Hello,
syzbot found the following crash on:
HEAD commit: 0df021b2 Linux 4.19.47
git tree: linux-4.19.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=1460020ea00000
kernel config:
https://syzkaller.appspot.com/x/.config?x=82c2df0ca70e1122
dashboard link:
https://syzkaller.appspot.com/bug?extid=a3c1df6f7d6d42b5056c
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by:
syzbot+a3c1df...@syzkaller.appspotmail.com
output: 0x0000000001000000
output_len: 0x0000000008b56a48
kernel_total_size: 0x000000000a026000
trampoline_32bit: 0x000000000009d000
Decompressing Linux... Parsing ELF... done.
Booting the kernel.
INIT: version 2.88 booting
[ [36minfo [39;49m] Using makefile-style concurrent boot in runlevel S.
[....] Starting the hotplug events dispatcher: udevd[ 11.311884]
udevd[3595]: starting version 175
[?25l [?1c 7 [1G[ [32m ok [39;49m 8 [?25h [?0c.
[....] Synthesizing the initial hotplug events...[ 11.663332] modprobe
(3626) used greatest stack depth: 25064 bytes left
[?25l [?1c 7 [1G[ [32m ok [39;49m 8 [?25h [?0cdone.
[....] Waiting for /dev to be fully populated...udevd[3908]:
rename '/dev/v4l/by-path/platform-vivid.0-video-index2.udev-tmp' '/dev/v4l/by-path/platform-vivid.0-video-index2'
failed: No such file or directory
udevd[3910]:
rename '/dev/v4l/by-path/platform-vivid.0-video-index2.udev-tmp' '/dev/v4l/by-path/platform-vivid.0-video-index2'
failed: No such file or directory
udevd[3645]:
rename '/dev/v4l/by-path/platform-vivid.0-video-index1.udev-tmp' '/dev/v4l/by-path/platform-vivid.0-video-index1'
failed: No such file or directory
udevd[3664]:
rename '/dev/v4l/by-path/platform-vivid.0-video-index1.udev-tmp' '/dev/v4l/by-path/platform-vivid.0-video-index1'
failed: No such file or directory
[?25l [?1c 7 [1G[ [32m ok [39;49m 8 [?25h [?0cdone.
[....] Activating swap... [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0cdone.
[....] Creating compatibility symlink from /etc/mtab to
/proc/mounts. ... [?25l [?1c 7 [1G[ [33mwarn [39;49m 8 [?25h [?0c
[33m(warning). [39;49m
[....] Cleaning up temporary files...[ 28.059144] find (5076) used
greatest stack depth: 25048 bytes left
/tmp [?25l [?1c 7 [1G[ [32m ok [39;49m 8 [?25h [?0c.
[....] Activating lvm and md swap... [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0cdone.
[....] Checking file systems...fsck from util-linux 2.20.1
[?25l [?1c 7 [1G[ [32m ok [39;49m 8 [?25h [?0cdone.
[....] Mounting local filesystems... [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0cdone.
[....] Activating swapfile swap... [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0cdone.
[....] Cleaning up temporary files... [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0c.
[....] Setting kernel variables ... [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0cdone.
[....] Configuring network interfaces...[ 36.388111] ip (7165) used
greatest stack depth: 22640 bytes left
Internet Systems Consortium DHCP Client 4.2.2
Copyright 2004-2011 Internet Systems Consortium.
All rights reserved.
For info, please visit
https://www.isc.org/software/dhcp/
Listening on LPF/eth0/42:01:0a:80:01:31
Sending on LPF/eth0/42:01:0a:80:01:31
Sending on Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on eth0 to 255.255.255.255 port 67
DHCPOFFER from 169.254.169.254
DHCPACK from 169.254.169.254
bound to 10.128.1.49 -- renewal in 41654 seconds.
[?25l [?1c 7 [1G[ [32m ok [39;49m 8 [?25h [?0cdone.
[....] Cleaning up temporary files... [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0c.
INIT: Entering runlevel: 2
[ [36minfo [39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[ 38.615467]
kauditd_printk_skb: 4 callbacks suppressed
[?25l [?1c 7 [1G[ [32m ok [39;49m 8 [?25h [?0c.
[....] Starting periodic command scheduler: cron [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0c.
Starting mcstransd:
[....] Starting file context maintaining daemon:
restorecond [?25l [?1c 7 [1G[ [32m ok [39;49m 8 [?25h [?0c.
[....] Starting OpenBSD Secure Shell server: sshd [?25l [?1c 7 [1G[ [32m ok
[39;49m 8 [?25h [?0c.
Debian GNU/Linux 7 syzkaller ttyS0
20:28:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0,
0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0,
0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff,
0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
dup2(r0, r2)
dup2(r2, r1)
20:28:29 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x80001000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
syz_execute_func(&(0x7f00000001c0)="f2af91930f0124eda133fa20430fbafce842f66188d0d4430fc7f314c1ab5bf9e2f9660f3a0fae5e090000ba023c1fb63ac4817d73d74ec482310d46f449f216c863fa438036a91bdbae95aaaa420f383c02c401405c6bfd49d768d768f833fefbab6464660f38323c8f26dbc1a1fe5ff6f6df0804f4c4efa59c0f01c4288ba6452e000054c4431d5cc100")
20:28:29 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x80001000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0,
&(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0a0000003101000000000000000000002b010071743afb0002d9f133c0616c072a20139b9ac715e5c07c0227c829273502eb42cd800df39022e15b9479a6d9515e8beef32dc3fabf1cc4adf791c35d7b9cefda70a90532b371c01c50d9abf9ded461f8319a48bd42008752f1e5b2ccbbc331f3ca01fb8628e59c96f717025bfdf19d6e84829c0f852e5e3cc1c45e7e052f5d943f5bfeeb22320a261fd07f86bc9832852060aa92d7b2005807b4fbd8cfd77942e14ae4e8a990bb4ce7f466aabd0400e133a9462f854753bb2ff779e1de785d7a341549d967739166cacab0413f99ad32fc90166a40566a10776fa7a750701c40ce05bbca9f6c29f0064e4f6ab21a71abcae34042257956be0b061ecbd7c8961fb29584694b909da1296e22388eb80a02cfad60896f173d872e9d9ddd72619beb32f92f0c990c747c2124"],
0x13d}}, 0x0)
syz_execute_func(&(0x7f0000000100)="40ddb80000000091930f0124eda133fa20430fbafce842f66188d0d4430fc7f314c1ab5bf9e2f9660f3a0fae5e090000ba023c1fb63ac4817d73d74ec482310d46f449f216c863fa438036a900fbab7bab7baaaa420f383c02c401405c6bfd49d768d768f833fefbab6464660f38323c8f26dbc1a1fe5ff6f6df0804f4c4efa59c0f01c4288ba6452e000054c4431d5cc100")
---
This bug is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.