Re: WARNING: suspicious RCU usage (3)

From: Eric Biggers
Date: Wed Nov 29 2017 - 00:06:15 EST

Next message: Jason Wang: "Re: [PATCH net,stable] vhost: fix skb leak in handle_rx()"
Previous message: Archit Taneja: "Re: [RFC][PATCH] drm: adv7511/33: Fix adv7511_cec_init() failure handling"
In reply to: Paul E. McKenney: "Re: WARNING: suspicious RCU usage (3)"
Next in thread: Eric Biggers: "Re: WARNING: suspicious RCU usage (3)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Nov 28, 2017 at 01:30:26PM -0800, Andrew Morton wrote:
>
> It looks like blkcipher_walk_done() passed a bad address to kfree().
>

Indeed, it's freeing uninitialized memory because the Salsa20 algorithms are
using the blkcipher_walk API incorrectly. I've sent a patch to fix it:

"crypto: salsa20 - fix blkcipher_walk API usage"

I am not sure why the bug reports show up as "suspicious RCU usage", though.

There were also a few other syzbot reports of this same underlying bug; I marked
them as duplicates of this one.

Eric

Next message: Jason Wang: "Re: [PATCH net,stable] vhost: fix skb leak in handle_rx()"
Previous message: Archit Taneja: "Re: [RFC][PATCH] drm: adv7511/33: Fix adv7511_cec_init() failure handling"
In reply to: Paul E. McKenney: "Re: WARNING: suspicious RCU usage (3)"
Next in thread: Eric Biggers: "Re: WARNING: suspicious RCU usage (3)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]