syzbot


general protection fault in fbcon_cursor

Status: closed as dup on 2020/07/27 23:02
Subsystems: fbdev
[Documentation on labels]
Reported-by: syzbot+6acf28c23c81badd89a7@syzkaller.appspotmail.com
First crash: 1624d, last: 1398d
Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: WARNING in sysfs_warn_dup (log)
Repro: C syz .config
  
Duplicate of
Title Repro Cause bisect Fix bisect Count Last Reported
general protection fault in do_con_write C done 10703 1397d 1632d
Discussions (1)
Title Replies (including bot) Last reply
general protection fault in fbcon_cursor 0 (2) 2020/02/13 11:18
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 general protection fault in fbcon_cursor C inconclusive 15 1408d 1582d 0/1 upstream: reported C repro on 2020/01/24 02:58
linux-4.19 general protection fault in fbcon_cursor C error 21 1428d 1562d 0/1 upstream: reported C repro on 2020/02/12 12:10

Sample crash report:
general protection fault, probably for non-canonical address 0xdffffc0020000001: 0000 [#1] PREEMPT SMP KASAN
KASAN: probably user-memory-access in range [0x0000000100000008-0x000000010000000f]
CPU: 0 PID: 2871 Comm: kworker/0:81 Not tainted 5.6.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events console_callback
RIP: 0010:fbcon_cursor+0x114/0x660 drivers/video/fbdev/core/fbcon.c:1387
Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 e6 04 00 00 4d 8b b4 24 a0 03 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 <0f> b6 14 02 4c 89 f0 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 ba
RSP: 0018:ffffc90008fe7af0 EFLAGS: 00010203
RAX: dffffc0000000000 RBX: ffff8880a3927800 RCX: ffffffff83f31c60
RDX: 0000000020000001 RSI: ffffffff83c5b4ec RDI: ffff8880a80f13a0
RBP: ffffc90008fe7b30 R08: ffff88809ee88280 R09: ffffed1014725374
R10: ffffed1014725373 R11: ffff8880a3929b9f R12: ffff8880a80f1000
R13: ffff8880a39b5000 R14: 000000010000000c R15: ffff8880a39b5468
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000455300 CR3: 00000000938e8000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 set_cursor drivers/tty/vt/vt.c:908 [inline]
 set_cursor+0x1fb/0x280 drivers/tty/vt/vt.c:899
 redraw_screen+0x4e1/0x7d0 drivers/tty/vt/vt.c:1013
 complete_change_console+0x105/0x3a0 drivers/tty/vt/vt_ioctl.c:1264
 change_console+0x19b/0x2c0 drivers/tty/vt/vt_ioctl.c:1389
 console_callback+0x3a1/0x400 drivers/tty/vt/vt.c:2824
 process_one_work+0xa05/0x17a0 kernel/workqueue.c:2264
 worker_thread+0x98/0xe40 kernel/workqueue.c:2410
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Modules linked in:
---[ end trace fee771e2d3fd0cd0 ]---
RIP: 0010:fbcon_cursor+0x114/0x660 drivers/video/fbdev/core/fbcon.c:1387
Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 e6 04 00 00 4d 8b b4 24 a0 03 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 ea 03 <0f> b6 14 02 4c 89 f0 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 ba
RSP: 0018:ffffc90008fe7af0 EFLAGS: 00010203
RAX: dffffc0000000000 RBX: ffff8880a3927800 RCX: ffffffff83f31c60
RDX: 0000000020000001 RSI: ffffffff83c5b4ec RDI: ffff8880a80f13a0
RBP: ffffc90008fe7b30 R08: ffff88809ee88280 R09: ffffed1014725374
R10: ffffed1014725373 R11: ffff8880a3929b9f R12: ffff8880a80f1000
R13: ffff8880a39b5000 R14: 000000010000000c R15: ffff8880a39b5468
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000455300 CR3: 00000000938e8000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (53):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/02/15 01:17 upstream 2019fc96af22 5d7b90f1 .config console log report syz C ci-upstream-kasan-gce-selinux-root
2020/02/13 11:17 upstream f2850dd5ee01 84f4fc8a .config console log report syz C ci-upstream-kasan-gce-root
2020/02/27 06:06 linux-next bdc5461b23ca 59b57593 .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2020/07/25 06:22 upstream 68845a55c31b 554af388 .config console log report ci-upstream-kasan-gce-selinux-root
2020/07/24 23:01 upstream f37e99aca03f 554af388 .config console log report ci-upstream-kasan-gce-root
2020/07/23 12:51 upstream d15be546031c 340ea530 .config console log report ci-upstream-kasan-gce-selinux-root
2020/07/22 07:40 upstream 4fa640dc5230 128cd85f .config console log report ci-upstream-kasan-gce
2020/07/20 14:36 upstream 5714ee50bb43 4285ffa3 .config console log report ci-upstream-kasan-gce-root
2020/07/20 08:52 upstream 92188b41f139 9c812472 .config console log report ci-upstream-kasan-gce-root
