syzbot

 sign-in | mailing list | source | docs
🐞 Open [196] 🐞 Fixed [42] 🐞 Invalid [470] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

general protection fault in perf_trace_lock

Status: public: reported syz repro on 2019/04/14 09:28
Reported-by: syzbot+4b5aa6500e1b5a892f59@syzkaller.appspotmail.com
First crash: 2093d, last: 2093d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in perf_trace_lock v9fs 1 2089d 2085d 0/26 closed as invalid on 2018/08/08 15:48

Sample crash report:
9pnet: Insufficient options for proto=fd
9pnet: Insufficient options for proto=fd
9pnet: Insufficient options for proto=fd
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 4.9.113-g90e7a90 #16
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events p9_poll_workfn
task: ffff8801d9aeb000 task.stack: ffff8801d9418000
RIP: 0010:[<ffffffff8122e391>]  [<ffffffff8122e391>] perf_trace_lock+0xc1/0x520 include/trace/events/lock.h:38
RSP: 0018:ffff8801d941f950  EFLAGS: 00010006
RAX: dffffc0000000000 RBX: 0000000000000018 RCX: 0000000000000000
RDX: 0000000000000006 RSI: 0000000000000018 RDI: ffffffff846c9720
RBP: ffff8801d941fa58 R08: ffffffff855f3830 R09: 0000000000000001
R10: 0000000000000000 R11: ffff8801d941f857 R12: 1ffff1003b283f32
R13: ffffffff846c96a0 R14: ffff8801d941fa30 R15: 0000000000000018
FS:  0000000000000000(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc04f3ff68 CR3: 00000001d7d5f000 CR4: 00000000001606f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffff8801d9aeb8b8 ffff8801d9aeb938 ffff8801d9aeb8c0 ffff8801d9aeb8c8
 1ffff1003b283f30 0000000000000030 0000000041b58ab3 0000000000000000
 0000000041b58ab3 ffffffff843b30f7 ffffffff8122e2d0 ffff8801d9aeb8c8
Call Trace:
 [<ffffffff8123b7ff>] trace_lock_release include/trace/events/lock.h:57 [inline]
 [<ffffffff8123b7ff>] lock_release+0x8bf/0xb80 kernel/locking/lockdep.c:3774
 [<ffffffff839fa85f>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
 [<ffffffff839fa85f>] _raw_spin_unlock_irqrestore+0x1f/0x70 kernel/locking/spinlock.c:191
 [<ffffffff839c40bc>] spin_unlock_irqrestore include/linux/spinlock.h:362 [inline]
 [<ffffffff839c40bc>] p9_conn_cancel+0x3ec/0x4c0 net/9p/trans_fd.c:204
 [<ffffffff839c46e2>] p9_poll_mux net/9p/trans_fd.c:630 [inline]
 [<ffffffff839c46e2>] p9_poll_workfn+0x222/0x330 net/9p/trans_fd.c:1097
 [<ffffffff8118d181>] process_one_work+0x7e1/0x1500 kernel/workqueue.c:2092
 [<ffffffff8118df76>] worker_thread+0xd6/0x10a0 kernel/workqueue.c:2226
 [<ffffffff8119d0ad>] kthread+0x26d/0x300 kernel/kthread.c:211
 [<ffffffff839fb35c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Code: 00 49 8b 85 80 00 00 00 48 89 85 30 ff ff ff 49 8d 47 18 48 89 c2 48 89 85 20 ff ff ff 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 f1 02 00 00 49 8b 7f 18 48 85 ff 0f 84 b3 02 
RIP  [<ffffffff8122e391>] perf_trace_lock+0xc1/0x520 include/trace/events/lock.h:38
 RSP <ffff8801d941f950>
---[ end trace 4ce85ef3c8074f7c ]---

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/07/31 16:46 https://android.googlesource.com/kernel/common android-4.9 90e7a9002952 1a381291 .config console log report syz ci-android-49-kasan-gce-root
* Struck through repros no longer work on HEAD.