general protection fault in reiserfs_security

general protection fault in reiserfs_security_init
Status: upstream: reported C repro on 2020/09/21 09:32
Reported-by: syzbot+690cb1e51970435f9775@syzkaller.appspotmail.com
First crash: 163d, last: 1h08m

Cause bisection: introduced by (bisect log) :
commit 1592c4b9935fa8a3b7c297955bb872a357e5a3b6
Author: Linhua Xu <linhua.xu@unisoc.com>
Date: Wed Mar 25 08:25:28 2020 +0000

pinctrl: sprd: Add pin high impedance mode support

Crash: WARNING: ODEBUG bug in netdev_run_todo (log)
Repro: C syz .config

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2021/02/21 01:15	35m	penguin-kernel@i-love.sakura.ne.jp	patch	upstream	OK
2020/10/02 03:14	9m	anant.thazhemadam@gmail.com	patch	https://github.com/google/kmsan.git master	report log

Sample crash report:

REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
REISERFS (device loop0): checking transaction log (loop0)
REISERFS (device loop0): Using rupasov hash to sort names
general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]
CPU: 0 PID: 8372 Comm: syz-executor538 Not tainted 5.11.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:d_really_is_negative include/linux/dcache.h:475 [inline]
RIP: 0010:reiserfs_xattr_jcreate_nblocks fs/reiserfs/xattr.h:78 [inline]
RIP: 0010:reiserfs_security_init+0x28f/0x530 fs/reiserfs/xattr_security.c:70
Code: 48 c1 e9 03 80 3c 11 00 0f 85 91 02 00 00 49 8b 87 a0 05 00 00 48 ba 00 00 00 00 00 fc ff df 48 8d 78 68 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 4d 02 00 00 48 83 78 68 00 0f 84 be 01 00 00 48
RSP: 0018:ffffc9000161f970 EFLAGS: 00010212
RAX: 0000000000000000 RBX: 0000000000000036 RCX: 000000000000000d
RDX: dffffc0000000000 RSI: 000000000000006c RDI: 0000000000000068
RBP: ffff8880322e87a0 R08: 0000000000000000 R09: ffffc9000161fa18
R10: ffffffff82007170 R11: 0000000000000000 R12: 000000000000057d
R13: ffff8880156f8000 R14: 0000000000000000 R15: ffff888022e30000
FS:  0000000001ef8300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fffe488ef68 CR3: 0000000013e1d000 CR4: 0000000000350ef0
Call Trace:
 reiserfs_mkdir+0x2c9/0x980 fs/reiserfs/namei.c:821
 create_privroot fs/reiserfs/xattr.c:889 [inline]
 reiserfs_xattr_init+0x4de/0xb60 fs/reiserfs/xattr.c:1011
 reiserfs_fill_super+0x2166/0x2e00 fs/reiserfs/super.c:2177
 mount_bdev+0x34d/0x410 fs/super.c:1367
 legacy_get_tree+0x105/0x220 fs/fs_context.c:592
 vfs_get_tree+0x89/0x2f0 fs/super.c:1497
 do_new_mount fs/namespace.c:2881 [inline]
 path_mount+0x13ad/0x20c0 fs/namespace.c:3211
 do_mount fs/namespace.c:3224 [inline]
 __do_sys_mount fs/namespace.c:3432 [inline]
 __se_sys_mount fs/namespace.c:3409 [inline]
 __x64_sys_mount+0x27f/0x300 fs/namespace.c:3409
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x44518a
Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff8cc5f788 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fff8cc5f7e0 RCX: 000000000044518a
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fff8cc5f7a0
RBP: 00007fff8cc5f7a0 R08: 00007fff8cc5f7e0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000290
R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000006
Modules linked in:
---[ end trace 242d271a8eb82b35 ]---
RIP: 0010:d_really_is_negative include/linux/dcache.h:475 [inline]
RIP: 0010:reiserfs_xattr_jcreate_nblocks fs/reiserfs/xattr.h:78 [inline]
RIP: 0010:reiserfs_security_init+0x28f/0x530 fs/reiserfs/xattr_security.c:70
Code: 48 c1 e9 03 80 3c 11 00 0f 85 91 02 00 00 49 8b 87 a0 05 00 00 48 ba 00 00 00 00 00 fc ff df 48 8d 78 68 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 4d 02 00 00 48 83 78 68 00 0f 84 be 01 00 00 48
RSP: 0018:ffffc9000161f970 EFLAGS: 00010212
RAX: 0000000000000000 RBX: 0000000000000036 RCX: 000000000000000d
RDX: dffffc0000000000 RSI: 000000000000006c RDI: 0000000000000068
RBP: ffff8880322e87a0 R08: 0000000000000000 R09: ffffc9000161fa18
R10: ffffffff82007170 R11: 0000000000000000 R12: 000000000000057d
R13: ffff8880156f8000 R14: 0000000000000000 R15: ffff888022e30000
FS:  0000000001ef8300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fffe488ef68 CR3: 0000000013e1d000 CR4: 0000000000350ef0

