Hi,
We found the warning when fuzzing with Syzkaller on Linux 4-14-rc4.
illegal size (32776) or align (8) for percpu allocation
[ cut here ]
WARNING: CPU: 0 PID: 22596 at mm/percpu.c:1365 pcpu_alloc+0x140/0x10f0
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID
Hi,
We got the following error:
BUG: KASAN: use-after-free in move_expired_inodes+0xce6/0xdf0
Write of size 8 at addr 8800a3a36bf8 by task kworker/u8:0/5
while fuzzing with Syzkaller on 4.14-rc4 on x86_64. Included is the
trace of the crash along with the programs running around the time of
24 AM, Shankara Pailoor wrote:
> Hi,
>
> We got the following error:
>
> BUG: KASAN: use-after-free in move_expired_inodes+0xce6/0xdf0
> Write of size 8 at addr 8800a3a36bf8 by task kworker/u8:0/5
>
> while fuzzing with Syzkaller on 4.14-rc4 on x86_64. Included is the
> t
Hi,
We encountered the following warning when fuzzing with Syzkaller on
Linux 4.14-rc4. Syzkaller was able to isolate the sequence of calls
which caused the bug but couldn't create a C program that could
regularly trigger it.
Here are the logs from the reproducer attempts: https://pastebin.com/Q
Hi Dmitry,
I added support for kcov in strace and I have been tracing a fairly
large program but after a little while, I notice that when I mmap a
new cover buffer, the call fails with ENOMEM. After killing the
program, I try and rerun and I notice that there is nearly no memory
on the system. Whe
truct would get freed.
Regards,
Shankara
On Sat, Jan 20, 2018 at 4:38 AM, Dmitry Vyukov wrote:
> On Fri, Jan 19, 2018 at 8:29 PM, Shankara Pailoor wrote:
>> Hi Dmitry,
>>
>> I added support for kcov in strace and I have been tracing a fairly
>> large program but after a
Cache in task struct for performance. */
t->kcov_size = kcov->size;
t->kcov_area = kcov->area;
On Sat, Jan 20, 2018 at 7:06 AM, Dmitry Vyukov wrote:
> On Sat, Jan 20, 2018 at 4:01 PM, Shankara Pailoor wrote:
>> Hi Dmitry,
>>
>> I w
void main() {
int i;
for (i = 0; i < 4; i++)
kcov_setup();
sleep(10);
}
On Sun, Jan 21, 2018 at 1:11 AM, Shankara Pailoor wrote:
> Hi Dmitry,
>
> The leaks went away when I disabled and closed the old file
> descriptors before opening new ones.
>
> The
Hi,
Syzkaller found the following rcu stall report in Linux 4.15-rc1:
https://pastebin.com/NyZ9JdRv
The following C program reproduces it: https://pastebin.com/gqwDWWpA
Configs Here: https://pastebin.com/v6M3iKi1
Regards,
Shankara
= (uint8_t)0x0;
*(uint8_t*)0x28f5 = (uint8_t)0x0;
r[27] = syscall(__NR_connect, r[15], 0x28e6ul, 0x10ul);
}
int main()
{
int i; for (i = 0; i < 8; i++) {
if (fork() == 0) {
loop();
return 0;
}
}
sleep(100);
return 0;
}
Regards,
Shankara
On Wed, Jan 17, 2018 at 9:05 AM, Greg KH wrote:
>
Hi,
I am fuzzing Linux 4.17-rc4 with Syzkaller and found the below crash.
I don't have a reproducer but this crash happened twice.
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: [#1] SMP KASAN PTI
Dumping ftrace
Hi,
I am fuzzing Linux 4.17-rc4 with Syzkaller and found the below crash.
I don't have a reproducer but this crash happened twice.
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: [#1] SMP KASAN PTI
Dumping ftrace
Hi,
I found a warning while fuzzing with Syzkaller on linux 4.13-rc7 on
x86_64. The full stack trace is below:
WARNING: CPU: 2 PID: 4277 at lib/refcount.c:186
refcount_sub_and_test+0x167/0x1b0 lib/refcount.c:186
Kernel panic - not syncing: panic_on_warn set ...
CPU: 2 PID: 4277 Comm: syz-executo
Hi,
I am fuzzing linux 4.13-rc7 with XFS using syzkaller on x86_64 and I
found the following warning:
WARNING: CPU: 2 PID: 5391 at fs/iomap.c:993 iomap_dio_rw+0xc79/0xe70
fs/iomap.c:993
Kernel panic - not syncing: panic_on_warn set ...
CPU: 2 PID: 5391 Comm: syz-executor1 Not tainted 4.13.0-rc7
017-09-08 at 10:21 -0700, Cong Wang wrote:
>> > (Cc'ing netdev)
>> >
>> > On Fri, Sep 8, 2017 at 5:59 AM, Shankara Pailoor
>> > wrote:
>> > > Hi,
>> > >
>> > > I found a warning while fuzzing with Syzkaller on linux 4.13-
Hi,
I encountered this bug while fuzzing linux kernel 4.13-rc7 with syzkaller.
UBSAN: Undefined behaviour in ./include/linux/time.h:233:27
signed integer overflow:
8391720337152500783 * 10 cannot be represent
Hi,
I am hitting this bug when running the syzkaller fuzzer on kernel 4.13-rc7
Syzkaller hit 'UBSAN: Undefined behaviour in ./include/linux/log2.h:LINE' bug.
Guilty file: fs/pipe.c
Maintainers: []
UBSAN: Undefined behaviour in ./include/linux/log2.h:57:13
shift exponent 64 is too large for 64-
Hi,
I encountered this bug in kernel 4.13-rc7 while fuzzing with Syzkaller:
UBSAN: Undefined behaviour in ./arch/x86/include/asm/futex.h:53:13
shift exponent -1 is negative
CPU: 0 PID: 8469 Comm: syz-executor2 Not ta
Hi,
I am fuzzing the kernel 4.13-rc7 with Syzkaller with Reiserfs. I am
getting the following crash:
INFO: task kworker/0:3:1103 blocked for more than 120 seconds.
Here is the full stack trace. I noticed that there are a few tasks
holding a sbi->lock. Below are a report and a log of all the pro
/EaiE0JLf
Kernel Configs: https://pastebin.com/i6URdADw
Regards,
Shankara
On Fri, Sep 29, 2017 at 11:56 PM, Shankara Pailoor wrote:
> Hi,
>
> I am fuzzing the kernel 4.13-rc7 with Syzkaller with Reiserfs. I am
> getting the following crash:
>
> INFO: task kworker/0:3:1103 blocked
Hi,
I am fuzzing linux 4.13-rc7 and I got a report about a memory leak.
Here is the alloc stack:
2017/10/01 02:08:59 BUG: memory leak:
unreferenced object 0x880069cf0300 (size 312):
comm "syz-executor0", pid 3032, jiffies 4294722144 (age 10.773s)
hex dump (first 32 bytes):
01 00 00 00
21 matches
Mail list logo
