syzbot

 sign-in | mailing list | source | docs
🐞 Open [827]
🐞 Fixed [87]
🐞 Invalid [1191]
Missing Backports [134]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

general protection fault in step_into

Status: upstream: reported C repro on 2024/04/13 08:21
Bug presence: origin:lts-only
[Documentation on labels]
Reported-by: syzbot+6ec068ed1982a8402704@syzkaller.appspotmail.com
First crash: 647d, last: 5d05h
Fix commit to backport (bisect log) :
tree: upstream
commit 7ffa8f3d30236e0ab897c30bdb01224ff1fe1c89
Author: Matthew Wilcox (Oracle) <willy@infradead.org>
Date: Mon Jan 15 07:20:25 2024 +0000

  fs: Remove NTFS classic

  
Bug presence (2)
Date Name Commit Repro Result
2024/04/29 linux-5.15.y (ToT) b925f60c6ee7 C [report] general protection fault in step_into
2024/04/29 upstream (ToT) e67572cd2204 C Didn't crash
Similar bugs (8)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in step_into fs 2 1 1969d 1965d 0/29 auto-closed as invalid on 2020/11/28 01:59
android-5-10 general protection fault in step_into 2 C done 289 11h56m 982d 0/2 upstream: reported C repro on 2023/05/14 14:12
linux-6.1 KASAN: null-ptr-deref Read in step_into origin:lts-only 11 C inconclusive 107 12d 654d 0/3 upstream: reported C repro on 2024/04/06 11:08
android-5-15 general protection fault in step_into origin:downstream 2 C done 117 1d13h 982d 0/2 upstream: reported C repro on 2023/05/14 14:01
android-6-1 general protection fault in step_into origin:downstream 2 C done 88 2d14h 982d 0/2 upstream: reported C repro on 2023/05/14 14:12
linux-6.6 general protection fault in step_into origin:lts-only 2 C inconclusive 21 28d 127d 0/2 upstream: reported C repro on 2025/09/14 20:10
android-6-12 general protection fault in step_into origin:downstream 2 C 26 77d 203d 0/1 premoderation: reported C repro on 2025/06/30 23:58
upstream BUG: unable to handle kernel paging request in step_into ntfs3 11 C error done 5 745d 1112d 0/29 auto-obsoleted due to no activity on 2024/05/25 15:27
Last patch testing requests (10)
Created Duration User Patch Repo Result
2025/11/23 09:37 12m retest repro linux-5.15.y report log
2025/11/23 09:37 17m retest repro linux-5.15.y report log
2025/11/23 09:37 11m retest repro linux-5.15.y report log
2025/11/23 09:37 12m retest repro linux-5.15.y report log
2025/09/15 03:32 17m retest repro linux-5.15.y report log
2025/09/15 03:32 10m retest repro linux-5.15.y error
2025/08/31 13:18 10m retest repro linux-5.15.y report log
2025/08/31 13:18 11m retest repro linux-5.15.y report log
2025/08/31 13:18 11m retest repro linux-5.15.y report log
2025/08/31 13:18 9m retest repro linux-5.15.y report log
Fix bisection attempts (1)
Created Duration User Patch Repo Result
2024/06/23 11:11 6h14m fix candidate upstream OK (1) job log

