syzbot

 sign-in | mailing list | source | docs
🐞 Open [677]
🐞 Fixed [67]
🐞 Invalid [821]
Missing Backports [96]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

general protection fault in lock_sock_nested

Status: upstream: reported syz repro on 2024/04/04 13:25
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+919d4e1e5bdfd4fa9abb@syzkaller.appspotmail.com
First crash: 358d, last: 22h57m
Bug presence (1)
Date Name Commit Repro Result
2024/12/31 upstream (ToT) ccb98ccef0e5 C [report] general protection fault in lock_sock_nested
Similar bugs (16)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 general protection fault in lock_sock_nested 1 2603d 2603d 0/3 auto-closed as invalid on 2019/02/22 12:39
linux-4.14 general protection fault in lock_sock_nested 4 1421d 1639d 0/1 auto-closed as invalid on 2021/09/04 19:35
upstream general protection fault in lock_sock_nested bluetooth C done done 1431 19m 564d 0/28 upstream: reported C repro on 2023/09/11 07:52
linux-6.1 general protection fault in lock_sock_nested origin:upstream syz 118 4d04h 348d 0/3 upstream: reported syz repro on 2024/04/14 08:46
upstream BUG: unable to handle kernel paging request in lock_sock_nested bluetooth 43 1256d 1696d 0/28 auto-closed as invalid on 2022/02/16 22:16
linux-4.19 KASAN: wild-memory-access Write in lock_sock_nested 2 1520d 1589d 0/1 auto-closed as invalid on 2021/05/28 14:35
linux-6.1 BUG: sleeping function called from invalid context in lock_sock_nested (2) origin:upstream C error 5 33d 34d 0/3 upstream: reported C repro on 2025/02/23 00:56
linux-4.19 KASAN: use-after-free Read in lock_sock_nested C 471 758d 2072d 0/1 upstream: reported C repro on 2019/07/26 21:27
linux-4.14 KASAN: use-after-free Read in lock_sock_nested C inconclusive 331 799d 2165d 0/1 upstream: reported C repro on 2019/04/24 06:28
upstream KASAN: use-after-free Read in lock_sock_nested hams C inconclusive done 1856 668d 2277d 0/28 auto-obsoleted due to no activity on 2023/08/23 09:06
linux-6.1 BUG: sleeping function called from invalid context in lock_sock_nested 7 251d 272d 0/3 auto-obsoleted due to no activity on 2024/10/28 05:57
linux-4.14 BUG: unable to handle kernel paging request in lock_sock_nested 4 1414d 1533d 0/1 auto-closed as invalid on 2021/09/11 11:51
upstream KASAN: slab-out-of-bounds Read in lock_sock_nested bluetooth syz unreliable done 23 1250d 1690d 0/28 auto-obsoleted due to no activity on 2022/09/29 10:19
linux-4.19 KASAN: slab-out-of-bounds Read in lock_sock_nested 14 933d 1597d 0/1 auto-obsoleted due to no activity on 2023/01/05 15:59
upstream BUG: sleeping function called from invalid context in lock_sock_nested (3) bluetooth C inconclusive 141 2d02h 319d 0/28 upstream: reported C repro on 2024/05/13 12:58
linux-5.15 BUG: sleeping function called from invalid context in lock_sock_nested origin:upstream missing-backport C error 22 16d 272d 0/3 upstream: reported C repro on 2024/06/29 07:50
Last patch testing requests (6)
Created Duration User Patch Repo Result
2024/12/12 17:26 17m retest repro linux-5.15.y report log
2024/12/12 17:26 13m retest repro linux-5.15.y report log
2024/12/12 17:26 17m retest repro linux-5.15.y report log
2024/12/12 17:26 12m retest repro linux-5.15.y report log
2024/12/12 17:26 18m retest repro linux-5.15.y report log
2024/11/06 09:37 19m retest repro linux-5.15.y report log
Fix bisection attempts (3)
Created Duration User Patch Repo Result
2024/10/27 03:55 1m fix candidate upstream error job log
2024/08/19 20:04 1m fix candidate upstream error job log
2024/07/03 04:13 57m fix candidate upstream error job log