Crashes (23788):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce-root	2021/02/24 04:35	upstream	3b9cdafb	fcc6d71b	.config	log	report	syz	C		general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/01 23:05	upstream	1048ba83	e6b95f32	.config	log	report	syz	C		general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/01/24 07:59	upstream	e1ae4b0b	52e37319	.config	log	report	syz	C		general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2020/10/11 11:40	upstream	da690031	4a77ae0b	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/09 01:56	upstream	3d006ee4	92390980	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/08 06:56	upstream	c85fb28b	1880b4a9	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/04 23:09	upstream	22fbc037	5ef9c291	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/04 22:24	upstream	22fbc037	5ef9c291	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/03 17:15	upstream	d3d45f82	2653fa43	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/03 14:16	upstream	d3d45f82	2653fa43	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/09/29 16:51	upstream	fb0155a0	1b88c6d5	.config	log	report	syz	C
ci-upstream-kasan-gce-root	2020/09/21 01:16	upstream	325d0eab	9564d2e9	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/09/20 19:48	upstream	325d0eab	9564d2e9	.config	log	report	syz	C
ci-upstream-linux-next-kasan-gce-root	2020/09/21 01:55	linux-next	b652d2a5	9564d2e9	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2021/03/02 02:28	upstream	7a7fd0de	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/01 21:53	upstream	7a7fd0de	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/01 20:45	upstream	7a7fd0de	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/01 20:38	upstream	7a7fd0de	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/01 15:57	upstream	fe07bfda	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/01 14:26	upstream	fe07bfda	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/01 13:48	upstream	fe07bfda	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/01 02:51	upstream	cd278456	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/01 02:35	upstream	cd278456	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/28 23:29	upstream	cd278456	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/02/28 22:27	upstream	cd278456	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/02/28 04:17	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/02/28 00:42	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/27 23:38	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/27 21:17	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/27 21:05	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/27 19:57	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/02/27 19:43	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/27 18:35	upstream	3fb6d0e0	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/02/27 11:59	upstream	3fb6d0e0	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/02/27 10:09	upstream	3fb6d0e0	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/27 09:11	upstream	3fb6d0e0	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/02/27 08:02	upstream	3fb6d0e0	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/02 01:13	upstream	7a7fd0de	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/01 23:00	upstream	7a7fd0de	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/01 19:38	upstream	fe07bfda	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/01 15:27	upstream	fe07bfda	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/01 12:45	upstream	fe07bfda	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/01 12:12	upstream	fe07bfda	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/01 10:53	upstream	fe07bfda	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/01 00:08	upstream	cd278456	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/28 22:26	upstream	cd278456	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/28 21:23	upstream	cd278456	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/28 09:46	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/28 08:23	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/28 07:57	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/28 06:56	upstream	5695e516	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/28 02:09	upstream	5ceabb60	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/27 17:42	upstream	5ceabb60	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/02/27 16:36	upstream	3fb6d0e0	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/02 03:47	linux-next	92f791eb	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/02 03:33	linux-next	92f791eb	183afb6c	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/01 18:11	linux-next	26ada2d1	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/01 04:02	linux-next	26ada2d1	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/02/28 18:03	linux-next	d01f2f7e	4c37c133	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/01/17 13:52	linux-next	b3a3cbde	813be542	.config	log	report			info
ci-upstream-linux-next-kasan-gce-root	2020/09/19 12:30	linux-next	b652d2a5	53ce8104	.config	log	report			info