On Sun, Apr 8, 2018 at 5:31 PM, Stephan Müller <smueller@xxxxxxxxxx> wrote: > Am Sonntag, 8. April 2018, 13:18:06 CEST schrieb Dmitry Vyukov: > > Hi Dmitry, > >> >> Running syz-repro utility on this log, I think I've found the guilty guy: >> https://gist.githubusercontent.com/dvyukov/1dd75d55efd238e7207af1cc38478b3a/ >> raw/403859b56b161a6fbb158e8953fac5bb6e73b1a1/gistfile1.txt >> > > I am unable to reproduce it with the code. I am using the current > cryptodev-2.6 tree with kazan enabled. Could you please give me your kernel > config or a pointer of the used tree? Hi, Here is config and kernel commit: https://groups.google.com/d/msg/syzkaller-bugs/PINYyzoaG1s/ntZPOZdcCAAJ You can also find compiler and image here if necessary: https://github.com/google/syzkaller/blob/master/docs/syzbot.md And note that the program needs to be compiled with -m32. The bugs is probably not-compat specific, but the program injects fault into a particular malloc invocation and maybe malloc numbering is affected by compat path. >> It crashes as: >> BUG: KASAN: use-after-free in drbg_kcapi_seed+0x1178/0x12e0 >> and: >> BUG: unable to handle kernel paging request at ffffebe000000020 >> and with other indications of badly corrupted heap. >> >> This points to crypto/drbg.c, so +crypto maintainers. > > > Ciao > Stephan > > > -- > You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group. > To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@xxxxxxxxxxxxxxxx. > To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/4564679.HlOejCIXXz%40positron.chronox.de. > For more options, visit https://groups.google.com/d/optout.