000003b9c4b0574806070@google.com -------------------------------------------------------------------------------- Title: WARNING: bad unlock balance in ucma_event_handler Last occurred: 43 days ago Reported: 405 days ago Branches: Mainline and others Dashboard link: https://syzkaller.appspot.com/bug?id=d5222b3e1659e0aea19df562c79f216515740daa Original thread: https://lkml.kernel.org/lkml/000000000000af6530056e863794@google.com/T/#u This bug has a C reproducer. The original thread for this bug received 6 replies; the last was 42 days ago. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+e5579222b6a3edd96522@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/000000000000af6530056e863794@google.com -------------------------------------------------------------------------------- Title: KASAN: use-after-free Read in __list_del_entry_valid (4) Last occurred: 478 days ago Reported: 485 days ago Branches: Mainline Dashboard link: https://syzkaller.appspot.com/bug?id=56b60fb3340c5995373fe5b8eae9e8722a012fc4 Original thread: https://lkml.kernel.org/lkml/001a1141551246502d056845782e@google.com/T/#u This bug has a C reproducer. The original thread for this bug received 6 replies; the last was 334 days ago. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+29ee8f76017ce6cf03da@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/001a1141551246502d056845782e@google.com -------------------------------------------------------------------------------- Title: KASAN: use-after-free Read in addr_resolve Last occurred: 26 days ago Reported: 123 days ago Branches: Mainline Dashboard link: https://syzkaller.appspot.com/bug?id=07328fd3299fadf7005c46651d2ff50c1cd4e1dd Original thread: https://lkml.kernel.org/lkml/0000000000006d637a0584aa6520@google.com/T/#u Unfortunately, this bug does not have a reproducer. No one replied to the original thread for this bug. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+bd034f3fdc0402e942ed@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/0000000000006d637a0584aa6520@google.com -------------------------------------------------------------------------------- Title: KASAN: use-after-free Read in cma_cancel_operation Last occurred: 136 days ago Reported: 476 days ago Branches: Mainline and others Dashboard link: https://syzkaller.appspot.com/bug?id=95f89b8fb9fdc42e28ad586e657fea074e4e719b Original thread: https://lkml.kernel.org/lkml/94eb2c054604ad40010568e8ea21@google.com/T/#u This bug has a C reproducer. The original thread for this bug received 4 replies; the last was 153 days ago. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+6956235342b7317ec564@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/94eb2c054604ad40010568e8ea21@google.com -------------------------------------------------------------------------------- Title: KASAN: use-after-free Read in addr_handler Last occurred: 154 days ago Reported: 222 days ago Branches: Mainline and others Dashboard link: https://syzkaller.appspot.com/bug?id=a9796acbdecc1b2ba927578917755899c63c48af Original thread: https://lkml.kernel.org/lkml/00000000000055ee31057ce8f277@google.com/T/#u This bug has a syzkaller reproducer only. syzbot has bisected this bug, but I think the bisection result is incorrect. The original thread for this bug received 2 replies; the last was 119 days ago. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+b358909d8d01556b790b@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/00000000000055ee31057ce8f277@google.com -------------------------------------------------------------------------------- Title: BUG: corrupted list in rdma_listen Last occurred: 134 days ago Reported: 460 days ago Branches: Mainline and others Dashboard link: https://syzkaller.appspot.com/bug?id=25e00dd59f31783f233185cb60064b0ab645310f Original thread: https://lkml.kernel.org/lkml/000000000000a366e2056a35c6fd@google.com/T/#u This bug has a C reproducer. No one replied to the original thread for this bug. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+8458d13b13562abf6b77@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/000000000000a366e2056a35c6fd@google.com -------------------------------------------------------------------------------- Title: general protection fault in rdma_listen (2) Last occurred: 110 days ago Reported: 258 days ago Branches: Mainline and others Dashboard link: https://syzkaller.appspot.com/bug?id=38d36d1b26b4299bf964d50af4d79688d39ab960 Original thread: https://lkml.kernel.org/lkml/000000000000396c09057a17b6fd@google.com/T/#u This bug has a syzkaller reproducer only. The original thread for this bug received 2 replies; the last was 105 days ago. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+6b46b135602a3f3ac99e@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/000000000000396c09057a17b6fd@google.com -------------------------------------------------------------------------------- Title: KASAN: slab-out-of-bounds Read in rdma_listen Last occurred: 147 days ago Reported: 337 days ago Branches: Mainline and others Dashboard link: https://syzkaller.appspot.com/bug?id=fc5df2d4d88353572496fcf9caf8a9c7bdc034c3 Original thread: https://lkml.kernel.org/lkml/0000000000001de4b70573d62017@google.com/T/#u Unfortunately, this bug does not have a reproducer. No one replied to the original thread for this bug. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+c92378b32760a4eef756@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/0000000000001de4b70573d62017@google.com -------------------------------------------------------------------------------- Title: KASAN: use-after-free Read in rdma_bind_addr Last occurred: 111 days ago Reported: 111 days ago Branches: linux-next Dashboard link: https://syzkaller.appspot.com/bug?id=ecb19d20c6748a78058dac77ad17468c4e6733c4 Original thread: https://lkml.kernel.org/lkml/000000000000ebb6bc05859ac2cf@google.com/T/#u Unfortunately, this bug does not have a reproducer. No one replied to the original thread for this bug. If you fix this bug, please add the following tag to the commit: Reported-by: syzbot+68b44a1597636e0b342c@syzkaller.appspotmail.com If you send any email or patch for this bug, please consider replying to the original thread. For the git send-email command to use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply instructions" at https://lkml.kernel.org/r/000000000000ebb6bc05859ac2cf@google.com