syzbot

 sign-in | mailing list | source | docs
🐞 Open [1676]
Subsystems
🐞 Fixed [6053]
🐞 Invalid [15019]
Missing Backports [150]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

general protection fault in __d_unalias

Status: upstream: reported C repro on 2025/02/03 18:55
Subsystems: nilfs
[Documentation on labels]
Reported-by: syzbot+ab57f676a518849a8d57@syzkaller.appspotmail.com
Fix commit: 902e09c8acde fix braino in "9p: fix ->rename_sem exclusion"
Patched on: [ci-qemu-gce-upstream-auto ci-qemu-native-arm64-kvm ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-snapshot-upstream-root ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32 ci-qemu2-riscv64]
First crash: 22d, last: 8d22h
Cause bisection: introduced by (bisect log) :
commit 30d61efe118cad1a73ad2ad66a3298e4abdf9f41
Author: Al Viro <viro@zeniv.linux.org.uk>
Date: Mon Jan 6 02:33:17 2025 +0000

  9p: fix ->rename_sem exclusion

Crash: BUG: unable to handle kernel NULL pointer dereference in __d_unalias (log)
Repro: C syz .config
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [nilfs?] general protection fault in __d_unalias 2 (4) 2025/02/04 02:20
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/02/04 00:10 1h03m eadavis@qq.com patch upstream error

Sample crash report:
UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
Oops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] PREEMPT SMP KASAN PTI
KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]
CPU: 1 UID: 0 PID: 5824 Comm: syz-executor167 Not tainted 6.13.0-syzkaller-09793-g69b8923f5003 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:__d_unalias+0x199/0x2a0 fs/dcache.c:2969
Code: 98 00 00 00 4c 89 fb 48 c1 eb 03 49 89 ed 80 3c 2b 00 74 08 4c 89 ff e8 65 62 e7 ff 49 8b 2f 48 83 c5 68 48 89 e8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 ef e8 48 62 e7 ff 4c 8b 5d 00 4d 85 db
RSP: 0018:ffffc90003f37b98 EFLAGS: 00010202
RAX: 000000000000000d RBX: 1ffff1100f4d3f61 RCX: ffff888078d01e00
RDX: 0000000000000000 RSI: ffff88807a69fa70 RDI: ffff88807a69f608
RBP: 0000000000000068 R08: ffff88807a71b0e3 R09: 1ffff1100f4e361c
R10: dffffc0000000000 R11: ffffed100f4e361d R12: ffff88807a69fa70
R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88807a69fb08
FS:  000055558277f380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005608b6b15fe8 CR3: 000000003507a000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 d_splice_alias+0x1e6/0x330 fs/dcache.c:3037
 udf_lookup+0x1f4/0x2b0 fs/udf/namei.c:130
 lookup_one_qstr_excl+0x126/0x2b0 fs/namei.c:1693
 do_rmdir+0x297/0x580 fs/namei.c:4444
 __do_sys_rmdir fs/namei.c:4474 [inline]
 __se_sys_rmdir fs/namei.c:4472 [inline]
 __x64_sys_rmdir+0x47/0x50 fs/namei.c:4472
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fbf00da9d99
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffcedb9d7e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
RAX: ffffffffffffffda RBX: 6f72746e6f632f2e RCX: 00007fbf00da9d99
RDX: 00007fbf00da9d99 RSI: 00007fbf00da9d99 RDI: 0000000020000100
RBP: 00007fbf00e1e5f0 R08: 00005555827804c0 R09: 00005555827804c0
R10: 00005555827804c0 R11: 0000000000000246 R12: 00007ffcedb9d810
R13: 00007ffcedb9da38 R14: 431bde82d7b634db R15: 00007fbf00df303b
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__d_unalias+0x199/0x2a0 fs/dcache.c:2969
Code: 98 00 00 00 4c 89 fb 48 c1 eb 03 49 89 ed 80 3c 2b 00 74 08 4c 89 ff e8 65 62 e7 ff 49 8b 2f 48 83 c5 68 48 89 e8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 ef e8 48 62 e7 ff 4c 8b 5d 00 4d 85 db
RSP: 0018:ffffc90003f37b98 EFLAGS: 00010202
RAX: 000000000000000d RBX: 1ffff1100f4d3f61 RCX: ffff888078d01e00
RDX: 0000000000000000 RSI: ffff88807a69fa70 RDI: ffff88807a69f608
RBP: 0000000000000068 R08: ffff88807a71b0e3 R09: 1ffff1100f4e361c
R10: dffffc0000000000 R11: ffffed100f4e361d R12: ffff88807a69fa70
R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88807a69fb08
FS:  000055558277f380(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005608b6b15fe8 CR3: 000000003507a000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	98                   	cwtl
   1:	00 00                	add    %al,(%rax)
   3:	00 4c 89 fb          	add    %cl,-0x5(%rcx,%rcx,4)
   7:	48 c1 eb 03          	shr    $0x3,%rbx
   b:	49 89 ed             	mov    %rbp,%r13
   e:	80 3c 2b 00          	cmpb   $0x0,(%rbx,%rbp,1)
  12:	74 08                	je     0x1c
  14:	4c 89 ff             	mov    %r15,%rdi
  17:	e8 65 62 e7 ff       	call   0xffe76281
  1c:	49 8b 2f             	mov    (%r15),%rbp
  1f:	48 83 c5 68          	add    $0x68,%rbp
  23:	48 89 e8             	mov    %rbp,%rax
  26:	48 c1 e8 03          	shr    $0x3,%rax
* 2a:	42 80 3c 28 00       	cmpb   $0x0,(%rax,%r13,1) <-- trapping instruction
  2f:	74 08                	je     0x39
  31:	48 89 ef             	mov    %rbp,%rdi
  34:	e8 48 62 e7 ff       	call   0xffe76281
  39:	4c 8b 5d 00          	mov    0x0(%rbp),%r11
  3d:	4d 85 db             	test   %r11,%r11

Crashes (835):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/02/01 13:03 upstream 69b8923f5003 aa47157c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in __d_unalias
2025/02/01 03:06 upstream 69b8923f5003 aa47157c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in __d_unalias
2025/02/01 02:24 upstream 69e858e0b8b2 aa47157c .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root general protection fault in __d_unalias
2025/02/04 00:16 upstream 2014c95afece a21a8419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in __d_unalias
2025/02/03 23:06 upstream 2014c95afece a21a8419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in __d_unalias
2025/02/03 22:01 upstream 2014c95afece a21a8419 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs general protection fault in __d_unalias
2025/02/02 22:05 upstream 69e858e0b8b2 568559e4 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root general protection fault in __d_unalias
2025/02/03 15:49 linux-next 00f3246adeea a21a8419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root general protection fault in __d_unalias
2025/02/13 09:58 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 2afad16e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/13 08:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 2afad16e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/13 05:38 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece b27c2402 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/13 02:23 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece b27c2402 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 22:37 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece b27c2402 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 21:00 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece b27c2402 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 16:25 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece b27c2402 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 14:16 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece b27c2402 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 12:48 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 10:16 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 07:34 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 05:55 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 04:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 04:10 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 02:27 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/12 00:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 23:05 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 21:26 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 18:13 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 15:46 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 14:39 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 12:46 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 11:30 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 11:12 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 09:38 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 07:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 05:01 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 03:50 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/11 02:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 23:29 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 21:51 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 20:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 19:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 14:41 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 13:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 12:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 10:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 07:17 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 07:07 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 05:50 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 03:56 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 02:49 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
2025/02/10 01:04 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2014c95afece ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in __d_unalias
* Struck through repros no longer work on HEAD.