general protection fault in hrtimer

similar bugs (4):
Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	general protection fault in hrtimer_active (3)	syz	done	error	34	360d	665d	22/24	fixed on 2022/03/08 16:11
upstream	general protection fault in hrtimer_active (4)				7	189d	299d	0/24	auto-obsoleted due to no activity on 2022/10/20 15:45
upstream	general protection fault in hrtimer_active (2)	C			10612	1791d	1795d	4/24	fixed on 2018/03/06 13:29
linux-4.19	general protection fault in hrtimer_active	C		error	66	492d	1236d	0/1	upstream: reported C repro on 2019/09/09 21:23

similar bugs (4):

upstream

general protection fault in hrtimer_active (3)

syz

done

error

360d

665d

22/24

fixed on 2022/03/08 16:11

upstream

general protection fault in hrtimer_active (4)

189d

299d

0/24

auto-obsoleted due to no activity on 2022/10/20 15:45

upstream

general protection fault in hrtimer_active (2)

10612

1791d

1795d

4/24

fixed on 2018/03/06 13:29

linux-4.19

general protection fault in hrtimer_active

error

492d

1236d

0/1

upstream: reported C repro on 2019/09/09 21:23

kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 1 PID: 2995 Comm: syzkaller758499 Not tainted 4.14.0-rc5-mm1+ #20
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8801d1e70180 task.stack: ffff8801c05e0000
RIP: 0010:__read_once_size include/linux/compiler.h:276 [inline]
RIP: 0010:hrtimer_active+0x211/0x410 kernel/time/hrtimer.c:1142
RSP: 0018:ffff8801c05e73f0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 1ffff100380bceab RCX: ffffffff815ef93f
RDX: 0000000000000000 RSI: ffffffff85b377a0 RDI: ffff8801d1f38ea0
RBP: ffff8801c05e7530 R08: ffffffff83f9f367 R09: 0000000000000004
R10: ffff8801c05e7898 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: ffffed00380bce89 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020511fd8 CR3: 0000000005a22000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 hrtimer_try_to_cancel+0x91/0x5c0 kernel/time/hrtimer.c:1006
 hrtimer_cancel+0x22/0x40 kernel/time/hrtimer.c:1032
 napi_disable+0x87/0xa0 net/core/dev.c:5552
 tun_napi_disable drivers/net/tun.c:290 [inline]
 __tun_detach+0xe26/0x1570 drivers/net/tun.c:617
 tun_detach drivers/net/tun.c:664 [inline]
 tun_chr_close+0x44/0x60 drivers/net/tun.c:2835
 __fput+0x327/0x7e0 fs/file_table.c:210
 ____fput+0x15/0x20 fs/file_table.c:244
 task_work_run+0x199/0x270 kernel/task_work.c:112
 exit_task_work include/linux/task_work.h:21 [inline]
 do_exit+0x9b5/0x1ad0 kernel/exit.c:869
 do_group_exit+0x149/0x400 kernel/exit.c:972
 SYSC_exit_group kernel/exit.c:983 [inline]
 SyS_exit_group+0x1d/0x20 kernel/exit.c:981
 entry_SYSCALL_64_fastpath+0x1f/0xbe
RIP: 0033:0x442aa8
RSP: 002b:00007ffdcb6208d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442aa8
RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
RBP: 0000000000000082 R08: 00000000000000e7 R09: ffffffffffffffd0
R10: 0000000000000000 R11: 0000000000000246 R12: 74656e2f7665642f
R13: 0000000000401b80 R14: 0000000000000000 R15: 0000000000000000
Code: c6 00 00 48 8b 85 d8 fe ff ff 48 c1 e8 03 42 80 3c 38 00 0f 85 f2 01 00 00 48 8b 85 e8 fe ff ff 4c 8b 60 30 4c 89 e0 48 c1 e8 03 <42> 80 3c 38 00 0f 85 c8 01 00 00 48 8b 85 f0 fe ff ff 49 8b 1c 
RIP: __read_once_size include/linux/compiler.h:276 [inline] RSP: ffff8801c05e73f0
RIP: hrtimer_active+0x211/0x410 kernel/time/hrtimer.c:1142 RSP: ffff8801c05e73f0
---[ end trace 16d64b9edc71d4d0 ]---

