syzbot

 sign-in | mailing list | source | docs
🐞 Open [988] Subsystems 🐞 Fixed [5242] 🐞 Invalid [12509] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

upstream boot error: KASAN: global-out-of-bounds Read in internal_create_group

Status: fixed on 2020/09/25 01:17
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+1cf0ffe61aecf46f588f@syzkaller.appspotmail.com
Fix commit: 62c789270c0b libnvdimm: KASAN: global-out-of-bounds Read in internal_create_group
First crash: 1353d, last: 1340d
Discussions (3)
Title Replies (including bot) Last reply
[PATCH v2] libnvdimm: KASAN: global-out-of-bounds Read in internal_create_group 3 (3) 2020/08/19 04:20
[PATCH] libnvdimm: KASAN: global-out-of-bounds Read in internal_create_group 1 (1) 2020/08/12 08:37
upstream boot error: KASAN: global-out-of-bounds Read in internal_create_group 0 (1) 2020/08/12 07:26

Sample crash report:
==================================================================
BUG: KASAN: global-out-of-bounds in create_files fs/sysfs/group.c:43 [inline]
BUG: KASAN: global-out-of-bounds in internal_create_group+0x9d8/0xb20 fs/sysfs/group.c:149
Read of size 8 at addr ffffffff8a2e8cf0 by task kworker/u17:8/574

CPU: 1 PID: 574 Comm: kworker/u17:8 Not tainted 5.9.0-rc2-syzkaller #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
Workqueue: events_unbound async_run_entry_fn
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x18f/0x20d lib/dump_stack.c:118
 print_address_description.constprop.0.cold+0x5/0x497 mm/kasan/report.c:383
 __kasan_report mm/kasan/report.c:513 [inline]
 kasan_report.cold+0x1f/0x37 mm/kasan/report.c:530
 create_files fs/sysfs/group.c:43 [inline]
 internal_create_group+0x9d8/0xb20 fs/sysfs/group.c:149
 internal_create_groups.part.0+0x90/0x140 fs/sysfs/group.c:189
 internal_create_groups fs/sysfs/group.c:185 [inline]
 sysfs_create_groups+0x25/0x50 fs/sysfs/group.c:215
 device_add_groups drivers/base/core.c:2024 [inline]
 device_add_attrs drivers/base/core.c:2178 [inline]
 device_add+0x7fd/0x1c40 drivers/base/core.c:2881
 nd_async_device_register+0x12/0x80 drivers/nvdimm/bus.c:506
 async_run_entry_fn+0x121/0x530 kernel/async.c:123
 process_one_work+0x94c/0x1670 kernel/workqueue.c:2269
 worker_thread+0x64c/0x1120 kernel/workqueue.c:2415
 kthread+0x3b5/0x4a0 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

The buggy address belongs to the variable:
 nvdimm_firmware_attributes+0x10/0x40

Memory state around the buggy address:
 ffffffff8a2e8b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffffffff8a2e8c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffffffff8a2e8c80: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 00 00 f9 f9
                                                             ^
 ffffffff8a2e8d00: f9 f9 f9 f9 00 00 00 00 00 00 00 f9 f9 f9 f9 f9
 ffffffff8a2e8d80: 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 00 00 00 00
==================================================================

