syzbot

 sign-in | mailing list | source | docs
🐞 Open [981] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12500] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

general protection fault in clear_inode

Status: auto-closed as invalid on 2020/11/26 05:26
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+87628f613a1db40d798d@syzkaller.appspotmail.com
First crash: 1335d, last: 1335d

Sample crash report:
general protection fault, probably for non-canonical address 0xdffffc0000004400: 0000 [#1] PREEMPT SMP KASAN
KASAN: probably user-memory-access in range [0x0000000000022000-0x0000000000022007]
CPU: 1 PID: 7122 Comm: syz-executor.4 Not tainted 5.9.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:strlen+0x1a/0x90 lib/string.c:544
Code: ff 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 89 fd 48 c1 ea 03 53 48 83 ec 08 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 04 84 c0 75 48 80 7d 00 00
RSP: 0018:ffffc9000528fa90 EFLAGS: 00010086
RAX: dffffc0000000000 RBX: 0000000000000001 RCX: 0000000000000000
RDX: 0000000000004400 RSI: ffff888000807848 RDI: 0000000000022000
RBP: 0000000000022000 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff81595940 R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff89bbd3c0 R14: ffff888000807848 R15: ffffc9000528fb70
FS:  0000000003566940(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000744138 CR3: 000000009025c000 CR4: 00000000001526e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 strlen include/linux/string.h:328 [inline]
 trace_event_get_offsets_lock_acquire include/trace/events/lock.h:13 [inline]
 perf_trace_lock_acquire+0xbe/0x520 include/trace/events/lock.h:13
 trace_lock_acquire include/trace/events/lock.h:13 [inline]
 lock_acquire+0x382/0xad0 kernel/locking/lockdep.c:5004
 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:128 [inline]
 _raw_spin_lock_irq+0x5b/0x80 kernel/locking/spinlock.c:167
 spin_lock_irq include/linux/spinlock.h:379 [inline]
 clear_inode+0x1b/0x1e0 fs/inode.c:529
 evict+0x5c8/0x750 fs/inode.c:579
 iput_final fs/inode.c:1652 [inline]
 iput.part.0+0x424/0x850 fs/inode.c:1678
 iput+0x58/0x70 fs/inode.c:1668
 dentry_unlink_inode+0x2b1/0x3d0 fs/dcache.c:374
 __dentry_kill+0x3c0/0x640 fs/dcache.c:579
 dentry_kill fs/dcache.c:705 [inline]
 dput+0x725/0xbc0 fs/dcache.c:878
 __fput+0x3ab/0x920 fs/file_table.c:294
 task_work_run+0xdd/0x190 kernel/task_work.c:141
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:140 [inline]
 exit_to_user_mode_prepare+0x195/0x1c0 kernel/entry/common.c:167
 syscall_exit_to_user_mode+0x59/0x2b0 kernel/entry/common.c:242
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x416f01
Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
RSP: 002b:000000000169f6c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000416f01
RDX: 00000000000000e0 RSI: 000000000169f790 RDI: 0000000000000003
RBP: 000000000169f6e0 R08: 000000000169f6dc R09: 000000000000000a
R10: 000000000169f6e0 R11: 0000000000000293 R12: 0000000000000003
R13: 00000000007454c0 R14: 0000000000744dc8 R15: 0000000000001380
Modules linked in:
---[ end trace 4cabde388f3480f6 ]---
RIP: 0010:strlen+0x1a/0x90 lib/string.c:544
Code: ff 0f 1f 44 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 89 fd 48 c1 ea 03 53 48 83 ec 08 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 04 84 c0 75 48 80 7d 00 00
RSP: 0018:ffffc9000528fa90 EFLAGS: 00010086
RAX: dffffc0000000000 RBX: 0000000000000001 RCX: 0000000000000000
RDX: 0000000000004400 RSI: ffff888000807848 RDI: 0000000000022000
RBP: 0000000000022000 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff81595940 R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff89bbd3c0 R14: ffff888000807848 R15: ffffc9000528fb70
FS:  0000000003566940(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000744138 CR3: 000000009025c000 CR4: 00000000001526e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/08/28 05:25 upstream 15bc20c6af4c 816e0689 .config console log report ci-upstream-kasan-gce
* Struck through repros no longer work on HEAD.