syzbot

 sign-in | mailing list | source | docs
🐞 Open [1025] Subsystems 🐞 Fixed [5278] 🐞 Invalid [12602] Missing Backports [86] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KASAN: stack-out-of-bounds Read in __jbd2_journal_clean_checkpoint_list

Status: closed as dup on 2018/07/05 16:16
Subsystems: ext4
[Documentation on labels]
Reported-by: syzbot+f271a76f3be129583d19@syzkaller.appspotmail.com
First crash: 2135d, last: 2135d
Duplicate of
Title Repro Cause bisect Fix bisect Count Last Reported
BUG: unable to handle kernel paging request in ttwu_do_activate kernel 1 2135d 2135d

Sample crash report:
==================================================================
BUG: KASAN: stack-out-of-bounds in __jbd2_journal_clean_checkpoint_list+0x1fb/0x210 fs/jbd2/checkpoint.c:473
Read of size 8 at addr ffff880194e4a5d8 by task jbd2/sda1-8/2299

CPU: 0 PID: 2299 Comm: jbd2/sda1-8 Not tainted 4.18.0-rc3+ #45
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
BUG: unable to handle kernel paging request at ffff8801a01161c8
Call Trace:
PGD b4df067 P4D b4df067 
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
PUD 1cfa99063 
PMD 194049063 
PTE 0
 print_address_description+0x6c/0x20b mm/kasan/report.c:256
Oops: 0002 [#1] SMP KASAN
CPU: 1 PID: 16463 Comm: syz-executor4 Not tainted 4.18.0-rc3+ #45
 kasan_report_error mm/kasan/report.c:354 [inline]
 kasan_report.cold.7+0x242/0x2fe mm/kasan/report.c:412
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:433
RIP: 0010:__hlist_del include/linux/list.h:651 [inline]
RIP: 0010:detach_timer kernel/time/timer.c:817 [inline]
RIP: 0010:expire_timers kernel/time/timer.c:1353 [inline]
RIP: 0010:__run_timers+0x650/0xc70 kernel/time/timer.c:1666
 __jbd2_journal_clean_checkpoint_list+0x1fb/0x210 fs/jbd2/checkpoint.c:473
Code: 
 jbd2_journal_commit_transaction+0x11a6/0x8c54 fs/jbd2/commit.c:485
04 38 
f8 
4d 
85 
ed 
74 
26 
e8 
dd 
7e 
12 
00 
49 
8d 
7d 
08 
48 
8b 95 
58 
fd 
ff 
ff 
48 
89 
f8 
48 
c1 
e8 
03 
42 
80 
3c 
38 
00 
0f 
85 
1c 
05 
00 
00 
<49> 89 
55 
08 
e8 
b7 
7e 
12 
00 
4c 
89 
e0 
48 
c1 
e8 
03 
42 
80 
3c 
38 
00 
0f 
RSP: 0018:ffff8801daf07980 EFLAGS: 00010046
RAX: 1ffff10034022c39 RBX: ffff8801a23ae140 RCX: 1ffff1003b5e0f79
RDX: ffff8801daf07bc8 RSI: ffffffff81698cf3 RDI: ffff8801a01161c8
RBP: ffff8801daf07c70 R08: ffff8801d65dc2c0 R09: fffffbfff1585971
R10: fffffbfff1585971 R11: ffffffff8ac2cb8b R12: ffff8801a23ae148
R13: ffff8801a01161c0 R14: ffff8801daf07c48 R15: dffffc0000000000
FS:  00007fecdf050700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff8801a01161c8 CR3: 0000000008e6a000 CR4: 00000000001406e0
DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
 <IRQ>
 kjournald2+0x274/0xb50 fs/jbd2/journal.c:229
 run_timer_softirq+0x4c/0x70 kernel/time/timer.c:1692
 __do_softirq+0x2e8/0xb17 kernel/softirq.c:288
 kthread+0x345/0x410 kernel/kthread.c:240
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:412

Allocated by task 3481771008:
 invoke_softirq kernel/softirq.c:368 [inline]
