syzbot


general protection fault in console_unlock

Status: closed as invalid on 2024/09/06 13:45
Subsystems: kernel
[Documentation on labels]
First crash: 173d, last: 173d

Sample crash report:
Oops: : 0000 [#1] PREEMPT SMP KASAN PTI
Oops: general protection fault, probably for non-canonical address 0xdffffbff81fc9623: 0000 [#2] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 5440 Comm: syz.1.36 Tainted: G    B              6.11.0-rc4-next-20240823-syzkaller #0
Tainted: [B]=BAD_PAGE
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
RIP: 0010:console_unlock+0x143/0x4d0 kernel/printk/printk.c:3154
Code: 1b 7d 8e 48 c1 e8 03 48 89 44 24 20 c6 05 c4 b3 89 13 00 8b 7c 24 0c 4c 89 e6 4c 89 ea e8 c5 38 00 00 41 89 c7 48 8b 44 24 38 <42> 0f b6 04 30 84 c0 0f 85 84 02 00 00 0f b6 9c 24 a0 00 00 00 31
RSP: 0018:ffffc900049bee80 EFLAGS: 00010046
RAX: ffffffff81fc9623 RBX: 0000000000000000 RCX: 0000000000040000
RDX: ffff88802a1cbc00 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffffc900049befb0 R08: ffffffff81741156 R09: 1ffffffff2038375
R10: dffffc0000000000 R11: fffffbfff2038376 R12: ffffc900049bef30
R13: ffffc900049bef20 R14: dffffc0000000000 R15: 0000000081740d01
FS:  00007fc2bd5f86c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020404030 CR3: 000000002a250000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 widen_string+0x3a/0x310 lib/vsprintf.c:622
 vsnprintf+0x1ccd/0x1da0 lib/vsprintf.c:2875
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: d400:0x1ffffffff2038375
Code: Unable to access opcode bytes at 0x1ffffffff203834b.
RSP: 0000:ffffffff8bbc4960 EFLAGS: ffffffff8e080556 ORIG_RAX: ffffffff815e2615
RAX: ffffffff8e07942b RBX: dffffc0000000000 RCX: ffffc900049c0000
RDX: ffffffff8e0a2b68 RSI: 3de12ad4c94fd400 RDI: ffffffff8bbc4a35
RBP: ffffc900049bf3e0 R08: ffffc900049bf540 R09: ffffffff8bbc4a35
R10: ffffc900049bf4a0 R11: ffffc900049bf400 R12: ffffffff81702f30
R13: ffffffff8e0864aa R14: 0000000045e0360e R15: ffffc900049bf3b0
FS:  00007fc2bd5f86c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
CS:  d400 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020404030 CR3: 000000002a250000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	1b 7d 8e             	sbb    -0x72(%rbp),%edi
   3:	48 c1 e8 03          	shr    $0x3,%rax
   7:	48 89 44 24 20       	mov    %rax,0x20(%rsp)
   c:	c6 05 c4 b3 89 13 00 	movb   $0x0,0x1389b3c4(%rip)        # 0x1389b3d7
  13:	8b 7c 24 0c          	mov    0xc(%rsp),%edi
  17:	4c 89 e6             	mov    %r12,%rsi
  1a:	4c 89 ea             	mov    %r13,%rdx
  1d:	e8 c5 38 00 00       	call   0x38e7
  22:	41 89 c7             	mov    %eax,%r15d
  25:	48 8b 44 24 38       	mov    0x38(%rsp),%rax
* 2a:	42 0f b6 04 30       	movzbl (%rax,%r14,1),%eax <-- trapping instruction
  2f:	84 c0                	test   %al,%al
  31:	0f 85 84 02 00 00    	jne    0x2bb
  37:	0f b6 9c 24 a0 00 00 	movzbl 0xa0(%rsp),%ebx
  3e:	00
  3f:	31                   	.byte 0x31

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/08/23 11:26 linux-next c79c85875f1a ce8a9099 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root general protection fault in console_unlock
* Struck through repros no longer work on HEAD.