| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] Monthly fs report (Mar 2024) | 0 (1) | 2024/03/16 12:09 |
| [syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | 1 (3) | 2024/01/05 02:04 |
syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [993] ≡ Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] ⬇ Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] Monthly fs report (Mar 2024) | 0 (1) | 2024/03/16 12:09 |
| [syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | 1 (3) | 2024/01/05 02:04 |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2024/04/12 19:15 | 6m | retest repro | upstream | report log | |
| 2024/02/11 10:34 | 22m | retest repro | upstream | OK log | |
| 2024/02/11 10:09 | 25m | retest repro | upstream | OK log | |
| 2024/01/05 01:23 | 22m | lizhi.xu@windriver.com | patch | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 861deac3b092 | OK log |
8<--- cut here --- Unable to handle kernel NULL pointer dereference at virtual address 00000018 when write [00000018] *pgd=84363003, *pmd=fe701003 Internal error: Oops: a07 [#1] PREEMPT SMP ARM Modules linked in: CPU: 1 PID: 2979 Comm: syz-executor164 Not tainted 6.8.0-rc5-syzkaller #0 Hardware name: ARM-Versatile Express PC is at pagemap_scan_init_bounce_buffer fs/proc/task_mmu.c:2400 [inline] PC is at do_pagemap_scan+0x29c/0x6c0 fs/proc/task_mmu.c:2446 LR is at kmalloc_array include/linux/slab.h:627 [inline] LR is at pagemap_scan_init_bounce_buffer fs/proc/task_mmu.c:2395 [inline] LR is at do_pagemap_scan+0x268/0x6c0 fs/proc/task_mmu.c:2446 pc : [<8058c580>] lr : [<8058c54c>] psr: 20000013 sp : df969dc8 ip : 00000000 fp : df969eb4 r10: df969e00 r9 : 841c3000 r8 : 00000000 r7 : 00000000 r6 : 00000000 r5 : 20ffb000 r4 : 840cb600 r3 : 20ffc000 r2 : 00000000 r1 : 00000000 r0 : 00000010 Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 30c5387d Table: 84389ac0 DAC: 00000000 Register r0 information: zero-size pointer Register r1 information: NULL pointer Register r2 information: NULL pointer Register r3 information: non-paged memory Register r4 information: slab mm_struct start 840cb600 pointer offset 0 size 712 Register r5 information: non-paged memory Register r6 information: NULL pointer Register r7 information: NULL pointer Register r8 information: NULL pointer Register r9 information: slab task_struct start 841c3000 pointer offset 0 size 3072 Register r10 information: 2-page vmalloc region starting at 0xdf968000 allocated at kernel_clone+0xac/0x3c8 kernel/fork.c:2902 Register r11 information: 2-page vmalloc region starting at 0xdf968000 allocated at kernel_clone+0xac/0x3c8 kernel/fork.c:2902 Register r12 information: NULL pointer Process syz-executor164 (pid: 2979, stack limit = 0xdf968000) Stack: (0xdf969dc8 to 0xdf96a000) 9dc0: 00000000 00000000 10000000 20000200 00000001 00000000 9de0: 00000000 20ffb000 00000000 00000000 00000000 00000000 00000000 00000000 9e00: 00000060 00000000 00000000 00000000 20ffb000 00000000 20ffc000 00000000 9e20: 00000000 00000000 20000140 00000000 00000000 10000000 ffffffff 00000000 9e40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9e60: 00000000 00000000 00000010 00000000 00000000 00000000 20000140 00000000 9e80: c0606610 2da1a712 df969ea4 c0606610 00000000 842923c0 20000200 842923c0 9ea0: 00000003 841c3000 df969ec4 df969eb8 8058c9cc 8058c2f0 df969fa4 df969ec8 9ec0: 80501d88 8058c9b0 df969efc 804f74f8 82ed8000 2da1a712 00000000 82ed8000 9ee0: df969f58 00000003 ffffff9c 80200288 841c3000 00000142 df969f1c df969f08 9f00: 804f74f8 804a54a4 82ed8000 df969f58 df969f54 df969f20 804e6370 804f7480 9f20: 00000002 00000000 00000006 00000100 00000001 2da1a712 ffffff9c 7ec98c18 9f40: 00000000 00000142 df969fa4 df969f58 804e678c 804e62d4 00000002 00000000 9f60: 00000000 00000000 00000000 00000000 00000002 2da1a712 00000000 ffffffff 9f80: 00000000 00000000 00000036 80200288 841c3000 00000036 00000000 df969fa8 9fa0: 80200060 80501c7c ffffffff 00000000 00000003 c0606610 20000200 00000000 9fc0: ffffffff 00000000 00000000 00000036 000f4240 00000000 00000001 00003a97 9fe0: 7ec98bf8 7ec98be8 000106ac 0002e810 00000010 00000003 00000000 00000000 Backtrace: [<8058c2e4>] (do_pagemap_scan) from [<8058c9cc>] (do_pagemap_cmd+0x28/0x34 fs/proc/task_mmu.c:2513) r10:841c3000 r9:00000003 r8:842923c0 r7:20000200 r6:842923c0 r5:00000000 