On Sun, Feb 4, 2018 at 10:07 AM, Eric Biggers <ebigge...@gmail.com> wrote:
> On Thu, Feb 01, 2018 at 05:21:12PM +0100, 'Dmitry Vyukov' via syzkaller wrote:
>> On Thu, Feb 1, 2018 at 5:17 PM, Ben Hutchings
>> <ben.hutchi...@codethink.co.uk> wrote:
>> > On Th
On Thu, Feb 1, 2018 at 5:17 PM, Ben Hutchings
<ben.hutchi...@codethink.co.uk> wrote:
> On Thu, 2018-02-01 at 08:04 +0100, Dmitry Vyukov wrote:
>> On Thu, Feb 1, 2018 at 7:03 AM, Douglas Gilbert <dgilb...@interlog.com>
>> wrote:
>> > On 2018-01-30 07:22 AM, Dmit
On Thu, Feb 1, 2018 at 7:03 AM, Douglas Gilbert <dgilb...@interlog.com> wrote:
> On 2018-01-30 07:22 AM, Dmitry Vyukov wrote:
>>
>> Uh, I've answered this a week ago, but did not notice that Doug
>> dropped everybody from CC. Reporting to all.
>>
>> On Mon, J
On Mon, Jan 22, 2018 at 7:57 PM, Douglas Gilbert <dgilb...@interlog.com> wrote:
> On 2018-01-22 11:30 AM, Bart Van Assche wrote:
>>
>> On Mon, 2018-01-22 at 12:06 +0100, Dmitry Vyukov wrote:
>>>
>>> general protection fault: [#1] SMP KASAN
>
Hello,
The following program triggers assorted memory corruptions on 4.15-rc9:
// autogenerated by syzkaller (http://github.com/google/syzkaller)
#include
#include
#include
#include
#include
#define SG_NEXT_CMD_LEN 0x2283
int main()
{
int fd = open("/dev/sg0", O_RDWR);
long len = 9;
On Thu, Jan 11, 2018 at 7:04 AM, Douglas Gilbert <dgilb...@interlog.com> wrote:
> On 2018-01-09 11:05 AM, Dmitry Vyukov wrote:
>>
>> Hello,
>>
>> syzkaller has found the following memory leak:
>>
>> unreferenced object 0x88004c19 (size 8328):
Hello,
syzkaller has found the following memory leak:
unreferenced object 0x88004c19 (size 8328):
comm "syz-executor", pid 4627, jiffies 4294749150 (age 45.507s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
20 00 00 00 22 01 00
Hello,
The following program causes random assorted memory corruptions:
https://gist.githubusercontent.com/dvyukov/da3463af2d1ff8c7d3624891b5d7427f/raw/09cf0f4af529f4506f9e0a9fa6bdb066a8777b9d/gistfile1.txt
It does some ioctl's on /dev/sg0.
general protection fault: [#1] SMP KASAN
Modules
On Fri, Mar 17, 2017 at 12:48 AM, Martin K. Petersen
wrote:
> Peter Chang writes:
>
> Applied to 4.11/scsi-fixes.
>
> Thanks!
>
> --
> Martin K. Petersen Oracle Linux Engineering
Hi,
Can you point to the commit/tree? I don't see it here:
On Thu, Mar 2, 2017 at 7:29 PM, Peter Chang wrote:
> now that i think i've got gmail not marking everything as spam...
+syzkaller mailing list as this does not seem to appear anywhere on open web
From 93409c62db49d15105390315a685e54083029bee Mon Sep 17 00:00:00 2001
From: peter
, saving us to allocate pages per request.
>>> However, the 'reserved' array is only capable of holding one
>>> request, so we need to protect it against concurrent accesses.
>>>
>>> Cc: sta...@vger.kernel.org
>>> Reported-by: Dmitry Vyukov <dvy
On Tue, Jan 31, 2017 at 10:58 AM, Johannes Thumshirn wrote:
>
> [...]
>
>> Please-please-please, let's not use WARN for something that is not a
>> kernel bug and is user-triggerable. This makes it impossible to
>> automate kernel testing and requires hiring an army of people
Hello,
The following program triggers BUG in scsi_init_io:
kernel BUG at drivers/scsi/scsi_lib.c:1043!
invalid opcode: [#1] SMP KASAN
Modules linked in:
CPU: 0 PID: 2899 Comm: a.out Not tainted 4.10.0-rc5+ #201
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
On Tue, Dec 6, 2016 at 4:38 PM, Johannes Thumshirn <jthumsh...@suse.de> wrote:
> On Tue, Dec 06, 2016 at 10:43:57AM +0100, Dmitry Vyukov wrote:
>> On Tue, Dec 6, 2016 at 10:32 AM, Johannes Thumshirn <jthumsh...@suse.de>
>> wrote:
>> > On Mon, Dec 05, 201
On Tue, Dec 6, 2016 at 10:32 AM, Johannes Thumshirn wrote:
> On Mon, Dec 05, 2016 at 07:03:39PM +, Al Viro wrote:
>> On Mon, Dec 05, 2016 at 04:17:53PM +0100, Johannes Thumshirn wrote:
>> > 633 hp = >header;
>> > [...]
