syzbot

 sign-in | mailing list | source | docs
🐞 Open [1659]
Subsystems
🐞 Fixed [5984]
🐞 Invalid [14727]
Missing Backports [131]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

BUG: unable to handle kernel paging request in netpoll_poll_disable

Status: auto-obsoleted due to no activity on 2025/01/08 11:55
Subsystems: net
[Documentation on labels]
First crash: 152d, last: 105d

Sample crash report:
bridge0: port 2(bridge_slave_1) entered disabled state
bridge_slave_0: left allmulticast mode
bridge_slave_0: left promiscuous mode
bridge0: port 1(bridge_slave_0) entered disabled state
BUG: unable to handle page fault for address: fffffbfff4219430
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 23ffe4067 P4D 23ffe4067 PUD 23ffe3067 PMD 0 
Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 3043 Comm: kworker/u8:16 Not tainted 6.11.0-rc7-syzkaller-00135-gb7718454f937 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Workqueue: netns cleanup_net
RIP: 0010:bytes_is_nonzero mm/kasan/generic.c:87 [inline]
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:104 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:161 [inline]
RIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]
RIP: 0010:kasan_check_range+0x82/0x290 mm/kasan/generic.c:189
Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00
RSP: 0018:ffffc90009c27360 EFLAGS: 00010086
RAX: 00000000019dcb01 RBX: 1ffffffff4219430 RCX: ffffffff816fdf6b
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffffa10ca180
RBP: ffffffffffffffff R08: ffffffffa10ca187 R09: 1ffffffff4219430
R10: dffffc0000000000 R11: fffffbfff4219430 R12: ffff888031bf9e00
R13: ffff888031bfa8d8 R14: dffffc0000000001 R15: fffffbfff4219431
FS:  0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffffbfff4219430 CR3: 00000000334f6000 CR4: 00000000003506f0
Call Trace:
 <TASK>
 instrument_atomic_read include/linux/instrumented.h:68 [inline]
 _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
 __lock_acquire+0xc8b/0x2040 kernel/locking/lockdep.c:5112
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5759
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162
 down+0x39/0xc0 kernel/locking/semaphore.c:59
 netpoll_poll_disable+0x10a/0x1d0 net/core/netpoll.c:228
 __dev_close_many+0x107/0x300 net/core/dev.c:1530
 dev_close_many+0x24e/0x4c0 net/core/dev.c:1583
 unregister_netdevice_many_notify+0x50b/0x1c40 net/core/dev.c:11327
 cleanup_net+0x75d/0xcc0 net/core/net_namespace.c:635
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312
 worker_thread+0x870/0xd30 kernel/workqueue.c:3393
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Modules linked in:
CR2: fffffbfff4219430
---[ end trace 0000000000000000 ]---
RIP: 0010:bytes_is_nonzero mm/kasan/generic.c:87 [inline]
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:104 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:161 [inline]
RIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]
RIP: 0010:kasan_check_range+0x82/0x290 mm/kasan/generic.c:189
Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00
RSP: 0018:ffffc90009c27360 EFLAGS: 00010086
RAX: 00000000019dcb01 RBX: 1ffffffff4219430 RCX: ffffffff816fdf6b
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffffa10ca180
RBP: ffffffffffffffff R08: ffffffffa10ca187 R09: 1ffffffff4219430
R10: dffffc0000000000 R11: fffffbfff4219430 R12: ffff888031bf9e00
R13: ffff888031bfa8d8 R14: dffffc0000000001 R15: fffffbfff4219431
FS:  0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffffbfff4219430 CR3: 00000000334f6000 CR4: 00000000003506f0
----------------
Code disassembly (best guess), 7 bytes skipped:
   0:	df 4f 8d             	fisttps -0x73(%rdi)
   3:	3c 31                	cmp    $0x31,%al
   5:	4c 89 fd             	mov    %r15,%rbp
   8:	4c 29 dd             	sub    %r11,%rbp
   b:	48 83 fd 10          	cmp    $0x10,%rbp
   f:	7f 29                	jg     0x3a
  11:	48 85 ed             	test   %rbp,%rbp
  14:	0f 84 3e 01 00 00    	je     0x158
  1a:	4c 89 cd             	mov    %r9,%rbp
  1d:	48 f7 d5             	not    %rbp
  20:	48 01 dd             	add    %rbx,%rbp
* 23:	41 80 3b 00          	cmpb   $0x0,(%r11) <-- trapping instruction
  27:	0f 85 c9 01 00 00    	jne    0x1f6
  2d:	49 ff c3             	inc    %r11
  30:	48 ff c5             	inc    %rbp
  33:	75 ee                	jne    0x23
  35:	e9                   	.byte 0xe9
  36:	1e                   	(bad)
  37:	01 00                	add    %eax,(%rax)

Crashes (9):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/09/14 11:25 upstream b7718454f937 ff60e2ca .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce BUG: unable to handle kernel paging request in netpoll_poll_disable
2024/08/30 08:05 upstream d5d547aa7b51 54fe8471 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce BUG: unable to handle kernel paging request in netpoll_poll_disable
2024/08/25 16:50 upstream 5be63fc19fca d7d32352 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: unable to handle kernel paging request in netpoll_poll_disable
2024/08/21 10:00 upstream b311c1b497e5 db5852f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce BUG: unable to handle kernel paging request in netpoll_poll_disable
2024/08/26 23:47 net-next 18aaa82bd36a 9aee4e0b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce BUG: unable to handle kernel paging request in netpoll_poll_disable
2024/10/07 15:54 upstream 8cf0b93919e1 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in netpoll_poll_disable
2024/08/30 15:30 upstream 20371ba12063 54fe8471 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce KASAN: wild-memory-access Read in netpoll_poll_disable
2024/08/30 07:28 upstream d5d547aa7b51 54fe8471 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce KASAN: wild-memory-access Read in netpoll_poll_disable
2024/09/13 18:45 upstream 196145c606d0 158f4851 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 KASAN: wild-memory-access Read in netpoll_poll_disable
* Struck through repros no longer work on HEAD.