[v6.1] WARNING in perf_pending_task
9 views
Skip to first unread message
syzbot
Jun 27, 2025, 9:50:27 AM6/27/25
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 7e69c33e4858 Linux 6.1.142
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=12e7f182580000
kernel config: https://syzkaller.appspot.com/x/.config?x=c13e5b1e791632f6
dashboard link: https://syzkaller.appspot.com/bug?extid=4281a7c76d4ee0c96c3c
compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/33f0e6f8daaf/disk-7e69c33e.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/e22a79bb00c8/vmlinux-7e69c33e.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d80ae3d77164/bzImage-7e69c33e.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+4281a7...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6132 at kernel/events/core.c:6578 perf_sigtrap kernel/events/core.c:6578 [inline]
WARNING: CPU: 1 PID: 6132 at kernel/events/core.c:6578 perf_pending_task+0x358/0x470 kernel/events/core.c:6690
Modules linked in:
CPU: 1 PID: 6132 Comm: syz.2.592 Not tainted 6.1.142-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:perf_sigtrap kernel/events/core.c:6578 [inline]
RIP: 0010:perf_pending_task+0x358/0x470 kernel/events/core.c:6690
Code: ff 84 db 75 14 e8 08 76 d9 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 f4 75 d9 ff e8 27 1f 59 ff eb e5 e8 e8 75 d9 ff <0f> 0b e9 f3 fe ff ff e8 dc 75 d9 ff 48 c7 c7 30 20 9c 8c 4c 89 f6
RSP: 0018:ffffc90003647920 EFLAGS: 00010293
RAX: ffffffff81a76198 RBX: ffff888054f9d858 RCX: ffff88802b51bb80
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: dffffc0000000000 R09: ffffed10056a38b1
R10: ffffed10056a38b1 R11: 1ffff110056a38b0 R12: ffff88802b51bb80
R13: ffff888030c67160 R14: ffff888054f9d620 R15: 1ffff1100a9f3ac4
FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000100000000 CR3: 000000000c68e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
<TASK>
task_work_run+0x1ca/0x250 kernel/task_work.c:203
exit_task_work include/linux/task_work.h:39 [inline]
do_exit+0x93e/0x2400 kernel/exit.c:880
do_group_exit+0x217/0x2d0 kernel/exit.c:1022
get_signal+0x1272/0x1350 kernel/signal.c:2871
arch_do_signal_or_restart+0xb0/0x1230 arch/x86/kernel/signal.c:871
exit_to_user_mode_loop+0x70/0x110 kernel/entry/common.c:174
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
__syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f433918e929
Code: Unable to access opcode bytes at 0x7f433918e8ff.
RSP: 002b:00007f4339f6d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f43393b5fa8 RCX: 00007f433918e929
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f43393b5fa8
RBP: 00007f43393b5fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43393b5fac
R13: 0000000000000000 R14: 00007ffdddfe3ca0 R15: 00007ffdddfe3d88
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 7e69c33e4858 Linux 6.1.142
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=12e7f182580000
kernel config: https://syzkaller.appspot.com/x/.config?x=c13e5b1e791632f6
dashboard link: https://syzkaller.appspot.com/bug?extid=4281a7c76d4ee0c96c3c
compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/33f0e6f8daaf/disk-7e69c33e.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/e22a79bb00c8/vmlinux-7e69c33e.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d80ae3d77164/bzImage-7e69c33e.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+4281a7...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6132 at kernel/events/core.c:6578 perf_sigtrap kernel/events/core.c:6578 [inline]
WARNING: CPU: 1 PID: 6132 at kernel/events/core.c:6578 perf_pending_task+0x358/0x470 kernel/events/core.c:6690
Modules linked in:
CPU: 1 PID: 6132 Comm: syz.2.592 Not tainted 6.1.142-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:perf_sigtrap kernel/events/core.c:6578 [inline]
RIP: 0010:perf_pending_task+0x358/0x470 kernel/events/core.c:6690
Code: ff 84 db 75 14 e8 08 76 d9 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 f4 75 d9 ff e8 27 1f 59 ff eb e5 e8 e8 75 d9 ff <0f> 0b e9 f3 fe ff ff e8 dc 75 d9 ff 48 c7 c7 30 20 9c 8c 4c 89 f6
RSP: 0018:ffffc90003647920 EFLAGS: 00010293
RAX: ffffffff81a76198 RBX: ffff888054f9d858 RCX: ffff88802b51bb80
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: dffffc0000000000 R09: ffffed10056a38b1
R10: ffffed10056a38b1 R11: 1ffff110056a38b0 R12: ffff88802b51bb80
R13: ffff888030c67160 R14: ffff888054f9d620 R15: 1ffff1100a9f3ac4
FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000100000000 CR3: 000000000c68e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
<TASK>
task_work_run+0x1ca/0x250 kernel/task_work.c:203
exit_task_work include/linux/task_work.h:39 [inline]
do_exit+0x93e/0x2400 kernel/exit.c:880
do_group_exit+0x217/0x2d0 kernel/exit.c:1022
get_signal+0x1272/0x1350 kernel/signal.c:2871
arch_do_signal_or_restart+0xb0/0x1230 arch/x86/kernel/signal.c:871
exit_to_user_mode_loop+0x70/0x110 kernel/entry/common.c:174
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
__syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f433918e929
Code: Unable to access opcode bytes at 0x7f433918e8ff.