>> > 646 hp->dxferp = (char
On Sat, Dec 3, 2016 at 7:19 PM, Johannes Thumshirn <jthumsh...@suse.de> wrote:
> On Sat, Dec 03, 2016 at 04:22:39PM +0100, Dmitry Vyukov wrote:
>> On Sat, Dec 3, 2016 at 11:38 AM, Johannes Thumshirn <jthumsh...@suse.de>
>> wrote:
>> > On Fri, Dec 02, 2016 at 0
On Sat, Dec 3, 2016 at 11:38 AM, Johannes Thumshirn <jthumsh...@suse.de> wrote:
> On Fri, Dec 02, 2016 at 05:50:39PM +0100, Dmitry Vyukov wrote:
>> On Fri, Nov 25, 2016 at 8:08 PM, Dmitry Vyukov <dvyu...@google.com> wrote:
>
> [...]
>
>>
>> +David did s
On Fri, Nov 25, 2016 at 8:08 PM, Dmitry Vyukov <dvyu...@google.com> wrote:
> Hello,
>
> The following program triggers use-after-free in bio_copy_from_iter:
> https://gist.githubusercontent.com/dvyukov/80cd94b4e4c288f16ee4c787d404118b/raw/10536069562444da51b758bb39655b514ff9
Hello,
The following program triggers use-after-free in bio_copy_from_iter:
https://gist.githubusercontent.com/dvyukov/80cd94b4e4c288f16ee4c787d404118b/raw/10536069562444da51b758bb39655b514ff93b45/gistfile1.txt
==
BUG: KASAN:
Hello,
I am not sure whether there is some to fix or not, since it can be
triggered only by root. But still if I run the following program
several times in a row, whole machine becomes unusable for several
minutes (ssh, ps and pretty much everything hangs):
// autogenerated by syzkaller
On Fri, Jan 29, 2016 at 1:35 PM, Kirill A. Shutemov
wrote:
> From 691a961bb401c5815ed741dac63591efbc6027e3 Mon Sep 17 00:00:00 2001
> From: "Kirill A. Shutemov"
> Date: Fri, 29 Jan 2016 15:06:17 +0300
> Subject: [PATCH 2/2]
On Thu, Jan 28, 2016 at 12:40 PM, Kirill A. Shutemov
<kir...@shutemov.name> wrote:
> On Thu, Jan 28, 2016 at 11:55:14AM +0100, Dmitry Vyukov wrote:
>> On Thu, Jan 28, 2016 at 11:51 AM, Kirill A. Shutemov
>> <kir...@shutemov.name> wrote:
>> > On Thu, Jan 28, 201
Hello,
The following program triggers VM_BUG_ON_PAGE(PageTail(page)):
// autogenerated by syzkaller (http://github.com/google/syzkaller)
#include
#include
#include
#include
int main()
{
int fd;
mmap((void*)0x2000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1,
Hello,
The following program causes NULL deref in sg_start_req:
// autogenerated by syzkaller (http://github.com/google/syzkaller)
#include
#include
#include
#include
#include
#ifndef SYS_memfd_create
#define SYS_memfd_create 319
#endif
int main()
{
long r[26];
syscall(SYS_mmap,
worker_thread+0xb0/0x900 kernel/workqueue.c:2170
[] kthread+0x150/0x170 kernel/kthread.c:209
[] ret_from_fork+0x3f/0x70 arch/x86/entry/entry_64.S:529
The race is between:
if (q->kobj.sd) {
and:
kobj->sd = kn;
On Mon, Sep 21, 2015 at 11:58 AM, Dmitry Vyukov <dvyu...
k+0x688/0x760 block/genhd.c:619
[] sd_probe_async+0x298/0x370 drivers/scsi/sd.c:2896
[] async_run_entry_fn+0x7d/0x1e0 kernel/async.c:123
[] process_one_work+0x47e/0x930 kernel/workqueue.c:2036
[] worker_thread+0xb0/0x900 kernel/workqueue.c:2170
[] kthread+0x150/0x170 kernel/kthread.c:20
On Sun, Sep 22, 2013 at 9:39 AM, Tejun Heo t...@kernel.org wrote:
(cc'ing SCSI people)
On Wed, Sep 18, 2013 at 11:45:22AM -0700, Dmitry Vyukov wrote:
Hi!
I am working on AddressSanitizer -- a tool that detects use-after-free
and out-of-bounds bugs
(https://code.google.com/p/address
On Sun, Sep 22, 2013 at 11:24 AM, Dmitry Vyukov dvyu...@google.com wrote:
On Sun, Sep 22, 2013 at 9:39 AM, Tejun Heo t...@kernel.org wrote:
(cc'ing SCSI people)
On Wed, Sep 18, 2013 at 11:45:22AM -0700, Dmitry Vyukov wrote:
Hi!
I am working on AddressSanitizer -- a tool that detects use
On Sun, Sep 22, 2013 at 2:47 PM, Tejun Heo t...@kernel.org wrote:
Hello,
On Sun, Sep 22, 2013 at 11:59:53AM -0700, Dmitry Vyukov wrote:
I've noticed that free happens in scsi_error_handler thread, so maybe
a timeout or some other error condition is involved here.
It is possible that timeout
On Wed, Sep 4, 2013 at 6:32 PM, Alan Stern st...@rowland.harvard.edu wrote:
On Wed, 4 Sep 2013, Dmitry Vyukov wrote:
Hi,
We are working on a memory error detector AddressSanitizer for Linux
kernel
(https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel),
it can detect
Hi,
We are working on a memory error detector AddressSanitizer for Linux
kernel
(https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel),
it can detect use-after-free and buffer-overflow errors.
Here one of the reports from the tool:
[ 166.124485] ERROR: AddressSanitizer:
31 matches
Mail list logo