general protection fault in reiserfs_security

general protection fault in reiserfs_security_init
Status: upstream: reported C repro on 2020/09/21 09:32
Reported-by: syzbot+690cb1e51970435f9775@syzkaller.appspotmail.com
Fix commit: 5e46d1b78a03 reiserfs: update reiserfs_xattrs_initialized() condition
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32]
First crash: 309d, last: 115d

Cause bisection: introduced by (bisect log) :
commit 1592c4b9935fa8a3b7c297955bb872a357e5a3b6
Author: Linhua Xu <linhua.xu@unisoc.com>
Date: Wed Mar 25 08:25:28 2020 +0000

pinctrl: sprd: Add pin high impedance mode support

Crash: WARNING: ODEBUG bug in netdev_run_todo (log)
Repro: C syz .config

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2021/03/25 06:36	10m	penguin-kernel@i-love.sakura.ne.jp	patch	upstream	report log
2021/03/24 14:19	10m	penguin-kernel@i-love.sakura.ne.jp	patch	upstream	report log
2021/03/24 13:58	11m	penguin-kernel@i-love.sakura.ne.jp	patch	upstream	report log
2021/02/21 01:15	35m	penguin-kernel@i-love.sakura.ne.jp	patch	upstream	OK
2020/10/02 03:14	9m	anant.thazhemadam@gmail.com	patch	https://github.com/google/kmsan.git master	report log

Sample crash report:

REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
REISERFS (device loop0): checking transaction log (loop0)
REISERFS (device loop0): Using rupasov hash to sort names
general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]
CPU: 0 PID: 8372 Comm: syz-executor538 Not tainted 5.11.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:d_really_is_negative include/linux/dcache.h:475 [inline]
RIP: 0010:reiserfs_xattr_jcreate_nblocks fs/reiserfs/xattr.h:78 [inline]
RIP: 0010:reiserfs_security_init+0x28f/0x530 fs/reiserfs/xattr_security.c:70
Code: 48 c1 e9 03 80 3c 11 00 0f 85 91 02 00 00 49 8b 87 a0 05 00 00 48 ba 00 00 00 00 00 fc ff df 48 8d 78 68 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 4d 02 00 00 48 83 78 68 00 0f 84 be 01 00 00 48
RSP: 0018:ffffc9000161f970 EFLAGS: 00010212
RAX: 0000000000000000 RBX: 0000000000000036 RCX: 000000000000000d
RDX: dffffc0000000000 RSI: 000000000000006c RDI: 0000000000000068
RBP: ffff8880322e87a0 R08: 0000000000000000 R09: ffffc9000161fa18
R10: ffffffff82007170 R11: 0000000000000000 R12: 000000000000057d
R13: ffff8880156f8000 R14: 0000000000000000 R15: ffff888022e30000
FS:  0000000001ef8300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fffe488ef68 CR3: 0000000013e1d000 CR4: 0000000000350ef0
Call Trace:
 reiserfs_mkdir+0x2c9/0x980 fs/reiserfs/namei.c:821
 create_privroot fs/reiserfs/xattr.c:889 [inline]
 reiserfs_xattr_init+0x4de/0xb60 fs/reiserfs/xattr.c:1011
 reiserfs_fill_super+0x2166/0x2e00 fs/reiserfs/super.c:2177
 mount_bdev+0x34d/0x410 fs/super.c:1367
 legacy_get_tree+0x105/0x220 fs/fs_context.c:592
 vfs_get_tree+0x89/0x2f0 fs/super.c:1497
 do_new_mount fs/namespace.c:2881 [inline]
 path_mount+0x13ad/0x20c0 fs/namespace.c:3211
 do_mount fs/namespace.c:3224 [inline]
 __do_sys_mount fs/namespace.c:3432 [inline]
 __se_sys_mount fs/namespace.c:3409 [inline]
 __x64_sys_mount+0x27f/0x300 fs/namespace.c:3409
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x44518a
Code: 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff8cc5f788 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fff8cc5f7e0 RCX: 000000000044518a
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fff8cc5f7a0
RBP: 00007fff8cc5f7a0 R08: 00007fff8cc5f7e0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000290
R13: 0000000000000003 R14: 0000000000000004 R15: 0000000000000006
Modules linked in:
---[ end trace 242d271a8eb82b35 ]---
RIP: 0010:d_really_is_negative include/linux/dcache.h:475 [inline]
RIP: 0010:reiserfs_xattr_jcreate_nblocks fs/reiserfs/xattr.h:78 [inline]
RIP: 0010:reiserfs_security_init+0x28f/0x530 fs/reiserfs/xattr_security.c:70
Code: 48 c1 e9 03 80 3c 11 00 0f 85 91 02 00 00 49 8b 87 a0 05 00 00 48 ba 00 00 00 00 00 fc ff df 48 8d 78 68 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 4d 02 00 00 48 83 78 68 00 0f 84 be 01 00 00 48
RSP: 0018:ffffc9000161f970 EFLAGS: 00010212
RAX: 0000000000000000 RBX: 0000000000000036 RCX: 000000000000000d
RDX: dffffc0000000000 RSI: 000000000000006c RDI: 0000000000000068
RBP: ffff8880322e87a0 R08: 0000000000000000 R09: ffffc9000161fa18
R10: ffffffff82007170 R11: 0000000000000000 R12: 000000000000057d
R13: ffff8880156f8000 R14: 0000000000000000 R15: ffff888022e30000
FS:  0000000001ef8300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fffe488ef68 CR3: 0000000013e1d000 CR4: 0000000000350ef0

