| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Aug 2022 09:35:30 -0700
From: syzbot <syzbot+be4b95faeb7a9073bb88@...kaller.appspotmail.com>
To: gregkh@...uxfoundation.org, jirislaby@...nel.org,
linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: [syzbot] BUG: unable to handle kernel NULL pointer dereference in tty_ldisc_receive_buf
Hello,
syzbot found the following issue on:
HEAD commit: 1c23f9e627a7 Linux 6.0-rc2
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=177ac367080000
kernel config: https://syzkaller.appspot.com/x/.config?x=3045c937aad027f7
dashboard link: https://syzkaller.appspot.com/bug?extid=be4b95faeb7a9073bb88
compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1701758d080000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=17473aad080000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+be4b95faeb7a9073bb88@...kaller.appspotmail.com
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
Mem abort info:
ESR = 0x0000000086000006
EC = 0x21: IABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
user pgtable: 4k pages, 48-bit VAs, pgdp=000000010b44f000
[0000000000000000] pgd=080000010b5f3003, p4d=080000010b5f3003, pud=080000010b1ce003, pmd=0000000000000000
Internal error: Oops: 86000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 28 Comm: kworker/u4:1 Not tainted 6.0.0-rc2-syzkaller-16440-g1c23f9e627a7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/20/2022
Workqueue: events_unbound flush_to_ldisc
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : 0x0
lr : gsmld_receive_buf+0x140/0x214 drivers/tty/n_gsm.c:2861
sp : ffff80000f603c30
x29: ffff80000f603c40 x28: 0000000000000000 x27: 00000000000003d9
x26: 0000000000000000 x25: 0000000000000000 x24: ffff80000d937000
x23: ffff80000d681e40 x22: ffff0000c929b800 x21: 0000000000000000
x20: ffff80000c205988 x19: ffff0000c91cf446 x18: ffff80000d2dec40
x17: 0000000000000008 x16: 0000000000000000 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000004 x12: ffff80000d681e78
x11: ff808000098e7e04 x10: 0000000000000000 x9 : ffff8000098e7e04
x8 : 0000000000000000 x7 : ffff8000098dac3c x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 00000000000003da
x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000c929b800
Call trace:
0x0
tty_ldisc_receive_buf+0xb8/0xcc drivers/tty/tty_buffer.c:461
tty_port_default_receive_buf+0x54/0x8c drivers/tty/tty_port.c:39
receive_buf drivers/tty/tty_buffer.c:511 [inline]
flush_to_ldisc+0x150/0x358 drivers/tty/tty_buffer.c:561
process_one_work+0x2d8/0x504 kernel/workqueue.c:2289
worker_thread+0x340/0x610 kernel/workqueue.c:2436
kthread+0x12c/0x158 kernel/kthread.c:376
ret_from_fork+0x10/0x20
Code: bad PC value
---[ end trace 0000000000000000 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Powered by blists - more mailing lists