| Date | Name | Commit | Repro | Result |
|---|---|---|---|---|
| 2024/02/23 | lts (merge base) | ba6f5fb46511 | C | [report] BUG: scheduling while atomic in exit_to_user_mode_loop |
| 2024/02/23 | upstream (ToT) | ffd2cb6b718e | C | Didn't crash |
syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [120] 🐞 Fixed [1] 🐞 Invalid [36] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
| Date | Name | Commit | Repro | Result |
|---|---|---|---|---|
| 2024/02/23 | lts (merge base) | ba6f5fb46511 | C | [report] BUG: scheduling while atomic in exit_to_user_mode_loop |
| 2024/02/23 | upstream (ToT) | ffd2cb6b718e | C | Didn't crash |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2024/03/10 06:25 | 8m | retest repro | android14-6.1 | report log | |
| 2024/03/10 06:25 | 7m | retest repro | android14-6.1 | report log |
================================================================================ UBSAN: array-index-out-of-bounds in kernel/bpf/helpers.c:776:13 index -1 is out of range for type 'char[3][512]' CPU: 0 PID: 330 Comm: syz-executor141 Not tainted 6.1.68-syzkaller-00090-g609541ba1afd #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x151/0x1b7 lib/dump_stack.c:106 dump_stack+0x15/0x1b lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:151 [inline] __ubsan_handle_out_of_bounds+0x13a/0x160 lib/ubsan.c:282 try_get_fmt_tmp_buf kernel/bpf/helpers.c:776 [inline] bpf_bprintf_prepare+0x132e/0x1360 kernel/bpf/helpers.c:818 ____bpf_trace_printk kernel/trace/bpf_trace.c:385 [inline] bpf_trace_printk+0x14a/0x300 kernel/trace/bpf_trace.c:376 bpf_prog_6d76b37dff78ad46+0x2e/0x32 bpf_dispatcher_nop_func include/linux/bpf.h:982 [inline] __bpf_prog_run include/linux/filter.h:600 [inline] bpf_prog_run include/linux/filter.h:607 [inline] bpf_test_run+0x4ab/0xa40 net/bpf/test_run.c:402 bpf_prog_test_run_skb+0xaf1/0x13a0 net/bpf/test_run.c:1180 bpf_prog_test_run+0x3b0/0x630 kernel/bpf/syscall.c:3635 __sys_bpf+0x59f/0x7f0 kernel/bpf/syscall.c:4990 __do_sys_bpf kernel/bpf/syscall.c:5076 [inline] __se_sys_bpf kernel/bpf/syscall.c:5074 [inline] __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5074 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f36a8445f69 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fffa6a01058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f36a8445f69 RDX: 0000000000000028 RSI: 0000000020000200 RDI: 000000000000000a RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 </TASK> ================================================================================ BUG: scheduling while atomic: syz-executor141/330/0x00000002 Modules linked in: Preemption disabled at: [<ffffffff818eaf88>] try_get_fmt_tmp_buf kernel/bpf/helpers.c:768 [inline] [<ffffffff818eaf88>] bpf_bprintf_prepare+0x118/0x1360 kernel/bpf/helpers.c:818 CPU: 0 PID: 330 Comm: syz-executor141 Not tainted 6.1.68-syzkaller-00090-g609541ba1afd #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x151/0x1b7 lib/dump_stack.c:106 dump_stack+0x15/0x1b lib/dump_stack.c:113 __schedule_bug+0x195/0x260 kernel/sched/core.c:5960 schedule_debug kernel/sched/core.c:5987 [inline] __schedule+0xcf7/0x1550 kernel/sched/core.c:6622 schedule+0xc3/0x180 kernel/sched/core.c:6805 exit_to_user_mode_loop+0x4e/0xa0 kernel/entry/common.c:159 exit_to_user_mode_prepare+0x5a/0xa0 kernel/entry/common.c:204 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline] syscall_exit_to_user_mode+0x26/0x140 kernel/entry/common.c:297 do_syscall_64+0x49/0xb0 arch/x86/entry/common.c:87 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f36a8445f69 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fffa6a01058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f36a8445f69 RDX: 0000000000000028 RSI: 0000000020000200 RDI: 000000000000000a RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 </TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/03/22 15:08 | android14-6.1 | 609541ba1afd | 4b6cdce6 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | |
| 2024/02/23 08:49 | android14-6.1 | d6b58cc171f4 | 8d446f15 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | |
| 2024/02/25 05:42 | android14-6.1 | 8c0f9174731d | 8d446f15 | .config | console log | report | syz | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/05/05 07:22 | android14-6.1 | 1794308d463f | 610f2a54 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1-perf | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/05/01 01:16 | android14-6.1 | 1d37bc9913cc | 3ba885bc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1-perf | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/04/21 04:33 | android14-6.1 | dcb09569bbff | af24b050 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1-perf | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/04/20 18:18 | android14-6.1 | dcb09569bbff | af24b050 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/04/17 04:12 | android14-6.1 | 089d1b8f6daf | 18f6e127 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/04/15 16:59 | android14-6.1 | 26f2c9be9ebe | b9af7e61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1-perf | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/04/07 07:29 | android14-6.1 | 60534eef4739 | ca620dd8 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/04/04 23:41 | android14-6.1 | 60534eef4739 | 0ee3535e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/03/31 14:11 | android14-6.1 | 5b8114ec3c92 | 6baf5069 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare | ||
| 2024/03/31 07:51 | android14-6.1 | 5b8114ec3c92 | 6baf5069 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-android-6-1 | UBSAN: array-index-out-of-bounds in bpf_bprintf_prepare |