RSP: 002b:00007f4339f6d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f43393b5fa8 RCX: 00007f433918e929
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f43393b5fa8
RBP: 00007f43393b5fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f43393b5fac
R13: 0000000000000000 R14: 00007ffdddfe3ca0 R15: 00007ffdddfe3d88
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Jun 29, 2025, 6:30:27 AM6/29/25
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 3dea0e7f549e Linux 5.15.186
syzbot found the following issue on:
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1249888c580000
kernel config: https://syzkaller.appspot.com/x/.config?x=918afca6cf85eccf
dashboard link: https://syzkaller.appspot.com/bug?extid=5033aaab8eff7ec95477
compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/9e3bf086bd0b/disk-3dea0e7f.raw.xz
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
vmlinux: https://storage.googleapis.com/syzbot-assets/fb0fccc1c763/vmlinux-3dea0e7f.xz
kernel image: https://storage.googleapis.com/syzbot-assets/a218d5b0aea9/bzImage-3dea0e7f.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6837 at kernel/events/core.c:6674 perf_sigtrap kernel/events/core.c:6674 [inline]
WARNING: CPU: 1 PID: 6837 at kernel/events/core.c:6674 perf_pending_task+0x358/0x470 kernel/events/core.c:6786
Modules linked in:
CPU: 1 PID: 6837 Comm: syz.0.1051 Not tainted 5.15.186-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:perf_sigtrap kernel/events/core.c:6674 [inline]
RIP: 0010:perf_pending_task+0x358/0x470 kernel/events/core.c:6786
Code: ff 84 db 75 14 e8 28 8a dd ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 14 8a dd ff e8 97 41 66 ff eb e5 e8 08 8a dd ff <0f> 0b e9 f3 fe ff ff e8 fc 89 dd ff 48 c7 c7 40 2e 1a 8c 4c 89 f6
RSP: 0018:ffffc9000337f9d8 EFLAGS: 00010293
RAX: ffffffff819a3908 RBX: ffff88807567b410 RCX: ffff88802c1e5940
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: dffffc0000000000 R09: ffffed100583cc6b
R10: ffffed100583cc6b R11: 1ffff1100583cc6a R12: ffff88802c1e5940
R13: ffff88806016f558 R14: ffff88807567b1e0 R15: 1ffff1100eacf63c
FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000100000000 CR3: 00000000799ae000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000200000000300
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
<TASK>
task_work_run+0x125/0x1a0 kernel/task_work.c:188
Call Trace:
<TASK>
exit_task_work include/linux/task_work.h:33 [inline]
do_exit+0x61e/0x20a0 kernel/exit.c:883
do_group_exit+0x12e/0x300 kernel/exit.c:997
get_signal+0x6ca/0x12c0 kernel/signal.c:2900
arch_do_signal_or_restart+0xc1/0x1300 arch/x86/kernel/signal.c:867
handle_signal_work kernel/entry/common.c:154 [inline]
exit_to_user_mode_loop+0x9e/0x130 kernel/entry/common.c:178
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:214
__syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline]
syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:307
do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:86
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f213181a929
Code: Unable to access opcode bytes at RIP 0x7f213181a8ff.