r4:c0606610 [<8058c9a4>] (do_pagemap_cmd) from [<80501d88>] (vfs_ioctl fs/ioctl.c:51 [inline]) [<8058c9a4>] (do_pagemap_cmd) from [<80501d88>] (do_vfs_ioctl fs/ioctl.c:831 [inline]) [<8058c9a4>] (do_pagemap_cmd) from [<80501d88>] (__do_sys_ioctl fs/ioctl.c:869 [inline]) [<8058c9a4>] (do_pagemap_cmd) from [<80501d88>] (sys_ioctl+0x118/0xb58 fs/ioctl.c:857) [<80501c70>] (sys_ioctl) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66) Exception stack(0xdf969fa8 to 0xdf969ff0) 9fa0: ffffffff 00000000 00000003 c0606610 20000200 00000000 9fc0: ffffffff 00000000 00000000 00000036 000f4240 00000000 00000001 00003a97 9fe0: 7ec98bf8 7ec98be8 000106ac 0002e810 r10:00000036 r9:841c3000 r8:80200288 r7:00000036 r6:00000000 r5:00000000 r4:ffffffff Code: e51b309c e51b208c e50b203c e3a02000 (e1c060f8) ---[ end trace 0000000000000000 ]--- ---------------- Code disassembly (best guess): 0: e51b309c ldr r3, [fp, #-156] @ 0xffffff64 4: e51b208c ldr r2, [fp, #-140] @ 0xffffff74 8: e50b203c str r2, [fp, #-60] @ 0xffffffc4 c: e3a02000 mov r2, #0 * 10: e1c060f8 strd r6, [r0, #8] <-- trapping instruction
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/02/19 18:40 | upstream | b401b621758e | 96e91f57 | .config | console log | report | syz | C | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | |
| 2023/12/27 23:41 | upstream | fbafc3e621c3 | fb427a07 | .config | strace log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | general protection fault in do_pagemap_scan | |
| 2023/12/25 04:43 | upstream | 861deac3b092 | fb427a07 | .config | strace log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | general protection fault in do_pagemap_scan | |
| 2024/03/29 19:13 | upstream | 317c7bc0ef03 | c52bcb23 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/03/25 10:41 | upstream | 4cece7649650 | 0ea90952 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/03/22 15:54 | upstream | 8e938e398669 | 4b6cdce6 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/03/18 06:12 | upstream | 906a93befec8 | d615901c | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/03/17 09:27 | upstream | 741e9d668aa5 | d615901c | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/03/14 05:05 | upstream | e5e038b7ae9d | f919f202 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/03/03 04:09 | upstream | 5ad3cb0ed525 | 25905f5d | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/02/19 17:06 | upstream | b401b621758e | 96e91f57 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/02/17 13:16 | upstream | c1ca10ceffbb | 578f7538 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/01/28 04:42 | upstream | 8a696a29c690 | cc4a4020 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/01/26 19:47 | upstream | ecb1b8288dc7 | cc4a4020 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/01/22 03:18 | upstream | 4fbbed787267 | 9bd8dcda | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/01/20 15:26 | upstream | 9d64bf433c53 | 9bd8dcda | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/01/16 05:57 | upstream | 052d534373b7 | 2a7bcc7f | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/01/09 03:49 | upstream | 5db8752c3b81 | 4c0fd4bb | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/01/02 22:00 | upstream | 610a9b8f49fb | fb427a07 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2023/12/31 06:57 | upstream | 453f5db0619e | fb427a07 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2023/12/22 01:31 | upstream | a4aebe936554 | 4f9530a3 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2023/11/18 13:35 | upstream | 791c8ab095f7 | cb976f63 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2023/11/14 18:27 | upstream | 9bacdd8996c7 | cb976f63 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm32 | BUG: unable to handle kernel NULL pointer dereference in do_pagemap_scan | ||
| 2024/01/17 10:18 | upstream | 052d534373b7 | 2a7bcc7f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | general protection fault in do_pagemap_scan | ||
| 2024/01/17 05:41 | upstream | 052d534373b7 | 2a7bcc7f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | general protection fault in do_pagemap_scan | ||
| 2023/12/25 04:18 | upstream | 861deac3b092 | fb427a07 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | general protection fault in do_pagemap_scan |