 irq_exit+0x1d1/0x200 kernel/softirq.c:408
 exiting_irq arch/x86/include/asm/apic.h:527 [inline]
 smp_apic_timer_interrupt+0x186/0x730 arch/x86/kernel/apic/apic.c:1052
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:863
 </IRQ>
Modules linked in:
Dumping ftrace buffer:
---------------------------------
syz-exec-23504   1...2 268132568us : 0: }D
syz-exec-1927    1...2 456411363us : 0: }D
syz-exec-1927    1...2 456411369us : 0: }D
syz-exec-1927    1...2 456411371us : 0: }D
syz-exec-1927    1...2 456411373us : 0: }D
syz-exec-1927    1...2 456411375us : 0: }D
syz-exec-1927    1...2 456411448us : 0: }D
syz-exec-1927    1...2 456411450us : 0: }D
syz-exec-1927    1...2 456411453us : 0: }D
syz-exec-1927    1...2 456411455us : 0: }D
syz-exec-1927    1...2 456411457us : 0: }D
syz-exec-1927    1...2 456411459us : 0: }D
syz-exec-1927    1...2 456411461us : 0: }D
syz-exec-1927    1...2 456411463us : 0: }D
syz-exec-1927    1...2 456411465us : 0: }D
syz-exec-1927    1...2 456411467us : 0: }D
syz-exec-1927    1...2 456411469us : 0: }D
syz-exec-1927    1...2 456411471us : 0: }D
syz-exec-1927    1...2 456411473us : 0: }D
syz-exec-1927    1...2 456411475us : 0: }D
syz-exec-1927    1...2 456411477us : 0: }D
syz-exec-1927    1...2 456411479us : 0: }D
syz-exec-1927    1...2 456411482us : 0: }D
syz-exec-1927    1...2 456411483us : 0: }D
syz-exec-1927    1...2 456411485us : 0: }D
syz-exec-1927    1...2 456411487us : 0: }D
syz-exec-1927    1...2 456411489us : 0: }D
syz-exec-1927    1...2 456411491us : 0: }D
syz-exec-1927    1...2 456411493us : 0: }D
syz-exec-1927    1...2 456411496us : 0: }D
syz-exec-1927    1...2 456411498us : 0: }D
syz-exec-1927    1...2 456411500us : 0: }D
syz-exec-1927    1...2 456411503us : 0: }D
syz-exec-1927    1...2 456411505us : 0: }D
syz-exec-1927    1...2 456411508us : 0: }D
syz-exec-1927    1...2 456411511us : 0: }D
syz-exec-1927    1...2 456411513us : 0: }D
syz-exec-1927    1...2 456411516us : 0: }D
syz-exec-1927    1...2 456411519us : 0: }D
syz-exec-1927    1...2 456411521us : 0: }D
syz-exec-1927    1...2 456411524us : 0: }D
syz-exec-1927    1...2 456411526us : 0: }D
syz-exec-1927    1...2 456411529us : 0: }D
syz-exec-1927    1...2 456411531us : 0: }D
syz-exec-1927    1...2 456411535us : 0: }D
syz-exec-1927    1...2 456411537us : 0: }D
syz-exec-1927    1...2 456411539us : 0: }D
syz-exec-1927    1...2 456411541us : 0: }D
syz-exec-1927    1...2 456411543us : 0: }D
syz-exec-1927    1...2 456411546us : 0: }D
syz-exec-1927    1...2 456411547us : 0: }D
syz-exec-1927    1...2 456411550us : 0: }D
syz-exec-1927    1...2 456411553us : 0: }D
syz-exec-1927    1...2 456411555us : 0: }D
syz-exec-1927    1...2 456411558us : 0: }D
syz-exec-1927    1...2 456411561us : 0: }D
syz-exec-1927    1...2 456411563us : 0: }D
syz-exec-1927    1...2 456411565us : 0: }D
syz-exec-1927    1...2 456411567us : 0: }D
syz-exec-1927    1...2 456411570us : 0: }D
syz-exec-1927    1...2 456411572us : 0: }D
syz-exec-1927    1...2 456411574us : 0: }D
syz-exec-1927    1...2 456411577us : 0: }D
