WARNING in md_ioctl
9 views
Skip to first unread message
syzbot
Apr 14, 2019, 4:51:29 AM4/14/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 71fce1ed UPSTREAM: tracing: always define trace_{irq,preem..
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=163df247800000
kernel config: https://syzkaller.appspot.com/x/.config?x=a54f56879744de40
dashboard link: https://syzkaller.appspot.com/bug?extid=76262f53d63b798ffbdc
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=137b86a7800000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12623a57800000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+76262f...@syzkaller.appspotmail.com
random: sshd: uninitialized urandom read (32 bytes read)
random: sshd: uninitialized urandom read (32 bytes read)
md: md0 stopped.
md: md0 stopped.
------------[ cut here ]------------
WARNING: CPU: 1 PID: 3807 at drivers/md/md.c:6847 md_ioctl+0x311d/0x5280
drivers/md/md.c:6847
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 3807 Comm: syz-executor174 Not tainted 4.9.96-g71fce1e #10
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
ffff8801d971f7b0 ffffffff81eb0b69 ffffffff83a484a0 00000000ffffffff
0000000000000000 0000000000000001 0000000000001abf ffff8801d971f870
ffffffff8141f975 0000000041b58ab3 ffffffff841b8030 ffffffff8141f7b6
Call Trace:
[<ffffffff81eb0b69>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81eb0b69>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff8141f975>] panic+0x1bf/0x3bc kernel/panic.c:179
[<ffffffff8141fc61>] __warn.cold.9+0xc1/0x17f kernel/panic.c:542
[<ffffffff8113461c>] warn_slowpath_null+0x2c/0x40 kernel/panic.c:585
[<ffffffff82c808bd>] md_ioctl+0x311d/0x5280 drivers/md/md.c:6847
[<ffffffff81e54766>] __blkdev_driver_ioctl block/ioctl.c:294 [inline]
[<ffffffff81e54766>] blkdev_ioctl+0x7b6/0x1a70 block/ioctl.c:590
[<ffffffff8163032e>] block_ioctl+0xde/0x120 fs/block_dev.c:1688
[<ffffffff815b051c>] vfs_ioctl fs/ioctl.c:43 [inline]
[<ffffffff815b051c>] file_ioctl fs/ioctl.c:493 [inline]
[<ffffffff815b051c>] do_vfs_ioctl+0x1ac/0x11a0 fs/ioctl.c:677
[<ffffffff815b159f>] SYSC_ioctl fs/ioctl.c:694 [inline]
[<ffffffff815b159f>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685
[<ffffffff81006316>] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282
[<ffffffff839f3313>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: 71fce1ed UPSTREAM: tracing: always define trace_{irq,preem..
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=163df247800000
kernel config: https://syzkaller.appspot.com/x/.config?x=a54f56879744de40
dashboard link: https://syzkaller.appspot.com/bug?extid=76262f53d63b798ffbdc
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=137b86a7800000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12623a57800000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+76262f...@syzkaller.appspotmail.com
random: sshd: uninitialized urandom read (32 bytes read)
random: sshd: uninitialized urandom read (32 bytes read)
md: md0 stopped.
md: md0 stopped.
------------[ cut here ]------------
WARNING: CPU: 1 PID: 3807 at drivers/md/md.c:6847 md_ioctl+0x311d/0x5280
drivers/md/md.c:6847
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 3807 Comm: syz-executor174 Not tainted 4.9.96-g71fce1e #10
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
ffff8801d971f7b0 ffffffff81eb0b69 ffffffff83a484a0 00000000ffffffff
0000000000000000 0000000000000001 0000000000001abf ffff8801d971f870
ffffffff8141f975 0000000041b58ab3 ffffffff841b8030 ffffffff8141f7b6
Call Trace:
[<ffffffff81eb0b69>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81eb0b69>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff8141f975>] panic+0x1bf/0x3bc kernel/panic.c:179
[<ffffffff8141fc61>] __warn.cold.9+0xc1/0x17f kernel/panic.c:542
[<ffffffff8113461c>] warn_slowpath_null+0x2c/0x40 kernel/panic.c:585
[<ffffffff82c808bd>] md_ioctl+0x311d/0x5280 drivers/md/md.c:6847
[<ffffffff81e54766>] __blkdev_driver_ioctl block/ioctl.c:294 [inline]
[<ffffffff81e54766>] blkdev_ioctl+0x7b6/0x1a70 block/ioctl.c:590
[<ffffffff8163032e>] block_ioctl+0xde/0x120 fs/block_dev.c:1688
[<ffffffff815b051c>] vfs_ioctl fs/ioctl.c:43 [inline]
[<ffffffff815b051c>] file_ioctl fs/ioctl.c:493 [inline]
[<ffffffff815b051c>] do_vfs_ioctl+0x1ac/0x11a0 fs/ioctl.c:677
[<ffffffff815b159f>] SYSC_ioctl fs/ioctl.c:694 [inline]
[<ffffffff815b159f>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685
[<ffffffff81006316>] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282
[<ffffffff839f3313>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
Reply all
Reply to author
Forward
0 new messages