Re: [syzbot] unexpected kernel reboot (8)

[Tetsuo Handa]

This is not a kernel bug but a fuzzer's bug.

Looking at https://syzkaller.appspot.com/text?tag=ReproC&x=155622df080000 ,
this reproducer is reading data from /dev/vcs to [0x20001dc0,0x20003DE0) range,
and passing subset of this range [0x20002300,0x20003300) as "const void *data"
argument of mount() syscall which is interpreted as a string.

That is, this problem happens when console screen buffer by chance contained
kernel messages which the kernel has printk()ed upon boot.

(I defer "#syz invalid" because we need to somehow fix this problem on the fuzzer side.)

On 2022/09/28 11:03, syzbot wrote:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    1707c39ae309 Merge tag 'driver-core-6.0-rc7' of git://git...
> git tree:       upstream
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=17324288880000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=122d7bd4fc8e0ecb
> dashboard link: https://syzkaller.appspot.com/bug?extid=8346a1aeed52cb04c9ba
> compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=15ca1f54880000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=155622df080000
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+8346a1aeed52cb04c9ba@xxxxxxxxxxxxxxxxxxxxxxxxx