syz-exec-1927    1...2 456411579us : 0: }D
syz-exec-1927    1...2 456411581us : 0: }D
syz-exec-1927    1...2 456411584us : 0: }D
syz-exec-1927    1...2 456411586us : 0: }D
syz-exec-1927    1...2 456411588us : 0: }D
syz-exec-1927    1...2 456411591us : 0: }D
syz-exec-1927    1...2 456411593us : 0: }D
syz-exec-1927    1...2 456411595us : 0: }D
syz-exec-1927    1...2 456411598us : 0: }D
syz-exec-1927    1...2 456411600us : 0: }D
syz-exec-1927    1...2 456411602us : 0: }D
syz-exec-1927    1...2 456411604us : 0: }D
syz-exec-1927    1...2 456411607us : 0: }D
syz-exec-1927    1...2 456411609us : 0: }D
syz-exec-1927    1...2 456411611us : 0: }D
syz-exec-1927    1...2 456411613us : 0: }D
syz-exec-1927    1...2 456411615us : 0: }D
syz-exec-1927    1...2 456411618us : 0: }D
syz-exec-1927    1...2 456411620us : 0: }D
syz-exec-1927    1.n.2 456411622us : 0: }D
syz-exec-1927    1.N.2 456411627us : 0: }D
syz-exec-1927    1...2 456411663us : 0: }D
syz-exec-1927    1...2 456411667us : 0: }D
syz-exec-1927    1...2 456411669us : 0: }D
syz-exec-1927    1...2 456411672us : 0: }D
syz-exec-1927    1...2 456411675us : 0: }D
syz-exec-1927    1...2 456411678us : 0: }D
syz-exec-1927    1...2 456411680us : 0: }D
syz-exec-1927    1...2 456411684us : 0: }D
syz-exec-1927    1...2 456411686us : 0: }D
syz-exec-1927    1...2 456411689us : 0: }D
syz-exec-1927    1...2 456411691us : 0: }D
syz-exec-1927    1...2 456411694us : 0: }D
syz-exec-1927    1...2 456411697us : 0: }D
syz-exec-1927    1...2 456411699us : 0: }D
syz-exec-1927    1...2 456411702us : 0: }D
syz-exec-1927    1...2 456411705us : 0: }D
syz-exec-1927    1...2 456411707us : 0: }D
syz-exec-1927    1...2 456411710us : 0: }D
syz-exec-1927    1...2 456411713us : 0: }D
syz-exec-1927    1...2 456411716us : 0: }D
syz-exec-1927    1...2 456411718us : 0: }D
syz-exec-1927    1...2 456411720us : 0: }D
syz-exec-1927    1...2 456411724us : 0: }D
syz-exec-1927    1...2 456411726us : 0: }D
syz-exec-1927    1...2 456411728us : 0: }D
syz-exec-1927    1...2 456411730us : 0: }D
syz-exec-1927    1...2 456411734us : 0: }D
syz-exec-1927    1...2 456411736us : 0: }D
syz-exec-1927    1...2 456411739us : 0: }D
syz-exec-1927    1...2 456411742us : 0: }D
syz-exec-1927    1...2 456411744us : 0: }D
syz-exec-1927    1...2 456411747us : 0: }D
syz-exec-1927    1...2 456411749us : 0: }D
syz-exec-1927    1...2 456411752us : 0: }D
syz-exec-1927    1...2 456411754us : 0: }D
syz-exec-1927    1...2 456411756us : 0: }D
syz-exec-1927    1...2 456411759us : 0: }D
syz-exec-1927    1...2 456411762us : 0: }D
syz-exec-1927    1...2 456411764us : 0: }D
syz-exec-1927    1...2 456411767us : 0: }D
syz-exec-1927    1...2 456411770us : 0: }D
syz-exec-1927    1...2 456411772us : 0: }D
syz-exec-1927    1...2 456411774us : 0: }D
syz-exec-1927    1...2 456411777us : 0: }D
syz-exec-1927    1...2 456411780us : 0: }D
syz-exec-1927    1...2 456411782us : 0: }D
syz-exec-1927    1...2 456411784us : 0: }D
syz-exec-1927    1...2 456411786us : 0: }D
syz-exec-1927    1...2 456411788us : 0: }D
syz-exec-1927    1...2 456411791us : 0: }D
