On Thu, Apr 19, 2018 at 2:55 PM, Willem de Bruijn
wrote:
> On Thu, Apr 19, 2018 at 2:32 AM, DaeRyong Jeong wrote:
>> Hello.
>> We have analyzed the cause of the crash in v4.16-rc3, WARNING in
>> refcount_dec,
>> which is found by RaceFuzzer (a modified version of Syz
On Thu, Apr 19, 2018 at 2:32 AM, DaeRyong Jeong wrote:
> Hello.
> We have analyzed the cause of the crash in v4.16-rc3, WARNING in refcount_dec,
> which is found by RaceFuzzer (a modified version of Syzkaller).
>
> Since struct packet_sock's member variables, running, has_vne
Hello.
We have analyzed the cause of the crash in v4.16-rc3, WARNING in refcount_dec,
which is found by RaceFuzzer (a modified version of Syzkaller).
Since struct packet_sock's member variables, running, has_vnet_hdr, origdev
and auxdata are declared as bitfields, accessing these variable
No. Only the first crash (WARNING in refcount_dec) is reproduced by
the attached reproducer.
The second crash (kernel bug at af_packet.c:3107) is reproduced by
another reproducer.
We reported it here.
http://lkml.iu.edu/hypermail/linux/kernel/1803.3/05324.html
On Sun, Apr 1, 2018 at 4:38 PM
e8
>> 43 b3 c0 fd <0f> 0b e8 3c b3 c0 fd 48 8b bd 20 ff ff ff e8 60 1e e7 fd
>> 4c 89
>> [ 357.792260] RIP: packet_do_bind+0x88d/0x950 RSP: 8800b2787b08
>> [ 357.793698] ---[ end trace 0c5a2539f0247369 ]---
>> [ 357.794696] Kernel panic - not syncing: Fatal
c b3 c0 fd 48 8b bd 20 ff ff ff e8 60 1e e7 fd
> 4c 89
> [ 357.792260] RIP: packet_do_bind+0x88d/0x950 RSP: 8800b2787b08
> [ 357.793698] ---[ end trace 0c5a2539f0247369 ]---
> [ 357.794696] Kernel panic - not syncing: Fatal exception
> [ 357.795918] Kernel Offset: disabled
&
