syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [988] ≡ Subsystems 🐞 Fixed [5236] 🐞 Invalid [12506] ⬇ Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
================================================================== BUG: KASAN: null-ptr-deref in check_wait_context kernel/locking/lockdep.c:4700 [inline] BUG: KASAN: null-ptr-deref in __lock_acquire+0x336/0x333e kernel/locking/lockdep.c:4977 Read of size 1 at addr 00000000000000b8 by task syz-fuzzer/2025 CPU: 1 PID: 2025 Comm: syz-fuzzer Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:113 [<ffffffff831668cc>] show_stack+0x34/0x40 arch/riscv/kernel/stacktrace.c:119 [<ffffffff831756ba>] __dump_stack lib/dump_stack.c:88 [inline] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:106 [<ffffffff80474da6>] __kasan_report mm/kasan/report.c:446 [inline] [<ffffffff80474da6>] kasan_report+0x1de/0x1e0 mm/kasan/report.c:459 [<ffffffff804757da>] check_region_inline mm/kasan/generic.c:183 [inline] [<ffffffff804757da>] __asan_load1+0x54/0x6c mm/kasan/generic.c:253 [<ffffffff801125b8>] check_wait_context kernel/locking/lockdep.c:4700 [inline] [<ffffffff801125b8>] __lock_acquire+0x336/0x333e kernel/locking/lockdep.c:4977 [<ffffffff80116582>] lock_acquire.part.0+0x1d0/0x424 kernel/locking/lockdep.c:5639 [<ffffffff8011682a>] lock_acquire+0x54/0x6a kernel/locking/lockdep.c:5612 [<ffffffff800cf2a8>] do_write_seqcount_begin_nested include/linux/seqlock.h:520 [inline] [<ffffffff800cf2a8>] do_write_seqcount_begin include/linux/seqlock.h:545 [inline] [<ffffffff800cf2a8>] vtime_task_switch_generic+0x50/0x1f4 kernel/sched/cputime.c:769 [<ffffffff800bdc7a>] vtime_task_switch include/linux/vtime.h:95 [inline] [<ffffffff800bdc7a>] finish_task_switch.isra.0+0x292/0x420 kernel/sched/core.c:4860 [<ffffffff831a5c8a>] context_switch kernel/sched/core.c:4989 [inline] [<ffffffff831a5c8a>] __schedule+0x58e/0x118e kernel/sched/core.c:6296 [<ffffffff831a68fe>] schedule+0x74/0x14c kernel/sched/core.c:6369 [<ffffffff8019970a>] freezable_schedule include/linux/freezer.h:172 [inline] [<ffffffff8019970a>] futex_wait_queue+0xc4/0x1d4 kernel/futex/waitwake.c:355 [<ffffffff8019a338>] futex_wait+0x174/0x2f8 kernel/futex/waitwake.c:656 [<ffffffff80194d3e>] do_futex+0x19c/0x284 kernel/futex/syscalls.c:106 [<ffffffff80194f1e>] __do_sys_futex kernel/futex/syscalls.c:183 [inline] [<ffffffff80194f1e>] sys_futex+0xf8/0x310 kernel/futex/syscalls.c:164 [<ffffffff80005716>] ret_from_syscall+0x0/0x2 ================================================================== Unable to handle kernel NULL pointer dereference at virtual address 00000000000000b8 Oops [#1] Modules linked in: CPU: 1 PID: 2025 Comm: syz-fuzzer Tainted: G B 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Hardware name: riscv-virtio,qemu (DT) epc : check_wait_context kernel/locking/lockdep.c:4700 [inline] epc : __lock_acquire+0x33a/0x333e kernel/locking/lockdep.c:4977 ra : check_wait_context kernel/locking/lockdep.c:4700 [inline] ra : __lock_acquire+0x336/0x333e kernel/locking/lockdep.c:4977 epc : ffffffff801125bc ra : ffffffff801125b8 sp : ffffaf800eb17570 gp : ffffffff85863ac0 tp : ffffaf800938c8c0 t0 : ffffffff86bcb657 t1 : fffffffef0b0dfa4 t2 : 0000000000000000 s0 : ffffaf800eb176d0 s1 : 0000000000000000 a0 : ffffaf800938d300 a1 : 0000000000000003 a2 : 1ffff5f001271919 a3 : ffffffff831afd3a a4 : 0000000000000000 a5 : ffffaf800938d8c0 a6 : 0000000000f00000 a7 : ffffffff8586fd23 s2 : 0000000000000081 s3 : ffffffff858c4cb0 s4 : 0000000000000000 s5 : ffffaf800938d2d8 s6 : ffffffff858c4ca0 s7 : 00000000000c0000 s8 : ffffaf800938d2e0 s9 : ffffffff800bdc7a s10: 00000000000c0081 s11: ffffaf800938c8c0 t3 : 000000000000003d t4 : fffffffef0b0dfa4 t5 : fffffffef0b0dfa5 t6 : ffffaf800eb16fd8 status: 0000000000000100 badaddr: 00000000000000b8 cause: 000000000000000d [<ffffffff80116582>] lock_acquire.part.0+0x1d0/0x424 kernel/locking/lockdep.c:5639 [<ffffffff8011682a>] lock_acquire+0x54/0x6a kernel/locking/lockdep.c:5612 [<ffffffff800cf2a8>] do_write_seqcount_begin_nested include/linux/seqlock.h:520 [inline] [<ffffffff800cf2a8>] do_write_seqcount_begin include/linux/seqlock.h:545 [inline] [<ffffffff800cf2a8>] vtime_task_switch_generic+0x50/0x1f4 kernel/sched/cputime.c:769 [<ffffffff800bdc7a>] vtime_task_switch include/linux/vtime.h:95 [inline] [<ffffffff800bdc7a>] finish_task_switch.isra.0+0x292/0x420 kernel/sched/core.c:4860 [<ffffffff831a5c8a>] context_switch kernel/sched/core.c:4989 [inline] [<ffffffff831a5c8a>] __schedule+0x58e/0x118e kernel/sched/core.c:6296 [<ffffffff831a68fe>] schedule+0x74/0x14c kernel/sched/core.c:6369 [<ffffffff8019970a>] freezable_schedule include/linux/freezer.h:172 [inline] [<ffffffff8019970a>] futex_wait_queue+0xc4/0x1d4 kernel/futex/waitwake.c:355 [<ffffffff8019a338>] futex_wait+0x174/0x2f8 kernel/futex/waitwake.c:656 [<ffffffff80194d3e>] do_futex+0x19c/0x284 kernel/futex/syscalls.c:106 [<ffffffff80194f1e>] __do_sys_futex kernel/futex/syscalls.c:183 [inline] [<ffffffff80194f1e>] sys_futex+0xf8/0x310 kernel/futex/syscalls.c:164 [<ffffffff80005716>] ret_from_syscall+0x0/0x2
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2022/09/10 18:30 | git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes | 0966d385830d | 356d8217 | .config | console log | report | info | ci-qemu2-riscv64 | KASAN: null-ptr-deref Read in vtime_task_switch_generic |