syz-exec-1927    1.N.2 456411795us : 0: }D
syz-exec-1927    1...2 456411823us : 0: }D
syz-exec-1927    1...2 456411826us : 0: }D
syz-exec-1927    1...2 456411828us : 0: }D
syz-exec-1927    1...2 456411830us : 0: }D
syz-exec-1927    1...2 456411833us : 0: }D
syz-exec-1927    1...2 456411835us : 0: }D
syz-exec-1927    1...2 456411838us : 0: }D
syz-exec-1927    1.N.2 456411842us : 0: }D
syz-exec-1927    1...2 456411870us : 0: }D
syz-exec-1927    1...2 456411873us : 0: }D
syz-exec-1927    1...2 456411876us : 0: }D
syz-exec-1927    1...2 456411878us : 0: }D
syz-exec-1927    1...2 456411880us : 0: }D
syz-exec-1927    1...2 456411882us : 0: }D
syz-exec-1927    1...2 456411884us : 0: }D
syz-exec-1927    1...2 456411887us : 0: }D
syz-exec-1927    1...2 456411889us : 0: }D
syz-exec-1927    1...2 456411892us : 0: }D
syz-exec-1927    1...2 456411894us : 0: }D
syz-exec-1927    1...2 456411897us : 0: }D
syz-exec-1927    1...2 456411899us : 0: }D
syz-exec-1927    1...2 456411902us : 0: }D
syz-exec-1927    1...2 456411905us : 0: }D
syz-exec-1927    1...2 456411907us : 0: }D
syz-exec-1927    1...2 456411910us : 0: }D
syz-exec-1927    1...2 456411912us : 0: }D
syz-exec-1927    1...2 456411914us : 0: }D
syz-exec-1927    1...2 456411917us : 0: }D
syz-exec-1927    1...2 456411919us : 0: }D
syz-exec-1927    1...2 456411922us : 0: }D
syz-exec-1927    1...2 456411925us : 0: }D
syz-exec-1927    1...2 456411927us : 0: }D
syz-exec-1927    1...2 456411930us : 0: }D
syz-exec-1927    1...2 456411932us : 0: }D
syz-exec-1927    1...2 456411937us : 0: }D
syz-exec-1927    1...2 456411940us : 0: }D
syz-exec-1927    1...2 456411943us : 0: }D
syz-exec-1927    1...2 456411945us : 0: }D
syz-exec-1927    1...2 456411947us : 0: }D
syz-exec-1927    1...2 456411950us : 0: }D
syz-exec-1927    1...2 456411952us : 0: }D
syz-exec-1927    1...2 456411955us : 0: }D
syz-exec-1927    1...2 456411957us : 0: }D
syz-exec-1927    1.n.2 456411960us : 0: }D
syz-exec-1927    1...2 456411986us : 0: }D
syz-exec-1927    1...2 456411989us : 0: }D
syz-exec-1927    1...2 456411991us : 0: }D
syz-exec-1927    1...2 456411994us : 0: }D
syz-exec-1927    1...2 456411996us : 0: }D
syz-exec-1927    1...2 456411999us : 0: }D
syz-exec-1927    1...2 456412001us : 0: }D
syz-exec-1927    1...2 456412004us : 0: }D
syz-exec-1927    1...2 456412006us : 0: }D
syz-exec-1927    1...2 456412009us : 0: }D
syz-exec-1927    1...2 456412011us : 0: }D
syz-exec-1927    1...2 456412014us : 0: }D
syz-exec-1927    1...2 456412016us : 0: }D
syz-exec-1927    1...2 456412019us : 0: }D
syz-exec-1927    1...2 456412021us : 0: }D
syz-exec-1927    1...2 456412024us : 0: }D
syz-exec-1927    1...2 456412026us : 0: }D
syz-exec-1927    1...2 456412029us : 0: }D
syz-exec-1927    1...2 456412031us : 0: }D
syz-exec-1927    1...2 456412034us : 0: }D
syz-exec-1927    1...2 456412036us : 0: }D
syz-exec-1927    1...2 456412039us : 0: }D
syz-exec-1927    1...2 456412041us : 0: }D
syz-exec-1927    1...2 456412044us : 0: }D
syz-exec-1927    1...2 456412046us : 0: }D
