syzbot

 sign-in | mailing list | source | docs
🐞 Open [142] 🐞 Fixed [16] 🐞 Invalid [163] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING in kobject_get

Status: public: reported syz repro on 2019/04/14 08:52
Reported-by: syzbot+787b65147019c304a0f6@syzkaller.appspotmail.com
First crash: 2009d, last: 1802d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 WARNING in kobject_get syz 9 1706d 1841d 0/3 public: reported syz repro on 2019/04/14 09:28

Sample crash report:
input: syz1 as /devices/virtual/input/input7660
input: syz1 as /devices/virtual/input/input7659
input: syz1 as /devices/virtual/input/input7661
input: syz1 as /devices/virtual/input/input7663
------------[ cut here ]------------
WARNING: CPU: 1 PID: 31018 at include/linux/kref.h:46 kref_get include/linux/kref.h:46 [inline]()
WARNING: CPU: 1 PID: 31018 at include/linux/kref.h:46 kobject_get lib/kobject.c:596 [inline]()
WARNING: CPU: 1 PID: 31018 at include/linux/kref.h:46 kobject_get+0xd2/0xf0 lib/kobject.c:589()
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 31018 Comm: syz-executor.3 Not tainted 4.4.174+ #4
 0000000000000000 b279d5346e78ed59 ffff8801d0c6f7f0 ffffffff81aad1a1
 0000000000000000 ffffffff82835ee0 ffffffff829236a0 000000000000002e
 ffffffff81ab2e12 ffff8801d0c6f8d0 ffffffff813a48c2 0000000041b58ab3
Call Trace:
 [<ffffffff81aad1a1>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81aad1a1>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
 [<ffffffff813a48c2>] panic+0x1b9/0x37b kernel/panic.c:112
 [<ffffffff813a4ab9>] warn_slowpath_common kernel/panic.c:455 [inline]
 [<ffffffff813a4ab9>] warn_slowpath_common.cold+0x20/0x20 kernel/panic.c:435
 [<ffffffff810d3aaa>] warn_slowpath_null+0x2a/0x30 kernel/panic.c:492
 [<ffffffff81ab2e12>] kref_get include/linux/kref.h:46 [inline]
 [<ffffffff81ab2e12>] kobject_get lib/kobject.c:596 [inline]
 [<ffffffff81ab2e12>] kobject_get+0xd2/0xf0 lib/kobject.c:589
 [<ffffffff814a35b4>] cdev_get+0x54/0xa0 fs/char_dev.c:329
 [<ffffffff814a3d40>] chrdev_open+0xb0/0x630 fs/char_dev.c:374
 [<ffffffff8149154f>] do_dentry_open+0x38f/0xbd0 fs/open.c:749
 [<ffffffff81494d3b>] vfs_open+0x10b/0x210 fs/open.c:862
 [<ffffffff814c5ddf>] do_last fs/namei.c:3269 [inline]
 [<ffffffff814c5ddf>] path_openat+0x136f/0x4470 fs/namei.c:3406
 [<ffffffff814ccab1>] do_filp_open+0x1a1/0x270 fs/namei.c:3440
 [<ffffffff81495668>] do_sys_open+0x2f8/0x600 fs/open.c:1038
 [<ffffffff8149599d>] SYSC_open fs/open.c:1056 [inline]
 [<ffffffff8149599d>] SyS_open+0x2d/0x40 fs/open.c:1051
 [<ffffffff82718ba1>] entry_SYSCALL_64_fastpath+0x1e/0x9a
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/05/22 23:56 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 84b9d384 .config console log report syz ci-android-44-kasan-gce
2019/03/02 04:38 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 68d9e495 .config console log report ci-android-44-kasan-gce-386
2018/10/27 13:47 https://android.googlesource.com/kernel/common android-4.4 c4b00eb70496 8efba39a .config console log report ci-android-44-kasan-gce-386
* Struck through repros no longer work on HEAD.