Sample crash report:
general protection fault, probably for non-canonical address 0xdffffc0000000024: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000120-0x0000000000000127]
CPU: 0 PID: 1107 Comm: kworker/0:2 Not tainted 5.15.175-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: events l2cap_info_timeout
RIP: 0010:__lock_acquire+0x69/0x1ff0 kernel/locking/lockdep.c:4882
Code: 84 c0 48 89 7c 24 08 0f 85 3f 16 00 00 83 3d 91 c0 a7 0c 00 0f 84 ec 14 00 00 83 3d 30 1a 3c 0b 00 74 2d 48 89 f8 48 c1 e8 03 <80> 3c 10 00 74 14 e8 5c 8d 67 00 48 8b 7c 24 08 48 ba 00 00 00 00
RSP: 0000:ffffc90004b27800 EFLAGS: 00010006
RAX: 0000000000000024 RBX: 0000000000000000 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000120
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
R13: ffff8880217e5940 R14: 0000000000000000 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f58afcef580 CR3: 0000000025d52000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
 lock_sock_nested+0x44/0x100 net/core/sock.c:3250
 lock_sock include/net/sock.h:1678 [inline]
 l2cap_sock_ready_cb+0x43/0x130 net/bluetooth/l2cap_sock.c:1649
 l2cap_chan_ready net/bluetooth/l2cap_core.c:1385 [inline]
 l2cap_conn_start+0x8c9/0x10a0 net/bluetooth/l2cap_core.c:1643
 process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>
Modules linked in:
---[ end trace e6b46d8f2097f684 ]---
RIP: 0010:__lock_acquire+0x69/0x1ff0 kernel/locking/lockdep.c:4882
Code: 84 c0 48 89 7c 24 08 0f 85 3f 16 00 00 83 3d 91 c0 a7 0c 00 0f 84 ec 14 00 00 83 3d 30 1a 3c 0b 00 74 2d 48 89 f8 48 c1 e8 03 <80> 3c 10 00 74 14 e8 5c 8d 67 00 48 8b 7c 24 08 48 ba 00 00 00 00
RSP: 0000:ffffc90004b27800 EFLAGS: 00010006
RAX: 0000000000000024 RBX: 0000000000000000 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000120
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
R13: ffff8880217e5940 R14: 0000000000000000 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f58afcef580 CR3: 0000000025d52000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	84 c0                	test   %al,%al
   2:	48 89 7c 24 08       	mov    %rdi,0x8(%rsp)
   7:	0f 85 3f 16 00 00    	jne    0x164c
   d:	83 3d 91 c0 a7 0c 00 	cmpl   $0x0,0xca7c091(%rip)        # 0xca7c0a5
  14:	0f 84 ec 14 00 00    	je     0x1506
  1a:	83 3d 30 1a 3c 0b 00 	cmpl   $0x0,0xb3c1a30(%rip)        # 0xb3c1a51
  21:	74 2d                	je     0x50
  23:	48 89 f8             	mov    %rdi,%rax
  26:	48 c1 e8 03          	shr    $0x3,%rax
* 2a:	80 3c 10 00          	cmpb   $0x0,(%rax,%rdx,1) <-- trapping instruction
  2e:	74 14                	je     0x44
  30:	e8 5c 8d 67 00       	call   0x678d91
  35:	48 8b 7c 24 08       	mov    0x8(%rsp),%rdi
  3a:	48                   	rex.W
  3b:	ba 00 00 00 00       	mov    $0x0,%edx

