Hello,
syzbot found the following crash on:
HEAD commit: 174651bd Linux 4.19.87
git tree: linux-4.19.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=104b4f12e00000
kernel config:
https://syzkaller.appspot.com/x/.config?x=d306897dc6e131b7
dashboard link:
https://syzkaller.appspot.com/bug?extid=b8d8702856cf4c98144f
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro:
https://syzkaller.appspot.com/x/repro.syz?x=123b63f2e00000
C reproducer:
https://syzkaller.appspot.com/x/repro.c?x=12ef28a6e00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by:
syzbot+b8d870...@syzkaller.appspotmail.com
audit: type=1400 audit(1575318511.742:36): avc: denied { map } for
pid=7721 comm="syz-executor178" path="/root/syz-executor178939741"
dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
divide error: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 2678 Comm: kworker/0:2 Not tainted 4.19.87-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Workqueue: events console_callback
RIP: 0010:fbcon_update_softback drivers/video/fbdev/core/fbcon.c:360
[inline]
RIP: 0010:fbcon_switch+0x20d/0x1a40 drivers/video/fbdev/core/fbcon.c:2214
Code: 47 e9 07 4c 89 3d 53 47 e9 07 38 d0 7c 08 84 d2 0f 85 3b 16 00 00 41
8b 9d 3c 03 00 00 31 d2 bf 05 00 00 00 8b 05 73 c1 bc 05 <f7> f3 41 89 c4
89 c6 e8 a7 84 e9 fd 41 83 fc 05 0f 8e a6 0d 00 00
RSP: 0018:ffff88809fa879d8 EFLAGS: 00010246
RAX: 0000000000008000 RBX: 0000000000000000 RCX: ffffffff83819094
RDX: 0000000000000000 RSI: ffffffff838190a2 RDI: 0000000000000005
RBP: ffff88809fa87b68 R08: ffff88809fa902c0 R09: fffffbfff139874c
R10: fffffbfff139874b R11: ffffffff89cc3a5f R12: 0000000000000000
R13: ffff8880952ca900 R14: ffff88821976eec0 R15: ffff888219780040
FS: 0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f899bd5c000 CR3: 00000000a4205000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
redraw_screen+0x37d/0x8e0 drivers/tty/vt/vt.c:997
complete_change_console+0x105/0x3a0 drivers/tty/vt/vt_ioctl.c:1277
change_console+0x19b/0x2c0 drivers/tty/vt/vt_ioctl.c:1402
console_callback+0x3a1/0x400 drivers/tty/vt/vt.c:2800
process_one_work+0x989/0x1750 kernel/workqueue.c:2153
worker_thread+0x98/0xe40 kernel/workqueue.c:2296
kthread+0x354/0x420 kernel/kthread.c:246
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Modules linked in:
---[ end trace c2aa70597b96deec ]---
RIP: 0010:fbcon_update_softback drivers/video/fbdev/core/fbcon.c:360
[inline]
RIP: 0010:fbcon_switch+0x20d/0x1a40 drivers/video/fbdev/core/fbcon.c:2214
Code: 47 e9 07 4c 89 3d 53 47 e9 07 38 d0 7c 08 84 d2 0f 85 3b 16 00 00 41
8b 9d 3c 03 00 00 31 d2 bf 05 00 00 00 8b 05 73 c1 bc 05 <f7> f3 41 89 c4
89 c6 e8 a7 84 e9 fd 41 83 fc 05 0f 8e a6 0d 00 00
RSP: 0018:ffff88809fa879d8 EFLAGS: 00010246
RAX: 0000000000008000 RBX: 0000000000000000 RCX: ffffffff83819094
RDX: 0000000000000000 RSI: ffffffff838190a2 RDI: 0000000000000005
RBP: ffff88809fa87b68 R08: ffff88809fa902c0 R09: fffffbfff139874c
R10: fffffbfff139874b R11: ffffffff89cc3a5f R12: 0000000000000000
R13: ffff8880952ca900 R14: ffff88821976eec0 R15: ffff888219780040
FS: 0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f899bd5c000 CR3: 00000000a4205000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
---
This bug is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches