WARNING in hrtimer_init
7 views
Skip to first unread message
syzbot
May 7, 2019, 9:27:09 PM5/7/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: a2952dea ANDROID: cuttlefish 4.9: enable CONFIG_CRYPTO_AES..
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=102a79d0a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=be2d85214b76e4ae
dashboard link: https://syzkaller.appspot.com/bug?extid=1a285e2fec96a54baecb
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12fe82aca00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16597812a00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+1a285e...@syzkaller.appspotmail.com
random: crng init done
audit: type=1400 audit(1557276574.551:5): avc: denied { wake_alarm } for
pid=2056 comm="syz-executor394" capability=35
scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2
permissive=1
ODEBUG: object 0000000000905559 is on stack 00000000806603e1, but NOT
annotated.
------------[ cut here ]------------
WARNING: CPU: 0 PID: 2056 at lib/debugobjects.c:303
debug_object_is_on_stack lib/debugobjects.c:303 [inline]
WARNING: CPU: 0 PID: 2056 at lib/debugobjects.c:303
__debug_object_init.cold+0x6b/0x2fd lib/debugobjects.c:329
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 2056 Comm: syz-executor394 Not tainted 4.9.173 #1
ffff8801ce427a58 ffffffff81b4fc11 0000000000000000 ffffffff82a39c20
00000000ffffffff 0000000000000000 0000000000000009 ffff8801ce427b38
ffffffff813f970a 0000000041b58ab3 ffffffff82e2f182 ffffffff813f9531
Call Trace:
[<000000008a640a00>] __dump_stack lib/dump_stack.c:15 [inline]
[<000000008a640a00>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
[<0000000066e450cf>] panic+0x1d9/0x3bd kernel/panic.c:180
[<000000007ef0fe15>] __warn.cold+0x2f/0x2f kernel/panic.c:546
[<0000000018241342>] warn_slowpath_null+0x2d/0x40 kernel/panic.c:589
[<00000000fb347da7>] debug_object_is_on_stack lib/debugobjects.c:303
[inline]
[<00000000fb347da7>] __debug_object_init.cold+0x6b/0x2fd
lib/debugobjects.c:329
[<00000000d7fe7486>] debug_object_init+0x16/0x20 lib/debugobjects.c:366
[<00000000f6e2e2ec>] debug_hrtimer_init kernel/time/hrtimer.c:393 [inline]
[<00000000f6e2e2ec>] debug_init kernel/time/hrtimer.c:438 [inline]
[<00000000f6e2e2ec>] hrtimer_init+0x2a/0x2f0 kernel/time/hrtimer.c:1165
[<00000000318105c5>] alarm_init kernel/time/alarmtimer.c:321 [inline]
[<00000000318105c5>] alarm_timer_nsleep+0x160/0x4e0
kernel/time/alarmtimer.c:783
[<00000000a6ceff5d>] SYSC_clock_nanosleep kernel/time/posix-timers.c:1128
[inline]
[<00000000a6ceff5d>] SyS_clock_nanosleep+0x1be/0x280
kernel/time/posix-timers.c:1110
[<0000000048c9ec76>] do_syscall_64+0x1ad/0x570 arch/x86/entry/common.c:285
[<00000000c41eaa12>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: a2952dea ANDROID: cuttlefish 4.9: enable CONFIG_CRYPTO_AES..
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=102a79d0a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=be2d85214b76e4ae
dashboard link: https://syzkaller.appspot.com/bug?extid=1a285e2fec96a54baecb
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12fe82aca00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16597812a00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+1a285e...@syzkaller.appspotmail.com
random: crng init done
audit: type=1400 audit(1557276574.551:5): avc: denied { wake_alarm } for
pid=2056 comm="syz-executor394" capability=35
scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2
permissive=1
ODEBUG: object 0000000000905559 is on stack 00000000806603e1, but NOT
annotated.
------------[ cut here ]------------
WARNING: CPU: 0 PID: 2056 at lib/debugobjects.c:303
debug_object_is_on_stack lib/debugobjects.c:303 [inline]
WARNING: CPU: 0 PID: 2056 at lib/debugobjects.c:303
__debug_object_init.cold+0x6b/0x2fd lib/debugobjects.c:329
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 2056 Comm: syz-executor394 Not tainted 4.9.173 #1
ffff8801ce427a58 ffffffff81b4fc11 0000000000000000 ffffffff82a39c20
00000000ffffffff 0000000000000000 0000000000000009 ffff8801ce427b38
ffffffff813f970a 0000000041b58ab3 ffffffff82e2f182 ffffffff813f9531
Call Trace:
[<000000008a640a00>] __dump_stack lib/dump_stack.c:15 [inline]
[<000000008a640a00>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
[<0000000066e450cf>] panic+0x1d9/0x3bd kernel/panic.c:180
[<000000007ef0fe15>] __warn.cold+0x2f/0x2f kernel/panic.c:546
[<0000000018241342>] warn_slowpath_null+0x2d/0x40 kernel/panic.c:589
[<00000000fb347da7>] debug_object_is_on_stack lib/debugobjects.c:303
[inline]
[<00000000fb347da7>] __debug_object_init.cold+0x6b/0x2fd
lib/debugobjects.c:329
[<00000000d7fe7486>] debug_object_init+0x16/0x20 lib/debugobjects.c:366
[<00000000f6e2e2ec>] debug_hrtimer_init kernel/time/hrtimer.c:393 [inline]
[<00000000f6e2e2ec>] debug_init kernel/time/hrtimer.c:438 [inline]
[<00000000f6e2e2ec>] hrtimer_init+0x2a/0x2f0 kernel/time/hrtimer.c:1165
[<00000000318105c5>] alarm_init kernel/time/alarmtimer.c:321 [inline]
[<00000000318105c5>] alarm_timer_nsleep+0x160/0x4e0
kernel/time/alarmtimer.c:783
[<00000000a6ceff5d>] SYSC_clock_nanosleep kernel/time/posix-timers.c:1128
[inline]
[<00000000a6ceff5d>] SyS_clock_nanosleep+0x1be/0x280
kernel/time/posix-timers.c:1110
[<0000000048c9ec76>] do_syscall_64+0x1ad/0x570 arch/x86/entry/common.c:285
[<00000000c41eaa12>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
Reply all
Reply to author
Forward
0 new messages