Sample crash report:
loop0: detected capacity change from 0 to 4096
ntfs: volume version 3.1.
ntfs: (device loop0): ntfs_lookup(): ntfs_lookup_ino_by_name() failed with error code -67.
general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047]
CPU: 0 PID: 4351 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:traverse_mounts fs/namei.c:1386 [inline]
RIP: 0010:handle_mounts fs/namei.c:1506 [inline]
RIP: 0010:step_into+0x12e/0xd00 fs/namei.c:1814
Code: 4c 8b 74 24 18 c6 44 24 7f 00 43 0f b6 44 25 00 84 c0 0f 85 6c 0a 00 00 45 8b 36 4c 8b bc 24 a8 00 00 00 4c 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 6b 0a 00 00 45 8b 3f 44 89 fe 81 e6 00
RSP: 0018:ffffc900043af9e0 EFLAGS: 00010202
RAX: 0000000000000008 RBX: ffffc900043afbc0 RCX: ffff88802560bb80
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc900043afae8 R08: 0000000000000000 R09: ffffed100d3ca4a1
R10: ffffed100d3ca4a1 R11: 1ffff1100d3ca4a0 R12: dffffc0000000000
R13: 1ffff92000875f7f R14: 0000000000000001 R15: 0000000000000043
FS:  00005555789f0500(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b30a63fff CR3: 0000000060272000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 lookup_last fs/namei.c:2439 [inline]
 path_lookupat+0x169/0x440 fs/namei.c:2463
 filename_lookup+0x1e2/0x4f0 fs/namei.c:2492
 user_path_at_empty+0x40/0x190 fs/namei.c:2891
 user_path_at include/linux/namei.h:57 [inline]
 do_utimes_path fs/utimes.c:94 [inline]
 do_utimes+0x138/0x2a0 fs/utimes.c:144
 __do_sys_utimensat fs/utimes.c:163 [inline]
 __se_sys_utimensat fs/utimes.c:147 [inline]
 __x64_sys_utimensat+0x14c/0x230 fs/utimes.c:147
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f8a303e4749
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc69cd22d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000118
RAX: ffffffffffffffda RBX: 00007f8a3063afa0 RCX: 00007f8a303e4749
RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
RBP: 00007f8a30468f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f8a3063afa0 R14: 00007f8a3063afa0 R15: 0000000000000004
 </TASK>
Modules linked in:
---[ end trace 23b8f40c775e8543 ]---
RIP: 0010:traverse_mounts fs/namei.c:1386 [inline]
RIP: 0010:handle_mounts fs/namei.c:1506 [inline]
RIP: 0010:step_into+0x12e/0xd00 fs/namei.c:1814
Code: 4c 8b 74 24 18 c6 44 24 7f 00 43 0f b6 44 25 00 84 c0 0f 85 6c 0a 00 00 45 8b 36 4c 8b bc 24 a8 00 00 00 4c 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 6b 0a 00 00 45 8b 3f 44 89 fe 81 e6 00
RSP: 0018:ffffc900043af9e0 EFLAGS: 00010202
RAX: 0000000000000008 RBX: ffffc900043afbc0 RCX: ffff88802560bb80
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc900043afae8 R08: 0000000000000000 R09: ffffed100d3ca4a1
R10: ffffed100d3ca4a1 R11: 1ffff1100d3ca4a0 R12: dffffc0000000000
R13: 1ffff92000875f7f R14: 0000000000000001 R15: 0000000000000043
FS:  00005555789f0500(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f96dca21000 CR3: 0000000060272000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	4c 8b 74 24 18       	mov    0x18(%rsp),%r14
   5:	c6 44 24 7f 00       	movb   $0x0,0x7f(%rsp)
   a:	43 0f b6 44 25 00    	movzbl 0x0(%r13,%r12,1),%eax
  10:	84 c0                	test   %al,%al
  12:	0f 85 6c 0a 00 00    	jne    0xa84
  18:	45 8b 36             	mov    (%r14),%r14d
  1b:	4c 8b bc 24 a8 00 00 	mov    0xa8(%rsp),%r15
  22:	00
  23:	4c 89 f8             	mov    %r15,%rax
  26:	48 c1 e8 03          	shr    $0x3,%rax
* 2a:	42 0f b6 04 20       	movzbl (%rax,%r12,1),%eax <-- trapping instruction
  2f:	84 c0                	test   %al,%al
  31:	0f 85 6b 0a 00 00    	jne    0xaa2
  37:	45 8b 3f             	mov    (%r15),%r15d
  3a:	44 89 fe             	mov    %r15d,%esi
  3d:	81                   	.byte 0x81
  3e:	e6 00                	out    %al,$0x0

Crashes (305):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/12/20 05:14 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan general protection fault in step_into
2024/04/13 10:12 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan general protection fault in step_into
2025/07/05 06:13 linux-5.15.y 3dea0e7f549e d869b261 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/03/21 04:55 linux-5.15.y 0c935c049b5c 62330552 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/03/15 21:43 linux-5.15.y 0c935c049b5c e2826670 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/02/26 10:20 linux-5.15.y c16c81c81336 d34966d1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2024/11/10 18:59 linux-5.15.y 3c17fc483905 6b856513 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2024/06/12 23:07 linux-5.15.y c61bd26ae81a f815599d .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2026/01/15 14:17 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2026/01/10 14:50 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2026/01/06 17:09 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2026/01/03 09:09 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/25 05:07 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/25 01:52 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/23 04:25 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/21 01:10 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/20 20:50 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/19 12:29 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/19 10:30 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/18 02:21 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/05 03:49 linux-5.15.y cc5ec8769306 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/12/04 08:14 linux-5.15.y cc5ec8769306 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/11/30 14:06 linux-5.15.y cc5ec8769306 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/11/30 08:29 linux-5.15.y cc5ec8769306 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/11/08 21:55 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/08/17 09:12 linux-5.15.y c79648372d02 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/08/17 09:09 linux-5.15.y c79648372d02 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/08/17 08:08 linux-5.15.y c79648372d02 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/08/17 07:57 linux-5.15.y c79648372d02 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/06/09 09:24 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/06/02 06:27 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/06/02 00:23 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/04/14 20:59 linux-5.15.y f7347f400572 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/04/14 00:50 linux-5.15.y f7347f400572 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2024/04/13 08:21 linux-5.15.y cdfd0a7f0139 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in step_into
2025/08/05 07:10 linux-5.15.y c79648372d02 f5bcc8dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/07/26 18:03 linux-5.15.y c79648372d02 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/07/16 02:13 linux-5.15.y 89950c454265 03fcfc4b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/07/12 03:03 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/07/05 05:05 linux-5.15.y 3dea0e7f549e d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/06/15 06:46 linux-5.15.y 1c700860e8bc 5f4b362d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/06/04 00:25 linux-5.15.y 98f47d0e9b8c a30356b7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/06/01 23:16 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/05/31 10:33 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/05/23 23:55 linux-5.15.y 98f47d0e9b8c f8cc0c83 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/05/06 13:02 linux-5.15.y 16fdf2c7111b ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/05/05 20:49 linux-5.15.y 16fdf2c7111b 6ca47dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/05/04 19:07 linux-5.15.y 16fdf2c7111b b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/05/04 19:00 linux-5.15.y 16fdf2c7111b b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/04/27 14:55 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/04/26 05:21 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/04/26 03:38 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/04/19 02:50 linux-5.15.y f7347f400572 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/04/06 23:45 linux-5.15.y 0c935c049b5c 1c65791e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/04/02 23:04 linux-5.15.y 0c935c049b5c c799dfdd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/03/15 04:41 linux-5.15.y 0c935c049b5c e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
2025/03/15 03:10 linux-5.15.y 0c935c049b5c e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: null-ptr-deref Read in step_into
* Struck through repros no longer work on HEAD.