syzbot

 sign-in | mailing list | source | docs
🐞 Open [825]
🐞 Fixed [87]
🐞 Invalid [1179]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

KASAN: null-ptr-deref Read in do_journal_end

Status: upstream: reported C repro on 2023/04/06 14:35
Bug presence: origin:lts-only
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+3c8d7233d04a6103ddb1@syzkaller.appspotmail.com
First crash: 1010d, last: 6h43m
Fix commit to backport (bisect log) :
tree: upstream
commit fb6f20ecb121cef4d7946f834a6ee867c4e21b4a
Author: Jan Kara <jack@suse.cz>
Date: Thu Oct 17 10:28:23 2024 +0000

  reiserfs: The last commit

  
Fix bisection: failed (error log, bisect log)
  
Bug presence (2)
Date Name Commit Repro Result
2025/09/09 linux-5.15.y (ToT) 7a6c2d093c45 C [report] KASAN: null-ptr-deref Read in do_journal_end
2025/09/09 upstream (ToT) f777d1112ee5 C Didn't crash
Similar bugs (6)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.6 KASAN: null-ptr-deref Read in do_journal_end origin:lts-only 11 C inconclusive 40 3d17h 158d 0/2 upstream: reported C repro on 2025/08/05 01:55
linux-6.1 BUG: unable to handle kernel paging request in do_journal_end origin:upstream missing-backport 11 C done 848 3h14m 873d 0/3 upstream: reported C repro on 2023/08/21 09:50
upstream KASAN: null-ptr-deref Read in do_journal_end (2) fs 15 C error done 40699 733d 1260d 0/29 auto-obsoleted due to no activity on 2024/03/18 13:22
upstream KASAN: null-ptr-deref Read in do_journal_end fs 11 1 1540d 1535d 0/29 auto-closed as invalid on 2022/02/20 18:03
linux-4.19 general protection fault in do_journal_end reiserfs 2 C error 3 1088d 1137d 0/1 upstream: reported C repro on 2022/11/30 04:17
linux-4.14 general protection fault in do_journal_end reiserfs 2 C 2 1064d 1101d 0/1 upstream: reported C repro on 2023/01/05 12:44
Last patch testing requests (8)
Created Duration User Patch Repo Result
2025/12/03 18:50 15m retest repro linux-5.15.y report log
2025/12/03 18:50 10m retest repro linux-5.15.y report log
2025/10/17 16:37 12m retest repro linux-5.15.y report log
2025/10/17 16:37 13m retest repro linux-5.15.y report log
2025/10/17 16:37 12m retest repro linux-5.15.y report log
2025/10/17 16:37 15m retest repro linux-5.15.y report log
2025/10/17 16:37 13m retest repro linux-5.15.y report log
2025/07/24 03:15 17m retest repro linux-5.15.y report log
Fix bisection attempts (4)
Created Duration User Patch Repo Result
2025/09/18 06:25 8h27m fix candidate upstream OK (1) job log
2025/07/05 22:25 1m fix candidate upstream error job log
2025/03/12 02:57 5m fix candidate upstream error job log
2023/09/25 01:16 0m bisect fix linux-5.15.y error job log

Sample crash report:
==================================================================
BUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:71 [inline]
BUG: KASAN: null-ptr-deref in test_bit include/asm-generic/bitops/instrumented-non-atomic.h:134 [inline]
BUG: KASAN: null-ptr-deref in set_buffer_uptodate include/linux/buffer_head.h:147 [inline]
BUG: KASAN: null-ptr-deref in do_journal_end+0xf99/0x42d0 fs/reiserfs/journal.c:4079
Read of size 8 at addr 0000000000000000 by task syz-executor/4283

