Re: [syzbot] upstream boot error: BUG: unable to handle kernel NULL pointer dereference in gic_eoi_irq

[Aleksandr Nogikh]

On Fri, May 12, 2023 at 9:59 AM Geert Uytterhoeven <geert@xxxxxxxxxxxxxx> wrote:
>
> On Thu, May 11, 2023 at 11:41 PM syzbot
> <syzbot+afc1d968649e7e851562@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> > syzbot found the following issue on:
> >
> > HEAD commit:    ac9a78681b92 Linux 6.4-rc1
> > git tree:       upstream
> > console output: https://syzkaller.appspot.com/x/log.txt?x=102a3f6a280000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=cc86fee67199911d
> > dashboard link: https://syzkaller.appspot.com/bug?extid=afc1d968649e7e851562
> > compiler:       arm-linux-gnueabi-gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> > userspace arch: arm
> >
> > Downloadable assets:
> > disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/c35b5b2731d2/non_bootable_disk-ac9a7868.raw.xz
> > vmlinux: https://storage.googleapis.com/syzbot-assets/c04bec59d77d/vmlinux-ac9a7868.xz
> > kernel image: https://storage.googleapis.com/syzbot-assets/070113b307f3/zImage-ac9a7868.xz
> >
> > IMPORTANT: if you fix the issue, please add the following tag to the commit:
> > Reported-by: syzbot+afc1d968649e7e851562@xxxxxxxxxxxxxxxxxxxxxxxxx
> >
> > 8<--- cut here ---
> > Unable to handle kernel NULL pointer dereference at virtual address 000005f4 when read
> > [000005f4] *pgd=80000080004003, *pmd=00000000
> > Internal error: Oops: 207 [#1] PREEMPT SMP ARM
> > Modules linked in:
> > CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.4.0-rc1-syzkaller #0
> > Hardware name: ARM-Versatile Express
> > PC is at gic_eoi_irq+0x64/0x70 drivers/irqchip/irq-gic.c:228
>
> Why is this sent to the renesas-soc maintainers?

The report was attributed to `drivers/irqchip/irq-gic.c` and
`./scripts/get_maintainer.pl -f drivers/irqchip/irq-gic.c` gives
linux-renesas-soc@xxxxxxxxxxxxxxx (open list:ARM/RISC-V/RENESAS ARCHITECTURE)
as one of the output results.

>
> > If you want to change bug's subsystems, reply with:
> > #syz set subsystems: new-subsystem
> > (See the list of subsystem names on the web dashboard)
>
> While I see the list of subsystems there, how do I find out the (wrong?)
> current bug's subsystem?

In this particular case, syzbot was not able to determine any
subsystems (I've sent a fix) and just picked the output of the
get_maintainer.pl script.

[1] https://github.com/google/syzkaller/pull/3893

Otherwise, the bug is a yet another manifestation of
https://lore.kernel.org/all/CANp29Y4Q-VWEWeHmZu0f9tLLik1Va8oDF-s8hAeVkBZbX4K0gg@xxxxxxxxxxxxxx/

#syz invalid

>
> Thanks for fixing!
>
> Gr{oetje,eeting}s,
>
>                         Geert
>
> --
> Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
>
> In personal conversations with technical people, I call myself a hacker. But
> when I'm talking to journalists I just say "programmer" or something like that.
>                                 -- Linus Torvalds
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@xxxxxxxxxxxxxxxx.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/CAMuHMdVVsWdwaAUZ4DTiLFxgVEETx%3DYwOnrZ6qeOyBWE8%3DtKQw%40mail.gmail.com.