KASAN: null-ptr-deref Read in __wait_on

Title	Replies (including bot)	Last reply
[syzbot] [reiserfs?] KASAN: null-ptr-deref Read in __wait_on_buffer	0 (1)	2023/04/14 09:50

==================================================================
BUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]
BUG: KASAN: null-ptr-deref in _test_bit_acquire include/asm-generic/bitops/instrumented-non-atomic.h:153 [inline]
BUG: KASAN: null-ptr-deref in wait_on_bit_io include/linux/wait_bit.h:99 [inline]
BUG: KASAN: null-ptr-deref in __wait_on_buffer+0x33/0x90 fs/buffer.c:123
Read of size 8 at addr 0000000000000000 by task syz-executor.3/20429

CPU: 0 PID: 20429 Comm: syz-executor.3 Not tainted 6.6.0-rc1-syzkaller-00014-ga747acc0b752 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106
 print_report+0xe6/0x540 mm/kasan/report.c:478
 kasan_report+0x175/0x1b0 mm/kasan/report.c:588
 kasan_check_range+0x27e/0x290 mm/kasan/generic.c:187
 instrument_atomic_read include/linux/instrumented.h:68 [inline]
 _test_bit_acquire include/asm-generic/bitops/instrumented-non-atomic.h:153 [inline]
 wait_on_bit_io include/linux/wait_bit.h:99 [inline]
 __wait_on_buffer+0x33/0x90 fs/buffer.c:123
 flush_commit_list+0xd8a/0x1bf0 fs/reiserfs/journal.c:1072
 get_list_bitmap+0x160/0x320 fs/reiserfs/journal.c:322
 do_journal_end+0x3aa2/0x4780 fs/reiserfs/journal.c:4364
 do_journal_begin_r+0x970/0x1020
 journal_begin+0x14c/0x360 fs/reiserfs/journal.c:3260
 reiserfs_mkdir+0x34a/0x8f0 fs/reiserfs/namei.c:831
 xattr_mkdir fs/reiserfs/xattr.c:77 [inline]
 create_privroot fs/reiserfs/xattr.c:891 [inline]
 reiserfs_xattr_init+0x323/0x670 fs/reiserfs/xattr.c:1007
 reiserfs_remount+0x12bc/0x18f0 fs/reiserfs/super.c:1586
 reconfigure_super+0x440/0x870 fs/super.c:1140
 do_remount fs/namespace.c:2882 [inline]
 path_mount+0xc24/0xfa0 fs/namespace.c:3654
 do_mount fs/namespace.c:3675 [inline]
 __do_sys_mount fs/namespace.c:3884 [inline]
 __se_sys_mount+0x2d9/0x3c0 fs/namespace.c:3861
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f53da67e1ea
Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f53db451ee8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007f53db451f80 RCX: 00007f53da67e1ea
RDX: 0000000020000300 RSI: 00000000200001c0 RDI: 0000000000000000
RBP: 0000000020000300 R08: 00007f53db451f80 R09: 0000000002980036
R10: 0000000002980036 R11: 0000000000000206 R12: 00000000200001c0
R13: 00007f53db451f40 R14: 0000000000000000 R15: 0000000020000240
 </TASK>
==================================================================

Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2023/09/13 05:11	upstream	a747acc0b752	59da8366	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	KASAN: null-ptr-deref Read in __wait_on_buffer
2023/06/14 09:00	upstream	15adb51c04cc	d2ee9228	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	KASAN: null-ptr-deref Read in __wait_on_buffer
2023/05/20 03:08	upstream	cbd6ac3837cd	96689200	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	KASAN: null-ptr-deref Read in __wait_on_buffer
2023/05/18 13:20	upstream	4d6d4c7f541d	3bb7af1d	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	KASAN: null-ptr-deref Read in __wait_on_buffer
2023/04/10 09:44	upstream	09a9639e56c0	71147e29	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-root	KASAN: null-ptr-deref Read in __wait_on_buffer