syz-exec-1927    1...2 456412049us : 0: }D
syz-exec-1927    1...2 456412051us : 0: }D
syz-exec-1927    1...2 456412053us : 0: }D
syz-exec-1927    1...2 456412056us : 0: }D
syz-exec-1927    1...2 456412058us : 0: }D
syz-exec-1927    1...2 456412068us : 0: }D
syz-exec-1927    1...2 456412071us : 0: }D
syz-exec-1927    1...2 456412074us : 0: }D
syz-exec-1927    1...2 456412077us : 0: }D
syz-exec-1927    1...2 456412079us : 0: }D
syz-exec-1927    1...2 456412082us : 0: }D
syz-exec-1927    1...2 456412085us : 0: }D
syz-exec-1927    1...2 456412088us : 0: }D
syz-exec-1927    1...2 456412090us : 0: }D
syz-exec-1927    1...2 456412093us : 0: }D
syz-exec-1927    1...2 456412096us : 0: }D
syz-exec-1927    1...2 456412098us : 0: }D
syz-exec-1927    1...2 456412100us : 0: }D
syz-exec-1927    1...2 456412103us : 0: }D
syz-exec-1927    1...2 456412106us : 0: }D
syz-exec-1927    1...2 456412109us : 0: }D
syz-exec-1927    1...2 456412111us : 0: }D
syz-exec-1927    1...2 456412114us : 0: }D
syz-exec-1927    1...2 456412117us : 0: }D
syz-exec-1927    1...2 456412120us : 0: }D
syz-exec-1927    1...2 456412122us : 0: }D
syz-exec-1927    1...2 456412126us : 0: }D
syz-exec-1927    1...2 456412128us : 0: }D
syz-exec-1927    1...2 456412131us : 0: }D
syz-exec-1927    1...2 456412133us : 0: }D
syz-exec-1927    1...2 456412136us : 0: }D
syz-exec-1927    1...2 456412139us : 0: }D
syz-exec-1927    1...2 456412141us : 0: }D
syz-exec-1927    1...2 456412144us : 0: }D
syz-exec-1927    1...2 456412147us : 0: }D
syz-exec-1927    1...2 456412150us : 0: }D
syz-exec-1927    1...2 456412152us : 0: }D
syz-exec-1927    1...2 456412155us : 0: }D
syz-exec-1927    1...2 456412158us : 0: }D
syz-exec-1927    1...2 456412160us : 0: }D
syz-exec-1927    1...2 456412162us : 0: }D
syz-exec-1927    1...2 456412166us : 0: }D
syz-exec-1927    1...2 456412168us : 0: }D
syz-exec-1927    1...2 456412171us : 0: }D
syz-exec-1927    1...2 456412173us : 0: }D
syz-exec-1927    1...2 456412176us : 0: }D
syz-exec-1927    1...2 456412179us : 0: }D
syz-exec-1927    1...2 456412181us : 0: }D
syz-exec-1927    1...2 456412184us : 0: }D
syz-exec-1927    1...2 456412187us : 0: }D
syz-exec-1927    1...2 456412189us : 0: }D
syz-exec-1927    1...2 456412192us : 0: }D
syz-exec-1927    1...2 456412195us : 0: }D
syz-exec-1927    1...2 456412198us : 0: }D
syz-exec-1927    1...2 456412200us : 0: }D
syz-exec-1927    1...2 456412203us : 0: }D
syz-exec-1927    1...2 456412206us : 0: }D
syz-exec-1927    1...2 456412209us : 0: }D
syz-exec-1927    1...2 456412211us : 0: }D
syz-exec-1927    1...2 456412214us : 0: }D
syz-exec-1927    1...2 456412217us : 0: }D
syz-exec-1927    1...2 456412220us : 0: }D
syz-exec-1927    1...2 456412222us : 0: }D
syz-exec-1927    1...2 456412224us : 0: }D
syz-exec-1927    1...2 456412231us : 0: }D
syz-exec-1927    1...2 456412234us : 0: }D
syz-exec-1927    1...2 456412236us : 0: }D
syz-exec-1927    1...2 456412239us : 0: }D
syz-exec-1927    1...2 456412241us : 0: }D
syz-exec-1927    1...2 456412244us : 0: }D
