syzbot


riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted

Status: closed as dup on 2021/09/14 10:55
Subsystems: tomoyo
[Documentation on labels]
Reported-by: syzbot+2a1797e8845b57b4a3c2@syzkaller.appspotmail.com
First crash: 930d, last: 919d
Duplicate of
Title Repro Cause bisect Fix bisect Count Last Reported
BUG: unable to handle kernel paging request in tomoyo_encode2 tomoyo 1 940d 940d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted 2 (3) 2021/09/14 13:04

Sample crash report:
8021q: adding VLAN 0 to HW filter on device bond0
eql: remember to turn off Van-Jacobson compression on your slave devices
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000d48
Oops [#1]
Modules linked in:
CPU: 1 PID: 2922 Comm: dhcpcd Not tainted 5.14.0-syzkaller #0
Hardware name: riscv-virtio,qemu (DT)
epc : slab_alloc_node mm/slub.c:2900 [inline]
epc : slab_alloc mm/slub.c:2967 [inline]
epc : __kmalloc+0xce/0x388 mm/slub.c:4111
 ra : slab_pre_alloc_hook mm/slab.h:494 [inline]
 ra : slab_alloc_node mm/slub.c:2880 [inline]
 ra : slab_alloc mm/slub.c:2967 [inline]
 ra : __kmalloc+0x6e/0x388 mm/slub.c:4111
epc : ffffffff803e3568 ra : ffffffff803e3508 sp : ffffffe00861f7c0
 gp : ffffffff83f967d8 tp : ffffffe0065897c0 t0 : ffffffe0080c2fd8
 t1 : 0000000000000001 t2 : 0000000000000000 s0 : ffffffe00861f860
 s1 : ffffffe005601640 a0 : 0000000000000000 a1 : ffffffe00861fbac
 a2 : 1ffffffc00cb141f a3 : 0000000000000d48 a4 : 0000000000000001
 a5 : ffffffff82e4b2b0 a6 : 0000000000f00000 a7 : ffffffff8038ca52
 s2 : ffffffff83f96adc s3 : 0000000000000d40 s4 : 0000000000000030
 s5 : ffffffff8080a860 s6 : ffffffff83f9a0d0 s7 : 0000000000000000
 s8 : 0000000000000d40 s9 : 0000000000000001 s10: ffffffe005aa8250
 s11: 0000000000000000 t3 : 29a05f0425690a00 t4 : 0000000000000001
 t5 : ffffffc4010185fc t6 : ffffffe0080c2ffe
status: 0000000000000120 badaddr: 0000000000000d48 cause: 000000000000000d
[<ffffffff803e3568>] slab_alloc_node mm/slub.c:2900 [inline]
[<ffffffff803e3568>] slab_alloc mm/slub.c:2967 [inline]
[<ffffffff803e3568>] __kmalloc+0xce/0x388 mm/slub.c:4111
[<ffffffff8080a860>] kmalloc include/linux/slab.h:596 [inline]
[<ffffffff8080a860>] kzalloc include/linux/slab.h:721 [inline]
[<ffffffff8080a860>] tomoyo_encode2.part.0+0xf0/0x262 security/tomoyo/realpath.c:45
[<ffffffff8080abc2>] tomoyo_encode2 security/tomoyo/realpath.c:31 [inline]
[<ffffffff8080abc2>] tomoyo_encode security/tomoyo/realpath.c:80 [inline]
[<ffffffff8080abc2>] tomoyo_realpath_from_path+0x14c/0x3f4 security/tomoyo/realpath.c:288
[<ffffffff80804010>] tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
[<ffffffff80804010>] tomoyo_check_open_permission+0x1bc/0x288 security/tomoyo/file.c:771
[<ffffffff8080c23a>] tomoyo_file_open security/tomoyo/tomoyo.c:311 [inline]
[<ffffffff8080c23a>] tomoyo_file_open+0x78/0x7c security/tomoyo/tomoyo.c:306
[<ffffffff807eb766>] security_file_open+0x4c/0x2fa security/security.c:1634
[<ffffffff804228da>] do_dentry_open+0x1c6/0x7d4 fs/open.c:813
[<ffffffff80425bb8>] vfs_open+0x52/0x5e fs/open.c:949
[<ffffffff8044b89a>] do_open fs/namei.c:3374 [inline]
[<ffffffff8044b89a>] path_openat+0x11ae/0x1694 fs/namei.c:3507
[<ffffffff8044efda>] do_filp_open+0xac/0x1a8 fs/namei.c:3534
[<ffffffff804262be>] do_sys_openat2+0x102/0x26a fs/open.c:1204
[<ffffffff80426abe>] do_sys_open fs/open.c:1220 [inline]
[<ffffffff80426abe>] __do_sys_openat fs/open.c:1236 [inline]
[<ffffffff80426abe>] sys_openat+0x80/0xee fs/open.c:1231
[<ffffffff80005150>] ret_from_syscall+0x0/0x2
---[ end trace f564d5e08291cb0a ]---

Crashes (9):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/09/21 08:58 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 169724fe .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
2021/09/20 20:58 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 af796c18 .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
2021/09/20 08:55 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 3d9c9a2a .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
2021/09/17 02:07 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 5b989942 .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
2021/09/16 14:03 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 7612dc77 .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
2021/09/14 15:57 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 07e953c1 .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
2021/09/13 18:05 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 58d09404 .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
2021/09/13 18:05 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 58d09404 .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
2021/09/10 10:30 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 7d2a07b76933 5ae8508a .config console log report ci-qemu2-riscv64 riscv/fixes boot error: BUG: unable to handle kernel NULL pointer dereference in corrupted
* Struck through repros no longer work on HEAD.