RSP: 002b:00007f212f6820e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f2131a41fa8 RCX: 00007f213181a929
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2131a41fa8
RBP: 00007f2131a41fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2131a41fac
R13: 0000000000000000 R14: 00007ffd6134fae0 R15: 00007ffd6134fbc8
syzbot
Jun 29, 2025, 5:32:27 PM6/29/25
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 7e69c33e4858 Linux 6.1.142
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=17f82770580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149ae88c580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/33f0e6f8daaf/disk-7e69c33e.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/e22a79bb00c8/vmlinux-7e69c33e.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d80ae3d77164/bzImage-7e69c33e.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+4281a7...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4671 at kernel/events/core.c:6578 perf_sigtrap kernel/events/core.c:6578 [inline]
WARNING: CPU: 0 PID: 4671 at kernel/events/core.c:6578 perf_pending_task+0x358/0x470 kernel/events/core.c:6690
Modules linked in:
CPU: 0 PID: 4671 Comm: syz.0.104 Not tainted 6.1.142-syzkaller #0
RAX: ffffffff81a76198 RBX: ffff88801d244c58 RCX: ffff88802e26d940
R10: ffffed1005c4dc69 R11: 1ffff11005c4dc68 R12: ffff88802e26d940
R13: ffff88807ac7b960 R14: ffff88801d244a20 R15: 1ffff11003a48944
FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
Code: Unable to access opcode bytes at 0x7fac9198e8ff.
RSP: 002b:00007fac9283b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007fac91bb5fa8 RCX: 00007fac9198e929
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac91bb5fa8
RBP: 00007fac91bb5fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac91bb5fac
R13: 0000000000000000 R14: 00007ffd12196190 R15: 00007ffd12196278
</TASK>
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
HEAD commit: 7e69c33e4858 Linux 6.1.142
git tree: linux-6.1.y
kernel config: https://syzkaller.appspot.com/x/.config?x=c13e5b1e791632f6
dashboard link: https://syzkaller.appspot.com/bug?extid=4281a7c76d4ee0c96c3c
compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=130663d4580000
dashboard link: https://syzkaller.appspot.com/bug?extid=4281a7c76d4ee0c96c3c
compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149ae88c580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/33f0e6f8daaf/disk-7e69c33e.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/e22a79bb00c8/vmlinux-7e69c33e.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d80ae3d77164/bzImage-7e69c33e.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+4281a7...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4671 at kernel/events/core.c:6578 perf_pending_task+0x358/0x470 kernel/events/core.c:6690
Modules linked in:
CPU: 0 PID: 4671 Comm: syz.0.104 Not tainted 6.1.142-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:perf_sigtrap kernel/events/core.c:6578 [inline]
RIP: 0010:perf_pending_task+0x358/0x470 kernel/events/core.c:6690
Code: ff 84 db 75 14 e8 08 76 d9 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 f4 75 d9 ff e8 27 1f 59 ff eb e5 e8 e8 75 d9 ff <0f> 0b e9 f3 fe ff ff e8 dc 75 d9 ff 48 c7 c7 30 20 9c 8c 4c 89 f6
RSP: 0018:ffffc90003c17920 EFLAGS: 00010293
RIP: 0010:perf_sigtrap kernel/events/core.c:6578 [inline]
RIP: 0010:perf_pending_task+0x358/0x470 kernel/events/core.c:6690
Code: ff 84 db 75 14 e8 08 76 d9 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 f4 75 d9 ff e8 27 1f 59 ff eb e5 e8 e8 75 d9 ff <0f> 0b e9 f3 fe ff ff e8 dc 75 d9 ff 48 c7 c7 30 20 9c 8c 4c 89 f6
RAX: ffffffff81a76198 RBX: ffff88801d244c58 RCX: ffff88802e26d940
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: dffffc0000000000 R09: ffffed1005c4dc69
R10: ffffed1005c4dc69 R11: 1ffff11005c4dc68 R12: ffff88802e26d940
R13: ffff88807ac7b960 R14: ffff88801d244a20 R15: 1ffff11003a48944
FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fac91bb7bac CR3: 000000000c68e000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
task_work_run+0x1ca/0x250 kernel/task_work.c:203
exit_task_work include/linux/task_work.h:39 [inline]
do_exit+0x93e/0x2400 kernel/exit.c:880
do_group_exit+0x217/0x2d0 kernel/exit.c:1022
get_signal+0x1272/0x1350 kernel/signal.c:2871
arch_do_signal_or_restart+0xb0/0x1230 arch/x86/kernel/signal.c:871
exit_to_user_mode_loop+0x70/0x110 kernel/entry/common.c:174
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
__syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fac9198e929
<TASK>
task_work_run+0x1ca/0x250 kernel/task_work.c:203
exit_task_work include/linux/task_work.h:39 [inline]
do_exit+0x93e/0x2400 kernel/exit.c:880
do_group_exit+0x217/0x2d0 kernel/exit.c:1022
get_signal+0x1272/0x1350 kernel/signal.c:2871
arch_do_signal_or_restart+0xb0/0x1230 arch/x86/kernel/signal.c:871
exit_to_user_mode_loop+0x70/0x110 kernel/entry/common.c:174
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
__syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:303
do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
Code: Unable to access opcode bytes at 0x7fac9198e8ff.