syz-exec-1927    1...2 456412246us : 0: }D
syz-exec-1927    1...2 456412249us : 0: }D
syz-exec-1927    1...2 456412251us : 0: }D
syz-exec-1927    1...2 456412254us : 0: }D
syz-exec-1927    1...2 456412256us : 0: }D
syz-exec-1927    1...2 456412259us : 0: }D
syz-exec-1927    1...2 456412261us : 0: }D
syz-exec-1927    1...2 456412264us : 0: }D
syz-exec-1927    1...2 456412266us : 0: }D
syz-exec-1927    1...2 456412268us : 0: }D
syz-exec-1927    1...2 456412271us : 0: }D
syz-exec-1927    1...2 456412273us : 0: }D
syz-exec-1927    1...2 456412275us : 0: }D
syz-exec-1927    1...2 456412278us : 0: }D
syz-exec-1927    1...2 456412280us : 0: }D
syz-exec-1927    1...2 456412283us : 0: }D
syz-exec-1927    1...2 456412285us : 0: }D
syz-exec-1927    1...2 456412288us : 0: }D
syz-exec-1927    1...2 456412290us : 0: }D
syz-exec-1927    1...2 456412292us : 0: }D
syz-exec-1927    1...2 456412316us : 0: }D
syz-exec-1927    1.N.2 456412318us : 0: }D
syz-exec-1927    1...2 456420117us : 0: }D
syz-exec-1927    1...2 456420124us : 0: }D
syz-exec-1927    1...2 456420127us : 0: }D
syz-exec-1927    1...2 456420129us : 0: }D
syz-exec-1927    1...2 456420132us : 0: }D
syz-exec-1927    1...2 456420135us : 0: }D
syz-exec-1927    1...2 456420138us : 0: }D
syz-exec-1927    1...2 456420140us : 0: }D
syz-exec-1927    1...2 456420143us : 0: }D
syz-exec-1927    1...2 456420145us : 0: }D
syz-exec-1927    1...2 456420147us : 0: }D
syz-exec-1927    1...2 456420150us : 0: }D
syz-exec-1927    1...2 456420154us : 0: }D
syz-exec-1927    1...2 456420156us : 0: }D
syz-exec-1927    1...2 456420158us : 0: }D
syz-exec-1927    1...2 456420161us : 0: }D
syz-exec-1927    1...2 456420163us : 0: }D
syz-exec-1927    1...2 456420166us : 0: }D
syz-exec-1927    1...2 456420168us : 0: }D
syz-exec-1927    1...2 456420171us : 0: }D
syz-exec-1927    1...2 456420173us : 0: }D
syz-exec-1927    1...2 456420176us : 0: }D
syz-exec-1927    1...2 456420178us : 0: }D
syz-exec-1927    1...2 456420180us : 0: }D
syz-exec-1927    1...2 456420183us : 0: }D
syz-exec-1927    1...2 456420185us : 0: }D
syz-exec-1927    1...2 456420187us : 0: }D
syz-exec-1927    1...2 456420190us : 0: }D
syz-exec-1927    1...2 456420192us : 0: }D
syz-exec-1927    1...2 456420194us : 0: }D
syz-exec-1927    1...2 456420197us : 0: }D
syz-exec-1927    1...2 456420199us : 0: }D
syz-exec-1927    1...2 456420201us : 0: }D
syz-exec-1927    1...2 456420203us : 0: }D
syz-exec-1927    1...2 456420206us : 0: }D
syz-exec-1927    1...2 456420208us : 0: }D
syz-exec-1927    1...2 456420210us : 0: }D
syz-exec-1927    1...2 456420213us : 0: }D
syz-exec-1927    1...2 456420215us : 0: }D
syz-exec-1927    1...2 456420217us : 0: }D
syz-exec-1927    1...2 456420220us : 0: }D
syz-exec-1927    1...2 456420222us : 0: }D
syz-exec-1927    1...2 456420225us : 0: }D
syz-exec-1927    1...2 456420229us : 0: }D
syz-exec-1927    1...2 456420232us : 0: }D
syz-exec-1927    1...2 456420234us : 0: }D
syz-exec-1927    1...2 456420237us : 0: }D
syz-exec-1927    1...2 456420239us : 0: }D