Crashes (26311):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce-root	2021/02/24 04:35	upstream	3b9cdafb5358	fcc6d71b	.config	log	report	syz	C		general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/02/01 23:05	upstream	1048ba83fb1c	e6b95f32	.config	log	report	syz	C		general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/01/24 07:59	upstream	e1ae4b0be158	52e37319	.config	log	report	syz	C		general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/23 07:48	linux-next	e3128d2f068e	8092f30d	.config	log	report	syz	C		general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2020/10/11 11:40	upstream	da690031a5d6	4a77ae0b	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/09 01:56	upstream	3d006ee42dde	92390980	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/08 06:56	upstream	c85fb28b6f99	1880b4a9	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/04 23:09	upstream	22fbc037cd32	5ef9c291	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/04 22:24	upstream	22fbc037cd32	5ef9c291	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/03 17:15	upstream	d3d45f8220d6	2653fa43	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/10/03 14:16	upstream	d3d45f8220d6	2653fa43	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/09/29 16:51	upstream	fb0155a09b02	1b88c6d5	.config	log	report	syz	C
ci-upstream-kasan-gce-root	2020/09/21 01:16	upstream	325d0eab4f31	9564d2e9	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2020/09/20 19:48	upstream	325d0eab4f31	9564d2e9	.config	log	report	syz	C
ci-upstream-linux-next-kasan-gce-root	2020/09/21 01:55	linux-next	b652d2a5f2a4	9564d2e9	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2021/03/31 00:08	upstream	2bb25b3a748a	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/30 23:15	upstream	2bb25b3a748a	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/30 22:12	upstream	2bb25b3a748a	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/30 21:52	upstream	2bb25b3a748a	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/29 23:02	upstream	1e43c377a79f	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/29 21:10	upstream	1e43c377a79f	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/29 14:42	upstream	a5e13c6df0e4	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/29 13:17	upstream	a5e13c6df0e4	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/29 13:07	upstream	a5e13c6df0e4	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/29 12:02	upstream	a5e13c6df0e4	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/28 22:26	upstream	36a14638f7c0	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/28 21:25	upstream	36a14638f7c0	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/28 20:54	upstream	81b1d39fd39a	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/28 19:52	upstream	81b1d39fd39a	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/27 11:52	upstream	0f4498cef9f5	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/27 10:16	upstream	0f4498cef9f5	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/27 08:35	upstream	0f4498cef9f5	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/26 20:48	upstream	db24726bfefa	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/26 18:34	upstream	db24726bfefa	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/26 18:31	upstream	db24726bfefa	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-root	2021/03/26 17:27	upstream	db24726bfefa	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-kasan-gce-smack-root	2021/03/26 17:24	upstream	db24726bfefa	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/30 01:29	upstream	1e43c377a79f	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/30 00:04	upstream	1e43c377a79f	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/29 22:42	upstream	1e43c377a79f	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/29 21:38	upstream	1e43c377a79f	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/29 16:19	upstream	a5e13c6df0e4	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/29 14:18	upstream	a5e13c6df0e4	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/29 02:29	upstream	36a14638f7c0	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/29 02:23	upstream	36a14638f7c0	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/29 01:17	upstream	36a14638f7c0	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/28 23:38	upstream	36a14638f7c0	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/27 03:37	upstream	0f4498cef9f5	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/27 02:54	upstream	0f4498cef9f5	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/27 01:52	upstream	0f4498cef9f5	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/27 00:40	upstream	0f4498cef9f5	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-qemu-upstream-386	2021/03/26 23:31	upstream	0f4498cef9f5	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/04/01 08:42	linux-next	931294922e65	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/31 10:40	linux-next	931294922e65	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/31 01:42	linux-next	931294922e65	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/29 19:51	linux-next	931294922e65	6a81331a	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/29 18:48	linux-next	931294922e65	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/27 12:58	linux-next	931294922e65	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/27 08:59	linux-next	931294922e65	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/03/27 07:34	linux-next	931294922e65	a8529b82	.config	log	report			info	general protection fault in reiserfs_security_init
ci-upstream-linux-next-kasan-gce-root	2021/01/17 13:52	linux-next	b3a3cbdec55b	813be542	.config	log	report			info
ci-upstream-linux-next-kasan-gce-root	2020/09/19 12:30	linux-next	b652d2a5f2a4	53ce8104	.config	log	report			info