RSP: 002b:00007fac9283b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007fac91bb5fa8 RCX: 00007fac9198e929
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac91bb5fa8
RBP: 00007fac91bb5fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac91bb5fac
R13: 0000000000000000 R14: 00007ffd12196190 R15: 00007ffd12196278
</TASK>
---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
syzbot
Jul 3, 2025, 4:45:32 AM7/3/25
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 3f5b4c104b7d Linux 6.6.95
git tree: linux-6.6.y
console output: https://syzkaller.appspot.com/x/log.txt?x=170ff982580000
kernel config: https://syzkaller.appspot.com/x/.config?x=b80883c3ded77c16
dashboard link: https://syzkaller.appspot.com/bug?extid=dcea8245497cc56e2a7e
disk image: https://storage.googleapis.com/syzbot-assets/b90be1cc605f/disk-3f5b4c10.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/418b1581e71f/vmlinux-3f5b4c10.xz
kernel image: https://storage.googleapis.com/syzbot-assets/7080507673e3/bzImage-3f5b4c10.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dcea82...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 11079 at kernel/events/core.c:6792 perf_sigtrap kernel/events/core.c:6792 [inline]
WARNING: CPU: 1 PID: 11079 at kernel/events/core.c:6792 perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Modules linked in:
CPU: 1 PID: 11079 Comm: syz.8.1180 Not tainted 6.6.95-syzkaller #0
RIP: 0010:perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Code: ff 84 db 75 14 e8 64 e2 d4 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 50 e2 d4 ff e8 0b e8 4f ff eb e5 e8 44 e2 d4 ff <0f> 0b e9 f3 fe ff ff e8 38 e2 d4 ff 48 c7 c7 d0 ec dc 8c 4c 89 f6
RSP: 0018:ffffc90002ee7a00 EFLAGS: 00010293
RAX: ffffffff81b0b41c RBX: ffff88801ba65fd0 RCX: ffff88802bef0000
R10: dffffc0000000000 R11: fffffbfff1c93586 R12: ffff88802bef0000
R13: ffff88802be14130 R14: ffff88801ba65d90 R15: 1ffff1100374cbb2
FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
exit_task_work include/linux/task_work.h:43 [inline]
do_exit+0x90b/0x23c0 kernel/exit.c:883
do_group_exit+0x21b/0x2d0 kernel/exit.c:1024
get_signal+0x12fc/0x1400 kernel/signal.c:2902
arch_do_signal_or_restart+0x96/0x780 arch/x86/kernel/signal.c:310
syscall_exit_to_user_mode+0x1a/0x50 kernel/entry/common.c:302
do_syscall_64+0x61/0xb0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fd5e7f8e929
Code: Unable to access opcode bytes at 0x7fd5e7f8e8ff.
RSP: 002b:00007fd5e8d71fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
RAX: fffffffffffffff2 RBX: 00007fd5e81b5fa0 RCX: 00007fd5e7f8e929
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020083400
RBP: 00007fd5e8010b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fd5e81b5fa0 R15: 00007ffc1fdcfef8
syzbot found the following issue on:
HEAD commit: 3f5b4c104b7d Linux 6.6.95
git tree: linux-6.6.y
console output: https://syzkaller.appspot.com/x/log.txt?x=170ff982580000
kernel config: https://syzkaller.appspot.com/x/.config?x=b80883c3ded77c16
dashboard link: https://syzkaller.appspot.com/bug?extid=dcea8245497cc56e2a7e
compiler: Debian clang version 20.1.6 (++20250514063057+1e4d39e07757-1~exp1~20250514183223.118), Debian LLD 20.1.6
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/b90be1cc605f/disk-3f5b4c10.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/418b1581e71f/vmlinux-3f5b4c10.xz
kernel image: https://storage.googleapis.com/syzbot-assets/7080507673e3/bzImage-3f5b4c10.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 11079 at kernel/events/core.c:6792 perf_sigtrap kernel/events/core.c:6792 [inline]
WARNING: CPU: 1 PID: 11079 at kernel/events/core.c:6792 perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Modules linked in:
CPU: 1 PID: 11079 Comm: syz.8.1180 Not tainted 6.6.95-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:perf_sigtrap kernel/events/core.c:6792 [inline]
RIP: 0010:perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Code: ff 84 db 75 14 e8 64 e2 d4 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 50 e2 d4 ff e8 0b e8 4f ff eb e5 e8 44 e2 d4 ff <0f> 0b e9 f3 fe ff ff e8 38 e2 d4 ff 48 c7 c7 d0 ec dc 8c 4c 89 f6
RSP: 0018:ffffc90002ee7a00 EFLAGS: 00010293
RAX: ffffffff81b0b41c RBX: ffff88801ba65fd0 RCX: ffff88802bef0000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff8e49ac2f R09: 1ffffffff1c93585
R10: dffffc0000000000 R11: fffffbfff1c93586 R12: ffff88802bef0000
R13: ffff88802be14130 R14: ffff88801ba65d90 R15: 1ffff1100374cbb2
FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd5e8d72990 CR3: 000000004601f000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
<TASK>
task_work_run+0x1ce/0x250 kernel/task_work.c:239
Call Trace:
<TASK>
exit_task_work include/linux/task_work.h:43 [inline]
do_exit+0x90b/0x23c0 kernel/exit.c:883
do_group_exit+0x21b/0x2d0 kernel/exit.c:1024
get_signal+0x12fc/0x1400 kernel/signal.c:2902
arch_do_signal_or_restart+0x96/0x780 arch/x86/kernel/signal.c:310
exit_to_user_mode_loop+0x70/0x110 kernel/entry/common.c:174
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
__syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
syscall_exit_to_user_mode+0x1a/0x50 kernel/entry/common.c:302
do_syscall_64+0x61/0xb0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fd5e7f8e929
Code: Unable to access opcode bytes at 0x7fd5e7f8e8ff.
RSP: 002b:00007fd5e8d71fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
RAX: fffffffffffffff2 RBX: 00007fd5e81b5fa0 RCX: 00007fd5e7f8e929
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020083400
RBP: 00007fd5e8010b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fd5e81b5fa0 R15: 00007ffc1fdcfef8
syzbot
Jul 4, 2025, 6:11:28 PM7/4/25
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 3dea0e7f549e Linux 5.15.186
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=170b6c8c580000
kernel config: https://syzkaller.appspot.com/x/.config?x=644ffcb58c0b09d3
dashboard link: https://syzkaller.appspot.com/bug?extid=5033aaab8eff7ec95477
compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15738f70580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=119f7ebc580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/18c6934050ef/disk-3dea0e7f.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/fa07cfbbc70c/vmlinux-3dea0e7f.xz
kernel image: https://storage.googleapis.com/syzbot-assets/8297f44f0ccb/bzImage-3dea0e7f.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+5033aa...@syzkaller.appspotmail.com
RBP: 00007f25c9883090 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffffffffffff R11: 0000000000000293 R12: 0000000000000001
R13: 0000000000000001 R14: 00007f25ca83afa0 R15: 00007fff1ee08d08
</TASK>
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4497 at kernel/events/core.c:6674 perf_sigtrap kernel/events/core.c:6674 [inline]
WARNING: CPU: 0 PID: 4497 at kernel/events/core.c:6674 perf_pending_task+0x358/0x470 kernel/events/core.c:6786
Modules linked in:
CPU: 0 PID: 4497 Comm: syz.0.27 Not tainted 5.15.186-syzkaller #0
RAX: ffffffff819a3908 RBX: ffff88813fe42e18 RCX: ffff888021d73b80
R10: ffffed10043ae8b3 R11: 1ffff110043ae8b2 R12: ffff888021d73b80
R13: ffff888060659d58 R14: ffff88813fe42be8 R15: 1ffff11027fc857d
FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
__se_sys_exit_group kernel/exit.c:1006 [inline]
__x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1006
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f25ca613929
Code: Unable to access opcode bytes at RIP 0x7f25ca6138ff.
