syzbot


general protection fault in __dentry_path

Status: fixed on 2019/03/06 07:43
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+7857962b4d45e602b8ad@syzkaller.appspotmail.com
Fix commit: 8ed0579c12b2 kvm: properly check debugfs dentry before using it
First crash: 2003d, last: 1970d
Discussions (7)
Title Replies (including bot) Last reply
[PATCH 4.19 000/321] 4.19.88-stable review 352 (352) 2020/02/09 12:41
[PATCH 4.14 000/209] 4.14.158-stable review 223 (223) 2019/12/10 00:52
[PATCH AUTOSEL 4.19 01/57] drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up 49 (49) 2019/04/03 16:17
[PATCH AUTOSEL 4.14 01/37] gpio: pxa: handle corner case of unprobed device 29 (29) 2019/04/03 12:57
[PATCH] kvm: properly check debugfs dentry before using it 4 (4) 2019/02/28 18:04
[PATCH] kvm: properly check debugfs dentry before using it 3 (3) 2019/02/28 15:32
general protection fault in __dentry_path 3 (6) 2019/02/27 08:38
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in __dentry_path (2) fs C error 174 821d 832d 22/27 fixed on 2023/02/24 13:50

Sample crash report:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 12576 Comm: syz-executor696 Not tainted 5.0.0-rc7+ #81
kobject: 'kvm' (00000000985ff3e6): kobject_uevent_env
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__dentry_path+0x49e/0x7c0 fs/d_path.c:344
Code: 89 fc 41 83 e4 01 44 89 e6 e8 fe e4 b2 ff 45 84 e4 0f 85 04 02 00 00 e8 b0 e3 b2 ff 48 8b 85 18 ff ff ff 44 89 bd 40 ff ff ff <80> 38 00 0f 85 f9 02 00 00 48 8b 85 38 ff ff ff 41 83 e7 01 44 89
kobject: 'kvm' (00000000985ff3e6): fill_kobj_path: path = '/devices/virtual/misc/kvm'
RSP: 0018:ffff888096127c58 EFLAGS: 00010293
RAX: dffffc0000000005 RBX: 0000000000000000 RCX: ffffffff81bcfdc2
RDX: 0000000000000000 RSI: ffffffff81bcfdd0 RDI: 0000000000000001
RBP: ffff888096127d48 R08: ffff88809b17c540 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffff888096127d20 R14: ffff888092473afe R15: 0000000000014e78
FS:  0000000000000000(0000) GS:ffff8880ae800000(0063) knlGS:00000000f7fe4b40
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: 00000000080fb028 CR3: 000000009de68000 CR4: 00000000001426f0
kobject: 'kvm' (00000000985ff3e6): kobject_uevent_env
Call Trace:
kobject: 'kvm' (00000000985ff3e6): fill_kobj_path: path = '/devices/virtual/misc/kvm'
 dentry_path_raw+0x26/0x30 fs/d_path.c:371
 kvm_uevent_notify_change.part.0+0x213/0x440 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4051
 kvm_uevent_notify_change arch/x86/kvm/../../../virt/kvm/kvm_main.c:4018 [inline]
 kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:3356 [inline]
 kvm_dev_ioctl+0x1132/0x1750 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3378
 __do_compat_sys_ioctl fs/compat_ioctl.c:1052 [inline]
 __se_compat_sys_ioctl fs/compat_ioctl.c:998 [inline]
 __ia32_compat_sys_ioctl+0x197/0x620 fs/compat_ioctl.c:998
 do_syscall_32_irqs_on arch/x86/entry/common.c:326 [inline]
 do_fast_syscall_32+0x281/0xc98 arch/x86/entry/common.c:397
 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7fe8869
Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000f7fe41fc EFLAGS: 00000293 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ae01
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00000000003d0f00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Modules linked in:
---[ end trace 4fe494385b47fe74 ]---
kobject: 'kvm' (00000000985ff3e6): kobject_uevent_env
RIP: 0010:__dentry_path+0x49e/0x7c0 fs/d_path.c:344
Code: 89 fc 41 83 e4 01 44 89 e6 e8 fe e4 b2 ff 45 84 e4 0f 85 04 02 00 00 e8 b0 e3 b2 ff 48 8b 85 18 ff ff ff 44 89 bd 40 ff ff ff <80> 38 00 0f 85 f9 02 00 00 48 8b 85 38 ff ff ff 41 83 e7 01 44 89
RSP: 0018:ffff888096127c58 EFLAGS: 00010293
RAX: dffffc0000000005 RBX: 0000000000000000 RCX: ffffffff81bcfdc2
RDX: 0000000000000000 RSI: ffffffff81bcfdd0 RDI: 0000000000000001
RBP: ffff888096127d48 R08: ffff88809b17c540 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffff888096127d20 R14: ffff888092473afe R15: 0000000000014e78
kobject: 'kvm' (00000000985ff3e6): fill_kobj_path: path = '/devices/virtual/misc/kvm'
FS:  0000000000000000(0000) GS:ffff8880ae800000(0063) knlGS:00000000f7fe4b40
CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
CR2: 00000000080fb038 CR3: 000000009de68000 CR4: 00000000001426f0