2020/07/18 13:09 upstream 6a70f89cc58f 9c812472 .config console log report ci-upstream-kasan-gce
2020/07/16 13:23 upstream 994e99a96c9b f3bec699 .config console log report ci-upstream-kasan-gce
2020/07/14 15:58 upstream 0dc589da873b ce4c95b3 .config console log report ci-upstream-kasan-gce-selinux-root
2020/07/13 19:33 upstream 11ba468877bb f90ec899 .config console log report ci-upstream-kasan-gce-smack-root
2020/07/08 15:42 upstream 7cc2a8ea1048 51095195 .config console log report ci-upstream-kasan-gce
2020/07/08 13:58 upstream 7cc2a8ea1048 51095195 .config console log report ci-upstream-kasan-gce
2020/07/07 21:30 upstream 7cc2a8ea1048 51095195 .config console log report ci-upstream-kasan-gce
2020/07/06 06:19 upstream 7cc2a8ea1048 51095195 .config console log report ci-upstream-kasan-gce-smack-root
2020/07/06 04:39 upstream 7cc2a8ea1048 51095195 .config console log report ci-upstream-kasan-gce
2020/07/03 03:59 upstream cd77006e01b3 bed10395 .config console log report ci-upstream-kasan-gce
2020/07/02 21:53 upstream cd77006e01b3 bed10395 .config console log report ci-upstream-kasan-gce-root
2020/07/02 20:57 upstream cd77006e01b3 bed10395 .config console log report ci-upstream-kasan-gce-smack-root
2020/07/01 12:25 upstream 7c30b859a947 39acb39d .config console log report ci-upstream-kasan-gce-selinux-root
2020/06/30 13:30 upstream 4e99b32169e8 a2cdad9d .config console log report ci-upstream-kasan-gce-root
2020/06/27 13:11 upstream 1590a2e1c681 ffec44b5 .config console log report ci-upstream-kasan-gce-root
2020/06/25 04:07 upstream 7ae77150d94d 54566aff .config console log report ci-upstream-kasan-gce
2020/06/24 15:14 upstream 7ae77150d94d 54566aff .config console log report ci-upstream-kasan-gce
2020/05/19 09:09 upstream 642b151f45dd 684d3606 .config console log report ci-upstream-kasan-gce-root
2020/05/16 23:15 upstream 3d1c1e5931ce 37bccd4e .config console log report ci-upstream-kasan-gce-root
2020/04/07 22:59 upstream 763dede1b248 db9bcd4b .config console log report ci-upstream-kasan-gce-root
2020/03/08 18:38 upstream 61a09258f2e5 2e9971bb .config console log report ci-upstream-kasan-gce-root
2020/03/05 15:25 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-selinux-root
2020/03/04 16:06 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-root
2020/03/04 14:14 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-smack-root
2020/02/29 02:48 upstream f8788d86ab28 59b57593 .config console log report ci-upstream-kasan-gce-selinux-root
2020/01/12 05:51 upstream ac61145a725a 4c04afaa .config console log report ci-upstream-kasan-gce-selinux-root
2019/12/26 07:57 upstream 46cf053efec6 be5c2c81 .config console log report ci-upstream-kasan-gce-root
2019/12/16 22:34 upstream 510c9788991c b80769fc .config console log report ci-upstream-kasan-gce-root
2019/12/12 17:01 upstream ae4b064e2a61 08003f64 .config console log report ci-upstream-kasan-gce-root
2020/07/23 18:21 upstream d15be546031c 70c104a1 .config console log report ci-upstream-kasan-gce-386
2020/07/18 04:10 upstream 8882572675c1 9c812472 .config console log report ci-upstream-kasan-gce-386
2020/07/17 00:32 upstream f8456690ba8e 54b3c45e .config console log report ci-upstream-kasan-gce-386
2020/07/08 13:21 upstream 7cc2a8ea1048 51095195 .config console log report ci-upstream-kasan-gce-386
2020/07/18 23:04 linux-next 4c43049f19a2 9c812472 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/07/07 16:04 linux-next 9e50b94b3eb0 51095195 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/07/06 17:01 linux-next 9e50b94b3eb0 51095195 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/07/03 07:01 linux-next aab2003999e7 bed10395 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/06/07 14:54 linux-next e7b08814b16b 2c2b926c .config console log report ci-upstream-linux-next-kasan-gce-root
2020/05/21 00:31 linux-next ac935d227366 c61086ab .config console log report ci-upstream-linux-next-kasan-gce-root
2020/04/28 20:32 linux-next ac935d227366 e3ecea2e .config console log report ci-upstream-linux-next-kasan-gce-root
2020/04/12 02:56 linux-next 11ecafc691e1 a8c6a3f8 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/04/03 11:42 linux-next 770fbb32d34e 5ed396e6 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/03/30 14:05 linux-next 770fbb32d34e c8d1cc20 .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.