lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 26 Jul 2022 22:14:50 +0800
From:   Wei Chen <harperchen1110@...il.com>
To:     efremov@...ux.com, axboe@...nel.dk, linux-block@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: WARNING in floppy_shutdown

Dear Linux Developer,

Recently when using our tool to fuzz kernel, the following crash was triggered:

HEAD commit: 03c765b0e3b4 Linux 5.19-rc4
git tree: upstream
compiler: clang 12.0.0
console output:
https://drive.google.com/file/d/1o65iMAXWvfzQ34k_uGOn-sSvmxHi5CNP/view?usp=sharing
Syzlang reproducer:
https://drive.google.com/file/d/1pFy1YcRtfmZKA540VjsLlb0xnN79rOV4/view?usp=sharing
C reproducer: https://drive.google.com/file/d/1fAwKZ6WIt-RdPMS57Kxhq2eBBZ1hzeZO/view?usp=sharing
kernel config: https://drive.google.com/file/d/1lNGU17X6Ui1NDLE4XCRu3I6f9lzhCBcH/view?usp=sharing

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: Wei Chen <harperchen1110@...il.com>

floppy driver state
-------------------
now=4294986375 last interrupt=4294975340 diff=11035 last called
handler=seek_interrupt
timeout_message=lock fdc
last output bytes:
1a 90 4294975340
 0 90 4294975340
 3 80 4294975340
d1 90 4294975340
10 90 4294975340
 7 80 4294975340
 8 80 4294975340
 0 90 4294975340
 f 80 4294975340
 0 90 4294975340
 8 80 4294975340
 1 90 4294975340
 4 80 4294975343
 0 90 4294975343
 4 80 4294981723
 0 90 4294981723
 4 80 4294981723
 0 90 4294981723
 4 80 4294981726
 0 90 4294981726
last result at 4294981727
last redo_fd_request at 4294981727
status=80
fdc_busy=1
cont=0000000000000000
current_req=0000000000000000
command_status=-1

floppy0: floppy timeout called
no cont in shutdown!
------------[ cut here ]------------
WARNING: CPU: 0 PID: 16304 at drivers/block/floppy.c:999
floppy_shutdown+0x2ec/0x310
Modules linked in:
CPU: 0 PID: 16304 Comm: kworker/u2:8 Not tainted 5.19.0-rc4+ #26
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.13.0-1ubuntu1.1 04/01/2014
Workqueue: floppy floppy_shutdown
RIP: 0010:floppy_shutdown+0x2ec/0x310
Code: aa ae 4a 0c 48 c7 c7 c0 45 77 8b 48 c7 c2 eb d6 dc 8c 48 c7 c1
60 47 77 8b 31 c0 e8 91 b8 6d 05 e9 32 ff ff ff e8 44 66 78 fc <0f> 0b
eb 9d 89 d9 80 e1 07 38 c1 0f 8c 32 fe ff ff 48 89 df e8 3b
RSP: 0018:ffffc9000aa1fc48 EFLAGS: 00010293
RAX: ffffffff85115b9c RBX: 0000000000000001 RCX: ffff88801ef54880
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: dffffc0000000000 R08: ffffffff85115b33 R09: fffffbfff1b5b2e5
R10: fffffbfff1b5b2e5 R11: 0000000000000000 R12: dffffc0000000000
R13: ffff8880162fec08 R14: ffffffff8dad95e0 R15: 1ffff11003d010c3
FS:  0000000000000000(0000) GS:ffff888063c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055ff43183fe8 CR3: 000000001f642000 CR4: 0000000000752ef0
DR0: 0000000000000003 DR1: 0000000000000000 DR2: 0000000000000005
DR3: 0000000000000006 DR6: 00000000fffe0ff0 DR7: 0000000000000400
PKRU: 55555554
Call Trace:
 <TASK>
 process_one_work+0x88d/0x1250
 worker_thread+0xaf5/0x13b0
 kthread+0x27a/0x310
 ret_from_fork+0x1f/0x30
 </TASK>

Best,
Wei

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