RSP: 002b:00007f25c9882f48 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 00007f25ca672bc8 RCX: 00007f25ca613929
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
RBP: 000000000000000e R08: 00007f25c9880ce6 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 0000000000000001 R14: 00007f25ca83afa0 R15: 00007fff1ee08d08
HEAD commit: 3dea0e7f549e Linux 5.15.186
git tree: linux-5.15.y
kernel config: https://syzkaller.appspot.com/x/.config?x=644ffcb58c0b09d3
dashboard link: https://syzkaller.appspot.com/bug?extid=5033aaab8eff7ec95477
compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15738f70580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=119f7ebc580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/18c6934050ef/disk-3dea0e7f.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/fa07cfbbc70c/vmlinux-3dea0e7f.xz
kernel image: https://storage.googleapis.com/syzbot-assets/8297f44f0ccb/bzImage-3dea0e7f.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+5033aa...@syzkaller.appspotmail.com
R10: ffffffffffffffff R11: 0000000000000293 R12: 0000000000000001
R13: 0000000000000001 R14: 00007f25ca83afa0 R15: 00007fff1ee08d08
</TASK>
------------[ cut here ]------------
WARNING: CPU: 0 PID: 4497 at kernel/events/core.c:6674 perf_sigtrap kernel/events/core.c:6674 [inline]
WARNING: CPU: 0 PID: 4497 at kernel/events/core.c:6674 perf_pending_task+0x358/0x470 kernel/events/core.c:6786
Modules linked in:
CPU: 0 PID: 4497 Comm: syz.0.27 Not tainted 5.15.186-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:perf_sigtrap kernel/events/core.c:6674 [inline]
RIP: 0010:perf_pending_task+0x358/0x470 kernel/events/core.c:6786
Code: ff 84 db 75 14 e8 28 8a dd ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 14 8a dd ff e8 97 41 66 ff eb e5 e8 08 8a dd ff <0f> 0b e9 f3 fe ff ff e8 fc 89 dd ff 48 c7 c7 40 2e 1a 8c 4c 89 f6
RSP: 0018:ffffc90004f1fd18 EFLAGS: 00010293
RIP: 0010:perf_sigtrap kernel/events/core.c:6674 [inline]
RIP: 0010:perf_pending_task+0x358/0x470 kernel/events/core.c:6786
Code: ff 84 db 75 14 e8 28 8a dd ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 14 8a dd ff e8 97 41 66 ff eb e5 e8 08 8a dd ff <0f> 0b e9 f3 fe ff ff e8 fc 89 dd ff 48 c7 c7 40 2e 1a 8c 4c 89 f6
RAX: ffffffff819a3908 RBX: ffff88813fe42e18 RCX: ffff888021d73b80
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: dffffc0000000000 R09: ffffed10043ae8b3
R10: ffffed10043ae8b3 R11: 1ffff110043ae8b2 R12: ffff888021d73b80
R13: ffff888060659d58 R14: ffff88813fe42be8 R15: 1ffff11027fc857d
FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005555652fc7d0 CR3: 000000000be8e000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
task_work_run+0x125/0x1a0 kernel/task_work.c:188
exit_task_work include/linux/task_work.h:33 [inline]
do_exit+0x61e/0x20a0 kernel/exit.c:883
do_group_exit+0x12e/0x300 kernel/exit.c:997
__do_sys_exit_group kernel/exit.c:1008 [inline]
<TASK>
task_work_run+0x125/0x1a0 kernel/task_work.c:188
exit_task_work include/linux/task_work.h:33 [inline]
do_exit+0x61e/0x20a0 kernel/exit.c:883
do_group_exit+0x12e/0x300 kernel/exit.c:997
__se_sys_exit_group kernel/exit.c:1006 [inline]
__x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1006
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f25ca613929
Code: Unable to access opcode bytes at RIP 0x7f25ca6138ff.
RSP: 002b:00007f25c9882f48 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 00007f25ca672bc8 RCX: 00007f25ca613929
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
RBP: 000000000000000e R08: 00007f25c9880ce6 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 0000000000000001 R14: 00007f25ca83afa0 R15: 00007fff1ee08d08
syzbot
Jul 9, 2025, 2:23:30 AM7/9/25
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: a5df3a702b2c Linux 6.6.96
git tree: linux-6.6.y
console output: https://syzkaller.appspot.com/x/log.txt?x=11976bd4580000
kernel config: https://syzkaller.appspot.com/x/.config?x=2632deddafa957e8
dashboard link: https://syzkaller.appspot.com/bug?extid=dcea8245497cc56e2a7e
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/2e53206591a8/disk-a5df3a70.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0c9ced596c19/vmlinux-a5df3a70.xz
kernel image: https://storage.googleapis.com/syzbot-assets/9c19218525b0/bzImage-a5df3a70.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dcea82...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6059 at kernel/events/core.c:6792 perf_sigtrap kernel/events/core.c:6792 [inline]
WARNING: CPU: 0 PID: 6059 at kernel/events/core.c:6792 perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Modules linked in:
CPU: 0 PID: 6059 Comm: syz.3.19 Not tainted 6.6.96-syzkaller #0
RAX: ffffffff81b0b41c RBX: ffff88801ba7a2e0 RCX: ffff8880235e0000
R10: dffffc0000000000 R11: fffffbfff1c94ff6 R12: ffff8880235e0000
R13: ffff8880301a7d30 R14: ffff88801ba7a0a0 R15: 1ffff1100374f414
FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
Code: Unable to access opcode bytes at 0x7f3be5d8e8ff.
