syzbot

 sign-in | mailing list | source | docs
🐞 Open [196] 🐞 Fixed [42] 🐞 Invalid [470] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

general protection fault in perf_iterate_sb

Status: public: reported C repro on 2019/04/14 08:51
Reported-by: syzbot+6b9f4012d763fabbdddd@syzkaller.appspotmail.com
First crash: 2021d, last: 2021d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-414 general protection fault in perf_iterate_sb C 1 2021d 1839d 0/1 public: reported C repro on 2019/04/12 00:01
linux-4.14 general protection fault in perf_iterate_sb syz error 1 1710d 1710d 0/1 upstream: reported syz repro on 2019/08/18 21:36

Sample crash report:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 2118 Comm: syz-executor080 Not tainted 4.9.132+ #51
task: ffff8801cc5c8000 task.stack: ffff8801c4ad0000
RIP: 0010:[<ffffffff813bc513>]  [<ffffffff813bc513>] __pmu_filter_match kernel/events/core.c:1770 [inline]
RIP: 0010:[<ffffffff813bc513>]  [<ffffffff813bc513>] pmu_filter_match kernel/events/core.c:1787 [inline]
RIP: 0010:[<ffffffff813bc513>]  [<ffffffff813bc513>] event_filter_match kernel/events/core.c:1798 [inline]
RIP: 0010:[<ffffffff813bc513>]  [<ffffffff813bc513>] perf_iterate_sb_cpu kernel/events/core.c:6189 [inline]
RIP: 0010:[<ffffffff813bc513>]  [<ffffffff813bc513>] perf_iterate_sb+0x323/0x580 kernel/events/core.c:6221
RSP: 0018:ffff8801c4ad7af0  EFLAGS: 00010203
RAX: 1ffff1003b6c4943 RBX: ffff8801c6a09100 RCX: 1ffffffff05ce880
RDX: 0000000000001786 RSI: ffffffff813bc4eb RDI: 000000000000bc37
RBP: ffff8801c4ad7b38 R08: ffff8801cc5c88d0 R09: 446e255216117b2e
R10: ffff8801cc5c8000 R11: 0000000000000001 R12: dffffc0000000000
R13: ffff8801db6249a0 R14: ffff8801c6a09120 R15: 000000000000bb37
FS:  000000000111e880(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000006cc150 CR3: 00000001cbb92000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Stack:
 ffffffff813bc1f0 ffff8801db61e0f8 ffff8801c4ad7b68 ffffffff813c46d0
 ffff8801c4ad7bc8 1ffff1003895af69 0000000000000007 0000000000000000
 ffff8801c6f00000 ffff8801c4ad7bf0 ffffffff813bc865 0000000041b58ab3
Call Trace:
 [<ffffffff813bc865>] perf_event_task+0xf5/0x160 kernel/events/core.c:6459
 [<ffffffff813e0c9c>] perf_event_fork+0x1c/0x20 kernel/events/core.c:6466
 [<ffffffff810d6746>] copy_process.part.8+0x37a6/0x6a10 kernel/fork.c:1857
 [<ffffffff810d9e32>] copy_process kernel/fork.c:1505 [inline]
 [<ffffffff810d9e32>] _do_fork+0x1b2/0xd30 kernel/fork.c:1972
 [<ffffffff810daa87>] SYSC_clone kernel/fork.c:2084 [inline]
 [<ffffffff810daa87>] SyS_clone+0x37/0x50 kernel/fork.c:2078
 [<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285
 [<ffffffff82803953>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: f1 f5 ff 49 8d 7d 78 48 89 f8 48 c1 e8 03 42 80 3c 20 00 0f 85 cd 01 00 00 4d 8b 7d 78 49 8d bf 00 01 00 00 48 89 fa 48 c1 ea 03 <42> 80 3c 22 00 0f 85 ba 01 00 00 4d 8b bf 00 01 00 00 4d 85 ff 
RIP  [<ffffffff813bc513>] __pmu_filter_match kernel/events/core.c:1770 [inline]
RIP  [<ffffffff813bc513>] pmu_filter_match kernel/events/core.c:1787 [inline]
RIP  [<ffffffff813bc513>] event_filter_match kernel/events/core.c:1798 [inline]
RIP  [<ffffffff813bc513>] perf_iterate_sb_cpu kernel/events/core.c:6189 [inline]
RIP  [<ffffffff813bc513>] perf_iterate_sb+0x323/0x580 kernel/events/core.c:6221
 RSP <ffff8801c4ad7af0>
---[ end trace e0ca98c959887acb ]---

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/10/11 17:30 https://android.googlesource.com/kernel/common android-4.9 38f2b4a8c277 5f818b4b .config console log report syz C ci-android-49-kasan-gce-root
* Struck through repros no longer work on HEAD.