Crashes (273):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/08/25 00:03 upstream 6a9dc5fd6170 344da168 .config console log report ci-qemu-upstream
2020/08/24 20:22 upstream 9907ab371426 67b599d1 .config console log report ci-qemu-upstream
2020/08/23 23:52 upstream d012a7190fc1 cef5ae68 .config console log report ci-qemu-upstream
2020/08/23 22:36 upstream d012a7190fc1 a6d5f3ad .config console log report ci-qemu-upstream
2020/08/23 10:28 upstream c3d8f220d012 a6d5f3ad .config console log report ci-qemu-upstream
2020/08/22 20:21 upstream c3d8f220d012 1da71ab0 .config console log report ci-qemu-upstream
2020/08/22 20:21 upstream c3d8f220d012 1da71ab0 .config console log report ci-qemu-upstream
2020/08/22 18:16 upstream c3d8f220d012 6436ce4b .config console log report ci-qemu-upstream
2020/08/22 00:58 upstream f873db9acd3c 6436ce4b .config console log report ci-qemu-upstream
2020/08/20 18:27 upstream 7eac66d0456f 70160577 .config console log report ci-qemu-upstream
2020/08/19 22:13 upstream 18445bf405cb ed282a3a .config console log report ci-qemu-upstream
2020/08/18 23:16 upstream 18445bf405cb e1c29030 .config console log report ci-qemu-upstream
2020/08/18 22:02 upstream 06a4ec1d9dc6 e1c29030 .config console log report ci-qemu-upstream
2020/08/18 02:19 upstream 06a4ec1d9dc6 9c6fc8db .config console log report ci-qemu-upstream
2020/08/18 02:19 upstream 06a4ec1d9dc6 9c6fc8db .config console log report ci-qemu-upstream
2020/08/16 21:55 upstream 9123e3a74ec7 9c6fc8db .config console log report ci-qemu-upstream
2020/08/16 20:46 upstream 2cc3c4b3c2e9 9c6fc8db .config console log report ci-qemu-upstream
2020/08/16 18:58 upstream 2cc3c4b3c2e9 c71bff66 .config console log report ci-qemu-upstream
2020/08/15 19:39 upstream 713eee84720e c2707aa5 .config console log report ci-qemu-upstream
2020/08/15 18:31 upstream 50f6c7dbd973 c2707aa5 .config console log report ci-qemu-upstream
2020/08/15 17:17 upstream 410520d07f5c c2707aa5 .config console log report ci-qemu-upstream
2020/08/15 16:02 upstream b07175dc41ba c2707aa5 .config console log report ci-qemu-upstream
2020/08/15 02:11 upstream c9c9735c46f5 c2707aa5 .config console log report ci-qemu-upstream
2020/08/15 00:59 upstream c9c9735c46f5 5ce13532 .config console log report ci-qemu-upstream
2020/08/14 23:45 upstream b923f1247b72 5ce13532 .config console log report ci-qemu-upstream
2020/08/14 23:45 upstream b923f1247b72 5ce13532 .config console log report ci-qemu-upstream
2020/08/14 22:35 upstream 7fca4dee610d 5ce13532 .config console log report ci-qemu-upstream
2020/08/14 21:21 upstream cd94257d7a81 5ce13532 .config console log report ci-qemu-upstream
2020/08/12 01:17 upstream fb893de323e2 bb3e5fe6 .config console log report ci-qemu-upstream
2020/08/11 21:04 upstream c636eef2ee36 5d3ebca9 .config console log report ci-qemu-upstream
2020/08/24 22:20 upstream 6a9dc5fd6170 67b599d1 .config console log report ci-qemu-upstream-386
2020/08/24 20:58 upstream 9907ab371426 67b599d1 .config console log report ci-qemu-upstream-386
2020/08/24 12:06 upstream d012a7190fc1 67b599d1 .config console log report ci-qemu-upstream-386
2020/08/23 21:59 upstream d012a7190fc1 a6d5f3ad .config console log report ci-qemu-upstream-386
2020/08/23 19:23 upstream cb95712138ec a6d5f3ad .config console log report ci-qemu-upstream-386
2020/08/21 20:41 upstream d723b99ec9e5 6436ce4b .config console log report ci-qemu-upstream-386
2020/08/21 19:30 upstream d723b99ec9e5 1d75fe45 .config console log report ci-qemu-upstream-386
2020/08/21 19:30 upstream d723b99ec9e5 1d75fe45 .config console log report ci-qemu-upstream-386
2020/08/21 18:13 upstream cd02217a5d81 1d75fe45 .config console log report ci-qemu-upstream-386
2020/08/21 06:37 upstream da2968ff879b 1d75fe45 .config console log report ci-qemu-upstream-386
2020/08/20 22:03 upstream da2968ff879b 70160577 .config console log report ci-qemu-upstream-386
2020/08/19 10:07 upstream 18445bf405cb a7d4a4f9 .config console log report ci-qemu-upstream-386
2020/08/18 23:48 upstream 18445bf405cb e1c29030 .config console log report ci-qemu-upstream-386
2020/08/18 10:01 upstream 06a4ec1d9dc6 635f68f6 .config console log report ci-qemu-upstream-386
2020/08/16 08:44 upstream 4b6c093e21d3 c71bff66 .config console log report ci-qemu-upstream-386
2020/08/16 08:44 upstream 4b6c093e21d3 c71bff66 .config console log report ci-qemu-upstream-386
* Struck through repros no longer work on HEAD.