insmod "Killed" on Ubuntu

[cvediver]

trafficstars

Possible duplicate of #13

I am interested in using the snapshot API, so I thought I would just test it out on an Ubuntu Vagrant box. After the insmod, I start getting spammed with "Killed" (see below). I looked over the dmesg output, leading me to believe there is a page fault with this call trace, but I confess my kernel debugging knowledge is limited. If you have a suggestion for how I can track this down further, please let me know...

[  274.207068] BUG: unable to handle page fault for address: 0000000080f17fc8
[  274.207408] #PF: supervisor read access in kernel mode
[  274.207734] #PF: error_code(0x0000) - not-present page
<...truncated...>
[  274.214912] Call Trace:
[  274.215194]  ? sys_exit_group+0x2c/0x30 [afl_snapshot]
[  274.215471]  do_syscall_64+0x57/0x190
[  274.215744]  entry_SYSCALL_64_after_hwframe+0x44/0xa9

To reproduce:

Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
  config.vm.box = "bento/ubuntu-20.04"
  config.vm.hostname = "test"
  config.vm.provision "shell", privileged: true, inline: <<-SHELL
    apt-get update
    DEBIAN_FRONTEND="noninteractive" apt-get install -y --no-install-recommends \
      build-essential \
      linux-headers-$(uname -r)
    git clone --depth 1 --branch pr https://github.com/AFLplusplus/AFL-Snapshot-LKM.git
  SHELL
end
# Using pr branch for https://github.com/AFLplusplus/AFL-Snapshot-LKM/pull/11 

$ vagrant up
$ vagrant ssh

vagrant$ uname -a
Linux test 5.4.0-42-generic #46-Ubuntu SMP Fri Jul 10 00:24:02 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
vagrant$ cd /home/vagrant/AFL-Snapshot-LKM/
vagrant$ sudo ./load.sh
<...truncated...>
make[1]: Leaving directory '/usr/src/linux-headers-5.4.0-42-generic'
Killed
Killed
vagrant$ ls -l /tmp/
<...truncated...>
Killed

[cvediver]

I can confirm that this is fixed by #18. Thanks @klecko!