RSP: 002b:00007f3be6bfbfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
RAX: fffffffffffffff4 RBX: 00007f3be5fb5fa0 RCX: 00007f3be5d8e929
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
RBP: 00007f3be5e10b39 R08: 0000000000000000 R09: 0000000000000000
HEAD commit: a5df3a702b2c Linux 6.6.96
git tree: linux-6.6.y
console output: https://syzkaller.appspot.com/x/log.txt?x=11976bd4580000
kernel config: https://syzkaller.appspot.com/x/.config?x=2632deddafa957e8
dashboard link: https://syzkaller.appspot.com/bug?extid=dcea8245497cc56e2a7e
compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14e17f70580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/2e53206591a8/disk-a5df3a70.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0c9ced596c19/vmlinux-a5df3a70.xz
kernel image: https://storage.googleapis.com/syzbot-assets/9c19218525b0/bzImage-a5df3a70.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dcea82...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6059 at kernel/events/core.c:6792 perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Modules linked in:
CPU: 0 PID: 6059 Comm: syz.3.19 Not tainted 6.6.96-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:perf_sigtrap kernel/events/core.c:6792 [inline]
RIP: 0010:perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Code: ff 84 db 75 14 e8 64 e2 d4 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 50 e2 d4 ff e8 0b e8 4f ff eb e5 e8 44 e2 d4 ff <0f> 0b e9 f3 fe ff ff e8 38 e2 d4 ff 48 c7 c7 d0 ec dc 8c 4c 89 f6
RSP: 0018:ffffc9000470fa00 EFLAGS: 00010293
RIP: 0010:perf_sigtrap kernel/events/core.c:6792 [inline]
RIP: 0010:perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Code: ff 84 db 75 14 e8 64 e2 d4 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 50 e2 d4 ff e8 0b e8 4f ff eb e5 e8 44 e2 d4 ff <0f> 0b e9 f3 fe ff ff e8 38 e2 d4 ff 48 c7 c7 d0 ec dc 8c 4c 89 f6
RAX: ffffffff81b0b41c RBX: ffff88801ba7a2e0 RCX: ffff8880235e0000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff8e4a7faf R09: 1ffffffff1c94ff5
R10: dffffc0000000000 R11: fffffbfff1c94ff6 R12: ffff8880235e0000
R13: ffff8880301a7d30 R14: ffff88801ba7a0a0 R15: 1ffff1100374f414
FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f3be6bfc990 CR3: 0000000079376000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
task_work_run+0x1ce/0x250 kernel/task_work.c:239
exit_task_work include/linux/task_work.h:43 [inline]
do_exit+0x90b/0x23c0 kernel/exit.c:883
do_group_exit+0x21b/0x2d0 kernel/exit.c:1024
get_signal+0x12fc/0x1400 kernel/signal.c:2902
arch_do_signal_or_restart+0x96/0x780 arch/x86/kernel/signal.c:310
exit_to_user_mode_loop+0x70/0x110 kernel/entry/common.c:174
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
__syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
syscall_exit_to_user_mode+0x1a/0x50 kernel/entry/common.c:302
do_syscall_64+0x61/0xb0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f3be5d8e929
<TASK>
task_work_run+0x1ce/0x250 kernel/task_work.c:239
exit_task_work include/linux/task_work.h:43 [inline]
do_exit+0x90b/0x23c0 kernel/exit.c:883
do_group_exit+0x21b/0x2d0 kernel/exit.c:1024
get_signal+0x12fc/0x1400 kernel/signal.c:2902
arch_do_signal_or_restart+0x96/0x780 arch/x86/kernel/signal.c:310
exit_to_user_mode_loop+0x70/0x110 kernel/entry/common.c:174
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
__syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
syscall_exit_to_user_mode+0x1a/0x50 kernel/entry/common.c:302
do_syscall_64+0x61/0xb0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
Code: Unable to access opcode bytes at 0x7f3be5d8e8ff.
RSP: 002b:00007f3be6bfbfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
RAX: fffffffffffffff4 RBX: 00007f3be5fb5fa0 RCX: 00007f3be5d8e929
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
RBP: 00007f3be5e10b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f3be5fb5fa0 R15: 00007ffc0b63ca28
syzbot
Jul 10, 2025, 9:28:28 AM7/10/25
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: a5df3a702b2c Linux 6.6.96
git tree: linux-6.6.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1222da8c580000
kernel config: https://syzkaller.appspot.com/x/.config?x=2632deddafa957e8
dashboard link: https://syzkaller.appspot.com/bug?extid=dcea8245497cc56e2a7e
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11def582580000
Downloadable assets:
WARNING: CPU: 1 PID: 5954 at kernel/events/core.c:6792 perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Modules linked in:
CPU: 1 PID: 5954 Comm: syz.0.19 Not tainted 6.6.96-syzkaller #0
RAX: ffffffff81b0b41c RBX: ffff88807b9d16b0 RCX: ffff888021d25a00
R13: ffff88802647f130 R14: ffff88807b9d1470 R15: 1ffff1100f73a28e
__se_sys_exit_group kernel/exit.c:1033 [inline]
__x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1033
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x55/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fd21318e929
Code: Unable to access opcode bytes at 0x7fd21318e8ff.