syz-exec-1927    1...2 456420242us : 0: }D
syz-exec-1927    1...2 456420244us : 0: }D
syz-exec-1927    1...2 456420246us : 0: }D
syz-exec-1927    1...2 456420248us : 0: }D
syz-exec-1927    1...2 456420251us : 0: }D
syz-exec-1927    1...2 456420253us : 0: }D
syz-exec-1927    1...2 456420256us : 0: }D
syz-exec-1927    1...2 456420258us : 0: }D
syz-exec-1927    1...2 456420261us : 0: }D
syz-exec-1927    1...2 456420263us : 0: }D
syz-exec-1927    1...2 456420266us : 0: }D
syz-exec-1927    1...2 456420268us : 0: }D
syz-exec-1927    1...2 456420271us : 0: }D
syz-exec-1927    1...2 456420273us : 0: }D
syz-exec-1927    1...2 456420275us : 0: }D
syz-exec-1927    1...2 456420277us : 0: }D
syz-exec-1927    1...2 456420280us : 0: }D
syz-exec-1927    1...2 456420282us : 0: }D
syz-exec-1927    1...2 456420284us : 0: }D
syz-exec-1927    1...2 456420287us : 0: }D
syz-exec-1927    1...2 456420289us : 0: }D
syz-exec-1927    1...2 456420291us : 0: }D
syz-exec-1927    1.N.2 456420320us : 0: }D
---------------------------------
CR2: ffff8801a01161c8
---[ end trace aff300a6d2e8bea0 ]---
BUG: unable to handle kernel paging request at ffffffff8c3a5a30
PGD 8e6d067 
RIP: 0010:__hlist_del include/linux/list.h:651 [inline]
RIP: 0010:detach_timer kernel/time/timer.c:817 [inline]
RIP: 0010:expire_timers kernel/time/timer.c:1353 [inline]
RIP: 0010:__run_timers+0x650/0xc70 kernel/time/timer.c:1666
P4D 8e6d067 
Code: 
PUD 8e6e063 
04 
PMD 0 
38 
f8 
Oops: 0000 [#2] SMP KASAN
4d 85 
CPU: 0 PID: 2299 Comm: jbd2/sda1-8 Tainted: G      D           4.18.0-rc3+ #45
ed 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
74 
RIP: 0010:depot_fetch_stack+0x10/0x30 lib/stackdepot.c:201
26 e8 
Code: 
dd 
e8 
7e 
65 
12 
30 
00 
47 
49 
fe 
8d 7d 
e9 
08 
b3 
48 
fd 
8b 
ff 
95 
ff 
58 
e8 
fd 
5b 
ff 
30 
ff 
47 
48 
fe 
89 
e9 
f8 
55 
48 
fd 
c1 
ff 
e8 
ff 
03 
90 
42 
90 
80 
90 
3c 
90 
38 
90 
00 
90 
0f 
89 
85 
f8 
1c 
c1 
05 
ef 
00 
11 
00 
25 
<49> 
ff 
89 
ff 
55 
1f 
08 
00 
e8 
81 
b7 
e7 
7e 12 
f0 
00 
3f 
4c 
00 
89 
00 <48> 
e0 
03 
48 
3c 
c1 
c5 
e8 
60 
03 
09 
42 
43 
80 
8b 
3c 
8b 
38 
47 
00 
0c 
0f 
48 
83 
RSP: 0018:ffff8801daf07980 EFLAGS: 00010046
c7 
18 
RAX: 1ffff10034022c39 RBX: ffff8801a23ae140 RCX: 1ffff1003b5e0f79
c7 
RDX: ffff8801daf07bc8 RSI: ffffffff81698cf3 RDI: ffff8801a01161c8
46 
RBP: ffff8801daf07c70 R08: ffff8801d65dc2c0 R09: fffffbfff1585971
10 
R10: fffffbfff1585971 R11: ffffffff8ac2cb8b R12: ffff8801a23ae148
00 
R13: ffff8801a01161c0 R14: ffff8801daf07c48 R15: dffffc0000000000
00 
FS:  00007fecdf050700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
00 
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
00 
CR2: ffff8801a01161c8 CR3: 0000000008e6a000 CR4: 00000000001406e0
DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
RSP: 0018:ffff8801cc26ec90 EFLAGS: 00010002
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/07/04 15:48 bpf-next 2bdea157b999 317fc8ea .config console log report ci-upstream-bpf-next-kasan-gce
* Struck through repros no longer work on HEAD.