Crashes (2082):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/02/21 04:13 upstream 2137397c92ae c95f0707 .config console log report syz C ci-upstream-kasan-gce-386
2019/02/21 05:02 linux-next abf446c90405 c95f0707 .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2019/02/24 17:23 upstream e60b5f79bd75 7a06e792 .config console log report syz ci-upstream-kasan-gce-root
2019/02/24 11:09 upstream e60b5f79bd75 7a06e792 .config console log report syz ci-upstream-kasan-gce-root
2019/02/24 11:08 upstream e60b5f79bd75 7a06e792 .config console log report syz ci-upstream-kasan-gce-smack-root
2019/02/24 09:43 upstream e60b5f79bd75 7a06e792 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/02/24 08:46 upstream e60b5f79bd75 7a06e792 .config console log report syz ci-upstream-kasan-gce
2019/02/24 08:43 upstream e60b5f79bd75 7a06e792 .config console log report syz ci-upstream-kasan-gce-smack-root
2019/02/21 05:14 upstream 2137397c92ae c95f0707 .config console log report syz ci-upstream-kasan-gce-smack-root
2019/02/20 08:13 upstream 40e196a906d9 4df543c9 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/02/20 08:12 upstream 40e196a906d9 4df543c9 .config console log report syz ci-upstream-kasan-gce
2019/02/20 08:12 upstream 40e196a906d9 4df543c9 .config console log report syz ci-upstream-kasan-gce-smack-root
2019/02/20 07:55 upstream 40e196a906d9 4df543c9 .config console log report syz ci-upstream-kasan-gce-root
2019/02/17 07:57 upstream 64c0133eb88a f42dee6d .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/02/16 14:30 upstream 5ded5871030e f42dee6d .config console log report syz ci-upstream-kasan-gce-root
2019/02/15 13:49 upstream cb5b020a8d38 f6f233c0 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/02/15 00:01 upstream 23e93c9b2cde 76dd003f .config console log report syz ci-upstream-kasan-gce
2019/02/14 23:51 upstream 23e93c9b2cde 76dd003f .config console log report syz ci-upstream-kasan-gce-smack-root
2019/02/14 23:50 upstream 23e93c9b2cde 76dd003f .config console log report syz ci-upstream-kasan-gce-root
2019/02/14 02:09 upstream 1f947a7a011f 0a49c954 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/02/14 02:00 upstream 1f947a7a011f 0a49c954 .config console log report syz ci-upstream-kasan-gce-root
2019/02/14 02:00 upstream 1f947a7a011f 0a49c954 .config console log report syz ci-upstream-kasan-gce-smack-root
2019/02/14 01:46 upstream 1f947a7a011f 0a49c954 .config console log report syz ci-upstream-kasan-gce
2019/02/12 08:09 upstream aa0c38cf39de 65a0d619 .config console log report syz ci-upstream-kasan-gce-smack-root
2019/02/12 06:28 upstream aa0c38cf39de 65a0d619 .config console log report syz ci-upstream-kasan-gce-root
2019/02/12 06:11 upstream aa0c38cf39de 65a0d619 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/02/11 02:03 upstream 68d94a842435 b4f792e4 .config console log report syz ci-upstream-kasan-gce-root
2019/02/10 15:09 upstream df3865f8f568 b4f792e4 .config console log report syz ci-upstream-kasan-gce
2019/02/24 09:44 upstream e60b5f79bd75 7a06e792 .config console log report syz ci-upstream-kasan-gce-386
2019/02/20 08:24 upstream 40e196a906d9 4df543c9 .config console log report syz ci-upstream-kasan-gce-386
2019/02/15 00:01 upstream 23e93c9b2cde 76dd003f .config console log report syz ci-upstream-kasan-gce-386
2019/02/14 07:58 upstream 1f947a7a011f 6a46f448 .config console log report syz ci-upstream-kasan-gce-386
2019/02/24 11:06 linux-next 94a47529a645 7a06e792 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/02/20 19:52 linux-next abf446c90405 c95f0707 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/02/16 15:03 linux-next 7a92eb7cc1dc f42dee6d .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/02/14 23:37 linux-next b3418f8bddf4 76dd003f .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/02/14 21:48 linux-next b3418f8bddf4 76dd003f .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/02/14 02:08 linux-next c4f3ef3eb53f 0a49c954 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/02/12 23:06 linux-next b5829453d81a 6ecc6d0f .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/02/12 06:28 linux-next d4104460aec1 65a0d619 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/02/10 15:06 linux-next a46228f6598a b4f792e4 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/01/30 11:31 linux-next 02495e76ded5 aa432daf .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/03/02 01:10 upstream 7d762d69145a 68d9e495 .config console log report ci-upstream-kasan-gce-selinux-root
