kernel panic: stack-protector: Kernel stack is corrupted in: ADDR
7 views
Skip to first unread message
syzbot
Apr 11, 2019, 8:00:52 PM4/11/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: d63fdf61 Merge 4.4.120 into android-4.4
git tree: android-4.4
console output: https://syzkaller.appspot.com/x/log.txt?x=1017ac93800000
kernel config: https://syzkaller.appspot.com/x/.config?x=b36b3c05dfb8e06d
dashboard link: https://syzkaller.appspot.com/bug?extid=e28c34a4748dc9113397
compiler: gcc (GCC) 7.1.1 20170620
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=177f9533800000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14004973800000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+e28c34...@syzkaller.appspotmail.com
random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy
available)
random: sshd: uninitialized urandom read (32 bytes read, 114 bits of
entropy available)
random: sshd: uninitialized urandom read (32 bytes read, 124 bits of
entropy available)
random: nonblocking pool is initialized
Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in:
ffffffff8330612a
CPU: 1 PID: 3746 Comm: syzkaller074220 Not tainted 4.4.120-gd63fdf6 #28
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
0000000000000000 a7fdacd8bb5dd201 ffff8801c84d7658 ffffffff81d0408d
ffffffff83843960 ffff8801c84d7730 00000000000005b4 ffff8801cd14a464
0000000000000040 ffff8801c84d7720 ffffffff8141ab2a 0000000041b58ab3
Call Trace:
[<ffffffff81d0408d>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81d0408d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
[<ffffffff8141ab2a>] panic+0x1aa/0x388 kernel/panic.c:112
[<ffffffff8112d4a2>] __stack_chk_fail+0x22/0x30 kernel/panic.c:506
[<ffffffff8330612a>] ip6_xmit+0x16ba/0x1a70 net/ipv6/ip6_output.c:256
[<ffffffff833c70f6>] inet6_csk_xmit+0x246/0x480
net/ipv6/inet6_connection_sock.c:176
[<ffffffff83459bef>] l2tp_xmit_core net/l2tp/l2tp_core.c:1084 [inline]
[<ffffffff83459bef>] l2tp_xmit_skb+0xc2f/0xea0 net/l2tp/l2tp_core.c:1179
[<ffffffff834666d4>] pppol2tp_sendmsg+0x584/0x7f0 net/l2tp/l2tp_ppp.c:355
[<ffffffff82deba6a>] sock_sendmsg_nosec net/socket.c:625 [inline]
[<ffffffff82deba6a>] sock_sendmsg+0xca/0x110 net/socket.c:635
[<ffffffff82ded641>] ___sys_sendmsg+0x6c1/0x7c0 net/socket.c:1962
[<ffffffff82def693>] __sys_sendmsg+0xd3/0x190 net/socket.c:1996
[<ffffffff82def77d>] SYSC_sendmsg net/socket.c:2007 [inline]
[<ffffffff82def77d>] SyS_sendmsg+0x2d/0x50 net/socket.c:2003
[<ffffffff8377395f>] entry_SYSCALL_64_fastpath+0x1c/0x98
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: d63fdf61 Merge 4.4.120 into android-4.4
git tree: android-4.4
console output: https://syzkaller.appspot.com/x/log.txt?x=1017ac93800000
kernel config: https://syzkaller.appspot.com/x/.config?x=b36b3c05dfb8e06d
dashboard link: https://syzkaller.appspot.com/bug?extid=e28c34a4748dc9113397
compiler: gcc (GCC) 7.1.1 20170620
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=177f9533800000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14004973800000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+e28c34...@syzkaller.appspotmail.com
random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy
available)
random: sshd: uninitialized urandom read (32 bytes read, 114 bits of
entropy available)
random: sshd: uninitialized urandom read (32 bytes read, 124 bits of
entropy available)
random: nonblocking pool is initialized
Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in:
ffffffff8330612a
CPU: 1 PID: 3746 Comm: syzkaller074220 Not tainted 4.4.120-gd63fdf6 #28
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
0000000000000000 a7fdacd8bb5dd201 ffff8801c84d7658 ffffffff81d0408d
ffffffff83843960 ffff8801c84d7730 00000000000005b4 ffff8801cd14a464
0000000000000040 ffff8801c84d7720 ffffffff8141ab2a 0000000041b58ab3
Call Trace:
[<ffffffff81d0408d>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81d0408d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
[<ffffffff8141ab2a>] panic+0x1aa/0x388 kernel/panic.c:112
[<ffffffff8112d4a2>] __stack_chk_fail+0x22/0x30 kernel/panic.c:506
[<ffffffff8330612a>] ip6_xmit+0x16ba/0x1a70 net/ipv6/ip6_output.c:256
[<ffffffff833c70f6>] inet6_csk_xmit+0x246/0x480
net/ipv6/inet6_connection_sock.c:176
[<ffffffff83459bef>] l2tp_xmit_core net/l2tp/l2tp_core.c:1084 [inline]
[<ffffffff83459bef>] l2tp_xmit_skb+0xc2f/0xea0 net/l2tp/l2tp_core.c:1179
[<ffffffff834666d4>] pppol2tp_sendmsg+0x584/0x7f0 net/l2tp/l2tp_ppp.c:355
[<ffffffff82deba6a>] sock_sendmsg_nosec net/socket.c:625 [inline]
[<ffffffff82deba6a>] sock_sendmsg+0xca/0x110 net/socket.c:635
[<ffffffff82ded641>] ___sys_sendmsg+0x6c1/0x7c0 net/socket.c:1962
[<ffffffff82def693>] __sys_sendmsg+0xd3/0x190 net/socket.c:1996
[<ffffffff82def77d>] SYSC_sendmsg net/socket.c:2007 [inline]
[<ffffffff82def77d>] SyS_sendmsg+0x2d/0x50 net/socket.c:2003
[<ffffffff8377395f>] entry_SYSCALL_64_fastpath+0x1c/0x98
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
Reply all
Reply to author
Forward
0 new messages