syzbot

 sign-in | mailing list | source | docs
🐞 Open [142]
🐞 Fixed [16]
🐞 Invalid [163]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

general protection fault in aio_run_iocb (2)

Status: auto-closed as invalid on 2020/03/29 02:18
Reported-by: syzbot+b3ac020c09d4b43046c1@syzkaller.appspotmail.com
First crash: 1925d, last: 1818d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-44 general protection fault in aio_run_iocb 2 2168d 2048d 0/2 auto-closed as invalid on 2019/06/12 22:37

Sample crash report:
binder: 24991:24998 ERROR: BC_REGISTER_LOOPER called without request
binder: 24991:24998 ERROR: BC_ENTER_LOOPER called after BC_REGISTER_LOOPER
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 24984 Comm: syz-executor.1 Not tainted 4.4.174+ #4
task: ffff8801d97f5f00 task.stack: ffff8801cb448000
RIP: 0010:[<ffffffff8157fe02>]  [<ffffffff8157fe02>] file_end_write include/linux/fs.h:2555 [inline]
RIP: 0010:[<ffffffff8157fe02>]  [<ffffffff8157fe02>] aio_run_iocb+0x532/0x6f0 fs/aio.c:1480
RSP: 0018:ffff8801cb44fbc0  EFLAGS: 00010246
RAX: dffffc0000000000 RBX: fffffffffffffdef RCX: ffffc90002d77000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8801d97f6f60
RBP: ffff8801cb44fd78 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8800b3503180
R13: 1ffff10039689f7e R14: 0000000000000000 R15: ffff8800b7dc8c20
FS:  00007fa25ae7b700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000002500318 CR3: 00000001d84c0000 CR4: 00000000001606b0
Stack:
 ffff8801d97f67c8 ffffffff8154fcc0 0000000000000002 ffff880100000001
 00000000fffffcdd 0000000020000000 0000000041b58ab3 ffffffff82c5ee80
 ffffffff8157f8d0 ffff8801d97f67b8 0000000041b58ab3 ffffffff82c4d560
Call Trace:
 [<ffffffff81584279>] io_submit_one fs/aio.c:1579 [inline]
 [<ffffffff81584279>] do_io_submit+0x639/0xf10 fs/aio.c:1637
 [<ffffffff81584b78>] SYSC_io_submit fs/aio.c:1662 [inline]
 [<ffffffff81584b78>] SyS_io_submit+0x28/0x30 fs/aio.c:1659
 [<ffffffff82718ba1>] entry_SYSCALL_64_fastpath+0x1e/0x9a
Code: ea 03 48 b8 00 00 00 00 00 fc ff df 80 3c 02 00 0f 85 7c 01 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 76 20 4c 89 f2 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 01 0f 8e 64 01 00 00 41 0f b7 06 66 
RIP  [<ffffffff8157fe02>] file_end_write include/linux/fs.h:2555 [inline]
RIP  [<ffffffff8157fe02>] aio_run_iocb+0x532/0x6f0 fs/aio.c:1480
 RSP <ffff8801cb44fbc0>
---[ end trace c5e43fd821ab6b1a ]---

Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/08/15 04:04 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 0d298d6b .config console log report ci-android-44-kasan-gce
2019/11/30 02:17 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 3a75be00 .config console log report ci-android-44-kasan-gce-386
2019/11/07 09:43 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b d797d201 .config console log report ci-android-44-kasan-gce-386
2019/10/30 06:47 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 5ea87a66 .config console log report ci-android-44-kasan-gce-386
2019/09/28 14:47 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b eb6b9855 .config console log report ci-android-44-kasan-gce-386
* Struck through repros no longer work on HEAD.