Crashes (97):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/12/27 20:59 linux-5.15.y 91786f140358 d3ccff63 .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/03/28 01:59 linux-5.15.y 0c935c049b5c 6c09fb82 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/03/22 12:56 linux-5.15.y 0c935c049b5c c6512ef7 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/03/08 12:27 linux-5.15.y c16c81c81336 7e3bd60d .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/02/04 18:45 linux-5.15.y c16c81c81336 8f267cef .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/06/23 19:14 linux-5.15.y 4878aadf2d15 edc5149a .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/06/22 04:02 linux-5.15.y 4878aadf2d15 edc5149a .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/06/19 13:03 linux-5.15.y 4878aadf2d15 41b7e219 .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/05/07 19:19 linux-5.15.y 284087d4f7d5 cb2dcc0e .config console log report syz [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/05/07 06:13 linux-5.15.y 284087d4f7d5 fa7a5cf0 .config console log report syz [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/04/25 00:20 linux-5.15.y c52b9710c83d 8bdc0f22 .config console log report syz [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/04/16 22:56 linux-5.15.y fa3df276cd36 18f6e127 .config console log report syz [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/03/26 21:52 linux-5.15.y 0c935c049b5c 20510e88 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/03/24 03:47 linux-5.15.y 0c935c049b5c 875573af .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/02/27 09:47 linux-5.15.y c16c81c81336 6a8fcbc4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/02/18 19:35 linux-5.15.y c16c81c81336 c37c7249 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/02/11 10:23 linux-5.15.y c16c81c81336 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/02/06 15:27 linux-5.15.y c16c81c81336 577d049b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/02/06 13:05 linux-5.15.y c16c81c81336 577d049b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/28 16:24 linux-5.15.y 003148680b79 f5427d7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/28 02:22 linux-5.15.y 003148680b79 18070896 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/27 13:58 linux-5.15.y 003148680b79 d99a33ad .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/25 09:22 linux-5.15.y 003148680b79 9fbd772e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/23 23:33 linux-5.15.y 003148680b79 521b0ce3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/20 19:37 linux-5.15.y 4735586da88e 6e87cfa2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/18 05:04 linux-5.15.y 4735586da88e f2cb035c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/17 15:01 linux-5.15.y 4735586da88e 953d1c45 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/16 17:41 linux-5.15.y 4735586da88e f9e07a6e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/14 05:19 linux-5.15.y 4735586da88e b1f1cd88 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/12 18:50 linux-5.15.y 4735586da88e 6dbc6a9b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/10 07:06 linux-5.15.y 4735586da88e 67d7ec0a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/09 04:30 linux-5.15.y 91786f140358 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/08 02:14 linux-5.15.y 91786f140358 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/07 12:46 linux-5.15.y 91786f140358 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/07 00:40 linux-5.15.y 91786f140358 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/01/02 18:12 linux-5.15.y 91786f140358 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2024/12/28 19:49 linux-5.15.y 91786f140358 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2024/12/27 17:37 linux-5.15.y 91786f140358 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2024/11/18 18:18 linux-5.15.y 0a51d2d4527b e7bb5d6e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2024/11/11 22:30 linux-5.15.y 3c17fc483905 0c4b1325 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2024/10/21 23:18 linux-5.15.y 584a40a22cb9 f1e4447c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2024/07/28 04:29 linux-5.15.y 7e89efd3ae1c 46eb10b7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2024/04/04 13:24 linux-5.15.y 9465fef4ae35 0ee3535e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan general protection fault in lock_sock_nested
2025/03/26 07:23 linux-5.15.y 0c935c049b5c 89d30d73 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/02/14 06:19 linux-5.15.y c16c81c81336 d9a046cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/02/13 17:40 linux-5.15.y c16c81c81336 a98a8417 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/02/04 17:15 linux-5.15.y c16c81c81336 8f267cef .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/02/02 18:20 linux-5.15.y c16c81c81336 568559e4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/02/02 14:41 linux-5.15.y c16c81c81336 568559e4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/02/02 03:58 linux-5.15.y c16c81c81336 568559e4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/01/29 04:57 linux-5.15.y 003148680b79 865ef71e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/01/28 11:08 linux-5.15.y 003148680b79 18070896 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/01/26 14:51 linux-5.15.y 003148680b79 9fbd772e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2025/01/07 20:56 linux-5.15.y 91786f140358 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/10/11 05:07 linux-5.15.y 3a5928702e71 8fbfc0c8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/10/09 00:18 linux-5.15.y 3a5928702e71 402f1df0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/09/12 20:23 linux-5.15.y 3a5928702e71 60e1a995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/06/23 16:56 linux-5.15.y 4878aadf2d15 edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
2024/06/22 07:19 linux-5.15.y 4878aadf2d15 edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in lock_sock_nested
* Struck through repros no longer work on HEAD.