On 2016-05-04 10:53 AM, Sasha Levin wrote:
On 05/04/2016 10:50 AM, Douglas Gilbert wrote:
On 2016-05-04 09:56 AM, Sasha Levin wrote:
On 04/17/2016 06:44 PM, Sasha Levin wrote:
On 04/17/2016 02:37 PM, Christoph Hellwig wrote:
Adding Doug as this involves the SG driver, which has a slightly
unusual usage of the blk-map.c code.
Does anyone know if the __asan_storeN in the trace implies the memory
stored to was invalid and not the memory read from?
Yes. In this case it attempted to write to memory that was already freed.
Ping? I'm still seeing bunch of these in -next.
And again ... (as requested 3 weeks ago):
So could you send me the user space program that caused this?
Sorry, didn't see the original mail.
It reproduces with syzkaller (https://github.com/google/syzkaller), I don't
have any easier way to reproduce it.
As noted previously, in the two syzkaller bugs reported involving
the sg driver, it is throwing pseudo random crap at the sg driver's
write()/read() interface taking care to misalign all integer
accesses. In the absence of the user space code that causes
this problem, I have no idea what to do next. There have been
no changes to the sg driver (sg.c) between lk 4.5 and the current
linux-stable git tree (lk 4.6.0-rc6).
Doug Gilbert
--
To unsubscribe from this list: send the line "unsubscribe linux-block" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