Crashes (669):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro
ci-upstream-mmots-kasan-gce	2017/11/02 00:47	mmots	0f611fb6dcc0	e0a2b195	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/11/02 00:36	linux-next	36ef71cae353	e511d9f8	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/11/02 00:32	linux-next	36ef71cae353	e511d9f8	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/10/28 12:02	linux-next	36ef71cae353	e511d9f8	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/10/28 02:36	linux-next	36ef71cae353	e511d9f8	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/10/27 05:15	linux-next	36ef71cae353	e511d9f8	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/10/25 12:55	linux-next	36ef71cae353	e511d9f8	.config	console log	report	syz	C
ci-upstream-mmots-kasan-gce	2017/10/19 22:36	mmots	3ac81ebcbbb3	355f57c5	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/10/19 22:36	linux-next	36ef71cae353	e511d9f8	.config	console log	report	syz	C
ci-upstream-mmots-kasan-gce	2017/10/15 12:38	mmots	4eb4a4191fe5	441d64d9	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/10/15 12:38	linux-next	49827b977a2e	441d64d9	.config	console log	report	syz	C
ci-upstream-mmots-kasan-gce	2017/10/05 16:34	mmots	fb686cb13e51	c26ea367	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/10/05 16:34	linux-next	1418b852174a	c26ea367	.config	console log	report	syz	C
ci-upstream-next-kasan-gce	2017/09/27 07:33	linux-next	045c5205823f	c26ea367	.config	console log	report	syz	C
ci-upstream-mmots-kasan-gce	2017/11/02 09:30	mmots	0f611fb6dcc0	e0a2b195	.config	console log	report
ci-upstream-next-kasan-gce	2017/10/31 12:21	linux-next	36ef71cae353	e511d9f8	.config	console log	report
ci-upstream-next-kasan-gce	2017/10/27 15:18	linux-next	36ef71cae353	e511d9f8	.config	console log	report
skylake-linux-next-kasan-qemu	2017/10/24 21:16	linux-next	36ef71cae353	e511d9f8	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/24 07:53	mmots	0f611fb6dcc0	e0a2b195	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/22 13:55	mmots	0f611fb6dcc0	e0a2b195	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/22 13:14	mmots	0f611fb6dcc0	e0a2b195	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/18 17:07	mmots	3ac81ebcbbb3	355f57c5	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/16 09:38	mmots	4eb4a4191fe5	441d64d9	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/16 05:44	mmots	4eb4a4191fe5	441d64d9	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/16 04:40	mmots	4eb4a4191fe5	441d64d9	.config	console log	report
ci-upstream-next-kasan-gce	2017/10/16 04:39	linux-next	49827b977a2e	441d64d9	.config	console log	report
ci-upstream-next-kasan-gce	2017/10/15 08:48	linux-next	49827b977a2e	441d64d9	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/15 08:47	mmots	4eb4a4191fe5	441d64d9	.config	console log	report
ci-upstream-next-kasan-gce	2017/10/14 13:33	linux-next	49827b977a2e	441d64d9	.config	console log	report
ci-upstream-next-kasan-gce	2017/10/11 19:13	linux-next	49827b977a2e	441d64d9	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/09 22:30	mmots	fb686cb13e51	c26ea367	.config	console log	report
ci-upstream-mmots-kasan-gce	2017/10/04 20:37	mmots	af6dd9aabb86	c26ea367	.config	console log	report
ci-upstream-next-kasan-gce	2017/09/28 01:16	linux-next	045c5205823f	c26ea367	.config	console log	report
ci-upstream-next-kasan-gce	2017/09/27 06:58	linux-next	045c5205823f	c26ea367	.config	console log	report

Crashes (669):