RSP: 002b:00007fff51ea7d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd21318e929
RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007fff51ea7ddc R08: 0000000851ea7e6f R09: 00000000000927c0
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000003
R13: 00000000000927c0 R14: 0000000000017bc0 R15: 00007fff51ea7e30
HEAD commit: a5df3a702b2c Linux 6.6.96
git tree: linux-6.6.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1222da8c580000
kernel config: https://syzkaller.appspot.com/x/.config?x=2632deddafa957e8
dashboard link: https://syzkaller.appspot.com/bug?extid=dcea8245497cc56e2a7e
compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=113d40f0580000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11def582580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/2e53206591a8/disk-a5df3a70.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0c9ced596c19/vmlinux-a5df3a70.xz
kernel image: https://storage.googleapis.com/syzbot-assets/9c19218525b0/bzImage-a5df3a70.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0c9ced596c19/vmlinux-a5df3a70.xz
kernel image: https://storage.googleapis.com/syzbot-assets/9c19218525b0/bzImage-a5df3a70.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dcea82...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 5954 at kernel/events/core.c:6792 perf_sigtrap kernel/events/core.c:6792 [inline]
Reported-by: syzbot+dcea82...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 5954 at kernel/events/core.c:6792 perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Modules linked in:
CPU: 1 PID: 5954 Comm: syz.0.19 Not tainted 6.6.96-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:perf_sigtrap kernel/events/core.c:6792 [inline]
RIP: 0010:perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Code: ff 84 db 75 14 e8 64 e2 d4 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 50 e2 d4 ff e8 0b e8 4f ff eb e5 e8 44 e2 d4 ff <0f> 0b e9 f3 fe ff ff e8 38 e2 d4 ff 48 c7 c7 d0 ec dc 8c 4c 89 f6
RSP: 0018:ffffc90002e57c60 EFLAGS: 00010293
RIP: 0010:perf_sigtrap kernel/events/core.c:6792 [inline]
RIP: 0010:perf_pending_task+0x35c/0x470 kernel/events/core.c:6904
Code: ff 84 db 75 14 e8 64 e2 d4 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 50 e2 d4 ff e8 0b e8 4f ff eb e5 e8 44 e2 d4 ff <0f> 0b e9 f3 fe ff ff e8 38 e2 d4 ff 48 c7 c7 d0 ec dc 8c 4c 89 f6
RAX: ffffffff81b0b41c RBX: ffff88807b9d16b0 RCX: ffff888021d25a00
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff8e4a7faf R09: 1ffffffff1c94ff5
R10: dffffc0000000000 R11: fffffbfff1c94ff6 R12: ffff888021d25a00
R13: ffff88802647f130 R14: ffff88807b9d1470 R15: 1ffff1100f73a28e
FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005555676e4808 CR3: 0000000026660000 CR4: 00000000003506e0
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
task_work_run+0x1ce/0x250 kernel/task_work.c:239
exit_task_work include/linux/task_work.h:43 [inline]
do_exit+0x90b/0x23c0 kernel/exit.c:883
do_group_exit+0x21b/0x2d0 kernel/exit.c:1024
__do_sys_exit_group kernel/exit.c:1035 [inline]
<TASK>
task_work_run+0x1ce/0x250 kernel/task_work.c:239
exit_task_work include/linux/task_work.h:43 [inline]
do_exit+0x90b/0x23c0 kernel/exit.c:883
do_group_exit+0x21b/0x2d0 kernel/exit.c:1024
__se_sys_exit_group kernel/exit.c:1033 [inline]
__x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1033
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x55/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fd21318e929
Code: Unable to access opcode bytes at 0x7fd21318e8ff.
RSP: 002b:00007fff51ea7d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd21318e929
RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007fff51ea7ddc R08: 0000000851ea7e6f R09: 00000000000927c0
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000003
R13: 00000000000927c0 R14: 0000000000017bc0 R15: 00007fff51ea7e30
Reply all
Reply to author
Forward
0 new messages