CPU: 0 PID: 4283 Comm: syz-executor Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x168/0x230 lib/dump_stack.c:106
 __kasan_report mm/kasan/report.c:438 [inline]
 kasan_report+0xd5/0x130 mm/kasan/report.c:451
 check_region_inline mm/kasan/generic.c:-1 [inline]
 kasan_check_range+0x27b/0x290 mm/kasan/generic.c:189
 instrument_atomic_read include/linux/instrumented.h:71 [inline]
 test_bit include/asm-generic/bitops/instrumented-non-atomic.h:134 [inline]
 set_buffer_uptodate include/linux/buffer_head.h:147 [inline]
 do_journal_end+0xf99/0x42d0 fs/reiserfs/journal.c:4079
 reiserfs_sync_fs+0xcc/0x150 fs/reiserfs/super.c:78
 sync_filesystem+0xe6/0x220 fs/sync.c:56
 generic_shutdown_super+0x6b/0x300 fs/super.c:448
 kill_block_super+0x7c/0xe0 fs/super.c:1427
 deactivate_locked_super+0x93/0xf0 fs/super.c:335
 cleanup_mnt+0x418/0x4d0 fs/namespace.c:1148
 task_work_run+0x125/0x1a0 kernel/task_work.c:188
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop+0x10f/0x130 kernel/entry/common.c:181
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:214
 __syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:307
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f07b3d452f7
Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007fffc21f9d58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 00007f07b3dc6d7d RCX: 00007f07b3d452f7
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc21f9e10
RBP: 00007fffc21f9e10 R08: 0000000000000000 R09: 0000000000000000
R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffc21faea0
R13: 00007f07b3dc6d7d R14: 0000000000010855 R15: 00007fffc21faee0
 </TASK>
==================================================================

Crashes (685):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/10/26 12:27 linux-5.15.y ac56c046adf4 c0460fcd .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (clean fs)] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/09/14 21:51 linux-5.15.y 43bb85222e53 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/09/14 20:32 linux-5.15.y 43bb85222e53 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/09/14 19:29 linux-5.15.y 43bb85222e53 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/09/14 18:27 linux-5.15.y 43bb85222e53 e2beed91 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/08/31 16:35 linux-5.15.y 01879f56bdde 807a3b61 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2023/07/16 15:05 linux-5.15.y d54cfc420586 35d9ecc5 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] [mounted in repro #3] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in do_journal_end
2026/01/10 14:13 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2026/01/09 03:40 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2026/01/09 01:29 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2026/01/08 23:04 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2026/01/08 15:41 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2026/01/06 15:48 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2026/01/01 07:19 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/29 17:52 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/28 00:22 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/27 22:49 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/27 14:00 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/26 22:32 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/23 10:50 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/23 04:23 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/22 09:36 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/22 01:02 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/20 16:37 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/20 01:07 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/19 19:22 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/19 18:53 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/19 18:32 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/12/19 18:19 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/19 00:11 linux-5.15.y cc5ec8769306 ef766cd7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/18 05:06 linux-5.15.y cc5ec8769306 ef766cd7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/17 16:32 linux-5.15.y cc5ec8769306 ef766cd7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/17 02:47 linux-5.15.y cc5ec8769306 f7988ea4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/16 12:37 linux-5.15.y cc5ec8769306 f7988ea4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/15 20:02 linux-5.15.y cc5ec8769306 f7988ea4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/15 17:03 linux-5.15.y cc5ec8769306 f7988ea4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/15 17:02 linux-5.15.y cc5ec8769306 f7988ea4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/14 21:03 linux-5.15.y cc5ec8769306 f7988ea4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/14 18:02 linux-5.15.y cc5ec8769306 f7988ea4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/12 19:21 linux-5.15.y cc5ec8769306 07e030de .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/12 05:35 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/11 22:14 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/11 20:57 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/10 11:30 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/10 07:45 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/10 02:03 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/09 19:06 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/08 19:31 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/08 02:54 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/07 23:09 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/07 22:05 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/07 21:05 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/11/07 20:18 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2023/04/06 14:34 linux-5.15.y d86dfc4d95cd 08707520 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: null-ptr-deref Read in do_journal_end
2025/08/05 13:53 linux-5.15.y c79648372d02 37880f40 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in do_journal_end
2025/08/05 13:51 linux-5.15.y c79648372d02 37880f40 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 BUG: unable to handle kernel paging request in do_journal_end
* Struck through repros no longer work on HEAD.