2019/03/01 21:49 upstream 7d762d69145a 68d9e495 .config console log report ci-upstream-kasan-gce-selinux-root
2019/03/01 20:36 upstream 7d762d69145a 68d9e495 .config console log report ci-upstream-kasan-gce
2019/03/01 19:00 upstream 7d762d69145a 68d9e495 .config console log report ci-upstream-kasan-gce
2019/03/01 17:45 upstream 7d762d69145a 68d9e495 .config console log report ci-upstream-kasan-gce-smack-root
2019/03/01 15:32 upstream 7d762d69145a 8a4b3a6b .config console log report ci-upstream-kasan-gce-root
2019/03/01 14:15 upstream 7d762d69145a 8a4b3a6b .config console log report ci-upstream-kasan-gce-root
2019/03/01 12:50 upstream 7d762d69145a 8a4b3a6b .config console log report ci-upstream-kasan-gce-root
2019/03/01 08:54 upstream 7d762d69145a 8a4b3a6b .config console log report ci-upstream-kasan-gce-root
2019/03/01 07:44 upstream 7d762d69145a 8a4b3a6b .config console log report ci-upstream-kasan-gce-selinux-root
2019/03/01 06:41 upstream 7d762d69145a 8a4b3a6b .config console log report ci-upstream-kasan-gce-root
2019/03/01 04:53 upstream 7d762d69145a 09aeeba4 .config console log report ci-upstream-kasan-gce-selinux-root
2019/03/01 02:53 upstream 7d762d69145a 09aeeba4 .config console log report ci-upstream-kasan-gce
2019/03/01 01:28 upstream 7d762d69145a 09aeeba4 .config console log report ci-upstream-kasan-gce-root
2019/03/01 00:24 upstream 7d762d69145a 09aeeba4 .config console log report ci-upstream-kasan-gce-smack-root
2019/02/28 22:44 upstream 7d762d69145a 09aeeba4 .config console log report ci-upstream-kasan-gce-selinux-root
2019/02/28 22:11 upstream 7d762d69145a 09aeeba4 .config console log report ci-upstream-kasan-gce-smack-root
2019/02/28 19:31 upstream 7d762d69145a 09aeeba4 .config console log report ci-upstream-kasan-gce-smack-root
2019/02/28 18:31 upstream 7d762d69145a 09aeeba4 .config console log report ci-upstream-kasan-gce
2019/03/02 00:00 upstream 7d762d69145a 68d9e495 .config console log report ci-upstream-kasan-gce-386
2019/03/04 06:13 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/04 02:42 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/04 02:40 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/04 00:37 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 21:53 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 19:23 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 17:47 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 15:56 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 12:47 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 10:06 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 09:02 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 05:44 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/03 00:57 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 23:23 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 19:46 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 18:34 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 15:07 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 10:42 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 08:40 linux-next c63e9e91a254 1c0e457a .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 05:12 linux-next c63e9e91a254 68d9e495 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 04:05 linux-next c63e9e91a254 68d9e495 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/02 03:00 linux-next c63e9e91a254 68d9e495 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/01 20:45 linux-next c63e9e91a254 68d9e495 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/01 13:57 linux-next c63e9e91a254 8a4b3a6b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/01 11:22 linux-next c63e9e91a254 8a4b3a6b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/03/01 03:55 linux-next 42fd8df9d1d9 09aeeba4 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/02/28 21:05 linux-next 42fd8df9d1d9 09aeeba4 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/01/30 08:56 linux-next 02495e76ded5 aa432daf .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.