syzbot


KASAN: null-ptr-deref Read in do_journal_end (2)

Status: upstream: reported C repro on 2022/07/30 19:30
Labels: reiserfs (incorrect?)
Reported-by: syzbot+845cd8e5c47f2a125683@syzkaller.appspotmail.com
First crash: 440d, last: 19h26m

Cause bisection: failed (error log, bisect log)
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] KASAN: null-ptr-deref Read in do_journal_end (2) 0 (2) 2022/11/30 15:59
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 KASAN: null-ptr-deref Read in do_journal_end 1 57d 57d 0/3 upstream: reported on 2023/04/06 14:35
upstream KASAN: null-ptr-deref Read in do_journal_end 1 587d 582d 0/24 auto-closed as invalid on 2022/02/20 18:03
linux-4.19 general protection fault in do_journal_end reiserfs C error 3 135d 184d 0/1 upstream: reported C repro on 2022/11/30 04:17
linux-4.14 general protection fault in do_journal_end reiserfs C 2 111d 148d 0/1 upstream: reported C repro on 2023/01/05 12:44
Fix bisection attempts (1)
Created Duration User Patch Repo Result
2023/03/03 21:00 40m bisect fix upstream job log (0) log

Sample crash report:
==================================================================
BUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:72 [inline]
BUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
BUG: KASAN: null-ptr-deref in set_buffer_uptodate include/linux/buffer_head.h:151 [inline]
BUG: KASAN: null-ptr-deref in do_journal_end+0x135f/0x4af0 fs/reiserfs/journal.c:4081
Read of size 8 at addr 0000000000000000 by task kworker/0:3/4398

CPU: 0 PID: 4398 Comm: kworker/0:3 Not tainted 6.3.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
Workqueue: events_long flush_old_commits
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106
 print_report mm/kasan/report.c:433 [inline]
 kasan_report+0xec/0x130 mm/kasan/report.c:536
 check_region_inline mm/kasan/generic.c:181 [inline]
 kasan_check_range+0x141/0x190 mm/kasan/generic.c:187
 instrument_atomic_read include/linux/instrumented.h:72 [inline]
 _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
 set_buffer_uptodate include/linux/buffer_head.h:151 [inline]
 do_journal_end+0x135f/0x4af0 fs/reiserfs/journal.c:4081
 reiserfs_sync_fs+0xfc/0x130 fs/reiserfs/super.c:78
 flush_old_commits+0xfb/0x200 fs/reiserfs/super.c:111
 process_one_work+0x991/0x15c0 kernel/workqueue.c:2390
 worker_thread+0x669/0x1090 kernel/workqueue.c:2537
 kthread+0x2e8/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
 </TASK>
==================================================================
Kernel panic - not syncing: KASAN: panic_on_warn set ...
CPU: 0 PID: 4398 Comm: kworker/0:3 Not tainted 6.3.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
Workqueue: events_long flush_old_commits
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106
 panic+0x688/0x730 kernel/panic.c:340
 check_panic_on_warn+0xb1/0xc0 kernel/panic.c:236
 end_report+0xe9/0x120 mm/kasan/report.c:190
 kasan_report+0xf9/0x130 mm/kasan/report.c:538
 check_region_inline mm/kasan/generic.c:181 [inline]
 kasan_check_range+0x141/0x190 mm/kasan/generic.c:187
 instrument_atomic_read include/linux/instrumented.h:72 [inline]
 _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
 set_buffer_uptodate include/linux/buffer_head.h:151 [inline]
 do_journal_end+0x135f/0x4af0 fs/reiserfs/journal.c:4081
 reiserfs_sync_fs+0xfc/0x130 fs/reiserfs/super.c:78
 flush_old_commits+0xfb/0x200 fs/reiserfs/super.c:111
 process_one_work+0x991/0x15c0 kernel/workqueue.c:2390
 worker_thread+0x669/0x1090 kernel/workqueue.c:2537
 kthread+0x2e8/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
 </TASK>
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (32):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2023/04/10 20:50 upstream 09a9639e56c0 71147e29 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] ci-upstream-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2023/01/04 06:51 upstream 69b41ac87e4a f0036e18 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2022/12/30 12:22 upstream 2258c2dc850b 44712fbc .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2022/12/27 22:17 upstream 1b929c02afd3 44712fbc .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2022/11/30 15:59 upstream 01f856ae6d0c 4c2a66e8 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/06/02 01:43 upstream 1874a42a7d74 a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/06/01 15:36 upstream 929ed21dfdb6 babc4389 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/05/28 18:41 upstream 7877cb91f108 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2023/05/25 06:24 upstream 933174ae28ba 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/05/23 22:16 upstream ae8373a5add4 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2023/05/21 08:22 upstream 0dd2a6fb1e34 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/05/16 00:28 upstream f1fcbaa18b28 c4d362e7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/05/14 00:08 upstream d4d58949a6ea 2b9ba477 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/05/12 06:17 upstream 105131df9c3b adb9a3cd .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/04/30 17:10 upstream 825a0714d2b3 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2023/04/28 14:44 upstream 91ec4b0d11fe 70a605de .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/04/26 19:55 upstream 5c7ecada25d2 8d843721 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/04/26 03:06 upstream 173ea743bf7a 65320f8e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/04/09 12:15 upstream cdc9718d5e59 71147e29 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2023/04/02 02:01 upstream 00c7b5f4ddc5 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2023/03/23 18:57 upstream fff5a5e7f528 f94b4a29 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2023/03/05 21:06 upstream f915322fe014 f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2023/02/01 17:36 upstream c0b67534c95c 9a6f477c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: null-ptr-deref Read in do_journal_end
2022/07/30 19:30 upstream 620725263f42 fef302b1 .config console log report info ci-upstream-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2022/07/12 17:39 upstream 5a29232d870d d91dd8ea .config console log report info ci-qemu-upstream KASAN: null-ptr-deref Read in do_journal_end
2022/04/16 01:20 upstream 59250f8a7f3a 8bcc32a6 .config console log report info ci-qemu-upstream KASAN: null-ptr-deref Read in do_journal_end
2022/04/01 14:12 upstream e8b767f5e040 20955a24 .config console log report info ci-upstream-kasan-gce-selinux-root KASAN: null-ptr-deref Read in do_journal_end
2022/03/19 20:50 upstream 97e9c8eb4bb1 e2d91b1d .config console log report info ci-upstream-kasan-gce-selinux-root KASAN: null-ptr-deref Read in do_journal_end
2022/10/18 16:13 upstream bb1a1146467a b31320fc .config console log report info ci-qemu-upstream-386 KASAN: null-ptr-deref Read in do_journal_end
2022/10/16 20:07 upstream 2df76606db9d 67cb024c .config console log report info ci-qemu-upstream-386 KASAN: null-ptr-deref Read in do_journal_end
2023/03/05 22:33 linux-next 1acf39ef8f14 f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: null-ptr-deref Read in do_journal_end
2022/08/25 21:15 upstream 3f5c20055a64 9b5bf4cd .config console log report info ci-upstream-kasan-gce-selinux-root KASAN: null-ptr-deref Write in do_journal_end
* Struck through repros no longer work on HEAD.