syzbot

 sign-in | mailing list | source | docs
🐞 Open [985] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KASAN: invalid-free in dentry_free

Status: auto-closed as invalid on 2019/06/03 01:45
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+7f48a500c2e61c0d9516@syzkaller.appspotmail.com
First crash: 1962d, last: 1962d

Sample crash report:
==================================================================
kasan: CONFIG_KASAN_INLINE enabled
BUG: KASAN: double-free or invalid-free in __d_free fs/dcache.c:257 [inline]
BUG: KASAN: double-free or invalid-free in dentry_free+0xe9/0x170 fs/dcache.c:334

CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x244/0x39d lib/dump_stack.c:113
 print_address_description.cold.7+0x9/0x1ff mm/kasan/report.c:256
 kasan_report_invalid_free+0x64/0xa0 mm/kasan/report.c:336
 __kasan_slab_free+0x13a/0x150 mm/kasan/kasan.c:501
 kasan_slab_free+0xe/0x10 mm/kasan/kasan.c:528
 __cache_free mm/slab.c:3498 [inline]
 kmem_cache_free+0x83/0x290 mm/slab.c:3760
 __d_free fs/dcache.c:257 [inline]
 dentry_free+0xe9/0x170 fs/dcache.c:334
 __dentry_kill+0x527/0x7a0 fs/dcache.c:566
 dentry_kill+0xc9/0x680 fs/dcache.c:671
 dput.part.25+0x660/0x860 fs/dcache.c:832
 dput+0x15/0x20 fs/dcache.c:814
 __fput+0x4cf/0xa30 fs/file_table.c:291
 ____fput+0x15/0x20 fs/file_table.c:309
 task_work_run+0x1e8/0x2a0 kernel/task_work.c:113
 exit_task_work include/linux/task_work.h:22 [inline]
 do_exit+0x1ad6/0x26d0 kernel/exit.c:867
 do_group_exit+0x177/0x440 kernel/exit.c:970
 get_signal+0x8b0/0x1980 kernel/signal.c:2517
 do_signal+0x9c/0x21c0 arch/x86/kernel/signal.c:816
 exit_to_usermode_loop+0x2e5/0x380 arch/x86/entry/common.c:162
 prepare_exit_to_usermode+0x342/0x3b0 arch/x86/entry/common.c:197
 retint_user+0x8/0x18
RIP: 0033:0x7f0837dc3943
Code: Bad RIP value.
RSP: 002b:00007fff018a19c8 EFLAGS: 00010246
RAX: 0000000000000001 RBX: 00000000ffffffff RCX: 00007f0837dc3943
RDX: 0000000000000008 RSI: 00007fff018a1ac0 RDI: 000000000000000a
RBP: 0000000000000000 R08: 00000000014e80d0 R09: 00007f0837e0d1d0
R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000003
R13: 0000000000000010 R14: 00000000014ee4f0 R15: 00000000014e8250
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7e928 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7e958 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#2] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7e248 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7e278 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#3] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7db68 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7db98 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#4] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7d488 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7d4b8 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#5] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7cda8 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7cdd8 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#6] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7c6c8 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7c6f8 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#7] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7bfe8 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7c018 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#8] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7b908 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7b938 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#9] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7b228 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7b258 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#10] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7ab48 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7ab78 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#11] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7a468 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7a498 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#12] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d79d88 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d79db8 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#13] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d796a8 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d796d8 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#14] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d78fc8 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d78ff8 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#15] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d788e8 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d78918 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#16] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
usercopy: Kernel memory overwrite attempt detected to SLAB object 'filp(65:syz3)' (offset 520, size 2)!
------------[ cut here ]------------
Bad or missing usercopy whitelist? Kernel memory overwrite attempt detected to SLAB object 'filp(65:syz3)' (offset 168, size 2)!
usercopy: Kernel memory overwrite attempt detected to SLAB object 'filp(65:syz3)' (offset 456, size 2)!
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
invalid opcode: 0000 [#17] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
usercopy: Kernel memory overwrite attempt detected to SLAB object 'filp(65:syz3)' (offset 424, size 64)!
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:102!
invalid opcode: 0000 [#18] PREEMPT SMP KASAN
CPU: 1 PID: 3718 Comm: udevd Not tainted 4.20.0-rc4+ #326
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:usercopy_abort+0xbb/0xbd mm/usercopy.c:90
Code: c0 e8 47 ae b1 ff 48 8b 55 c0 49 89 d9 4d 89 f0 ff 75 c8 4c 89 e1 4c 89 ee 48 c7 c7 00 dc 34 88 ff 75 d0 41 57 e8 27 fa 97 ff <0f> 0b e8 1c ae b1 ff e8 97 13 f5 ff 8b 95 e4 fe ff ff 4c 89 e1 31
RSP: 0000:ffff8881c2d75fb8 EFLAGS: 00010082
RAX: 0000000000000068 RBX: ffff8881d90c4c00 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8165eae5 RDI: 0000000000000005
RBP: ffff8881c2d76010 R08: ffff8881c2d741c0 R09: ffffed103b5e3ef8
R10: ffffed103b5e3ef8 R11: ffff8881daf1f7c7 R12: ffffffff8914f805
R13: ffffffff8834da60 R14: ffffffff8834d9a0 R15: ffffffff8834d960
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
Modules linked in:

======================================================
WARNING: possible circular locking dependency detected
4.20.0-rc4+ #326 Not tainted
------------------------------------------------------
syz-executor3/10236 is trying to acquire lock:
00000000ee470ed7 ((console_sem).lock){-.-.}
---[ end trace 6f713db88064fbfb ]---
RIP: 0010:vmalloc_fault+0x426/0x770 arch/x86/mm/fault.c:405
Code: e0 e8 5e 27 47 00 48 b8 00 00 00 00 80 88 ff ff 48 ba 00 00 00 00 00 fc ff df 48 01 c3 4d 21 e5 4c 01 eb 48 89 d9 48 c1 e9 03 <80> 3c 11 00 0f 85 b2 02 00 00 48 8b 1b 31 ff 49 89 dc 49 83 e4 9f
RSP: 0000:ffff8881c2d7e928 EFLAGS: 00010006
RAX: ffff888000000000 RBX: 000f110180000060 RCX: 0001e2203000000c
RDX: dffffc0000000000 RSI: ffffffff81386392 RDI: 0000000000000007
RBP: ffff8881c2d7e958 R08: ffff8881c2d741c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000fffffc0000000
R13: 000f888180000000 R14: ffffc90001931030 R15: 1ffffffff12a3f90
FS:  0000000000000000(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001931030 CR3: 000000000946a000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/12/05 01:44 net-next-old 55827458e058 f162ad97 .config console log report ci-upstream-net-kasan-gce
* Struck through repros no longer work on HEAD.