Re: System crash with perf_fuzzer (kernel: 5.0.0-rc3)

From: Jiri Olsa
Date: Fri Feb 01 2019 - 12:38:22 EST

Next message: Jann Horn: "Re: [PATCH 4.19 095/103] bpf: prevent out of bounds speculation on pointer arithmetic"
Previous message: Daniel Vetter: "Re: [PATCH v6 1/5] staging/vboxvideo: prepare for drmP.h removal from drm_modeset_helper.h"
In reply to: Vince Weaver: "Re: System crash with perf_fuzzer (kernel: 5.0.0-rc3)"
Next in thread: Vince Weaver: "Re: System crash with perf_fuzzer (kernel: 5.0.0-rc3)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 01, 2019 at 11:27:28AM -0500, Vince Weaver wrote:
> On Fri, 1 Feb 2019, Jiri Olsa wrote:
>
> > with attached patch I did not trigger the fuzzer crash
> > for over a day now, could you guys try?
>
> I've just started fuzzing with the patch applied. Often it takes a few
> hours to trigger the bug.

cool, thanks

>
> Added question about this bug. It appeared that the crash was triggered
> by the BTS driver over-writing kernel memory. The data being written, was
> this user controllable? Meaning, is this a security issue being fixed, or
> just a crashing issue?

yea, I have an example that can trigger it immediately

jirka

Next message: Jann Horn: "Re: [PATCH 4.19 095/103] bpf: prevent out of bounds speculation on pointer arithmetic"
Previous message: Daniel Vetter: "Re: [PATCH v6 1/5] staging/vboxvideo: prepare for drmP.h removal from drm_modeset_helper.h"
In reply to: Vince Weaver: "Re: System crash with perf_fuzzer (kernel: 5.0.0-rc3)"
Next in thread: Vince Weaver: "Re: System crash with perf_fuzzer (kernel: 5.0.0-rc3)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]