syzbot


general protection fault in sidtab_search_core

Status: fixed on 2018/02/01 10:32
Subsystems: selinux
[Documentation on labels]
Reported-by: syzbot+142bbfb097c0d742b14261501fb0c0d4dc85a47e@syzkaller.appspotmail.com
Fix commit: 4b14752ec4e0 selinux: skip bounded transition processing if the policy isn't loaded
First crash: 2393d, last: 2383d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 general protection fault in sidtab_search_core syz 762 2379d 2393d 0/3 closed as invalid on 2019/02/15 20:35

Sample crash report:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 1 PID: 3095 Comm: syz-executor0 Not tainted 4.15.0-rc1+ #205
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: 00000000a55c6032 task.stack: 000000007c15ecb0
RIP: 0010:sidtab_search_core+0x6a/0x320 security/selinux/ss/sidtab.c:88
RSP: 0018:ffff8801d5777a10 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 0000000000000008 RCX: ffffffff82207ffd
RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffffffff874c5180
RBP: ffff8801d5777a40 R08: 0000000000000003 R09: 1ffffffff0d6ab33
R10: 0000000000000000 R11: ffffffff87489d60 R12: 0000000000000001
R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
FS:  00007f91ca5e8700(0000) GS:ffff8801db500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000004d5638 CR3: 00000001cc97d000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 sidtab_search+0x1f/0x30 security/selinux/ss/sidtab.c:111
 security_bounded_transition+0xa8/0x4d0 security/selinux/ss/services.c:873
 selinux_setprocattr+0x8d0/0xb50 security/selinux/hooks.c:6042
 security_setprocattr+0x85/0xc0 security/security.c:1264
 proc_pid_attr_write+0x1e6/0x280 fs/proc/base.c:2545
 __vfs_write+0xef/0x970 fs/read_write.c:480
 vfs_write+0x18f/0x510 fs/read_write.c:544
 SYSC_write fs/read_write.c:589 [inline]
 SyS_write+0xef/0x220 fs/read_write.c:581
 entry_SYSCALL_64_fastpath+0x1f/0x96
RIP: 0033:0x4529d9
RSP: 002b:00007f91ca5e7c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f91ca5e7950 RCX: 00000000004529d9
RDX: 0000000000000001 RSI: 0000000020000fff RDI: 0000000000000000
RBP: 00007f91ca5e7940 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b7354
R13: 00007f91ca5e7ac8 R14: 00000000004b7366 R15: 0000000000000000
Code: ea 03 41 83 e4 7f 80 3c 02 00 0f 85 7d 02 00 00 4c 8b 33 4d 63 e4 48 b8 00 00 00 00 00 fc ff df 4b 8d 1c e6 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 41 02 00 00 48 8b 1b 48 85 db 0f 84 8b 00 00 
RIP: sidtab_search_core+0x6a/0x320 security/selinux/ss/sidtab.c:88 RSP: ffff8801d5777a10
---[ end trace 988c4f863236f8c5 ]---
Kernel panic - not syncing: Fatal exception
Dumping ftrace buffer:
   (ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (1306):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/12/03 11:36 upstream 2db767d9889c 48359b97 .config console log report syz ci-upstream-kasan-gce
2017/12/03 10:39 upstream 2db767d9889c 48359b97 .config console log report syz ci-upstream-kasan-gce
2017/12/03 09:20 upstream 2db767d9889c 48359b97 .config console log report syz ci-upstream-kasan-gce
2017/12/02 10:02 upstream a0651c7fa2c0 48359b97 .config console log report syz ci-upstream-kasan-gce
2017/12/02 09:32 upstream a0651c7fa2c0 48359b97 .config console log report syz ci-upstream-kasan-gce
2017/12/02 05:30 upstream a0651c7fa2c0 48359b97 .config console log report syz ci-upstream-kasan-gce
2017/12/01 18:31 upstream 3c1c4ddffb58 2fa91450 .config console log report syz ci-upstream-kasan-gce
2017/12/01 18:16 upstream 3c1c4ddffb58 2fa91450 .config console log report syz ci-upstream-kasan-gce
2017/12/07 13:16 upstream 968edbd93c0c 5d643f8e .config console log report syz ci-upstream-kasan-gce-386
2017/12/02 03:10 upstream a0651c7fa2c0 48359b97 .config console log report syz ci-upstream-kasan-gce-386
2017/12/02 02:44 upstream a0651c7fa2c0 48359b97 .config console log report syz ci-upstream-kasan-gce-386
2017/12/02 02:32 upstream a0651c7fa2c0 48359b97 .config console log report syz ci-upstream-kasan-gce-386
2017/12/01 19:28 upstream 3c1c4ddffb58 2fa91450 .config console log report syz ci-upstream-kasan-gce-386
2017/12/01 19:09 upstream 3c1c4ddffb58 2fa91450 .config console log report syz ci-upstream-kasan-gce-386
2017/12/01 18:46 upstream 3c1c4ddffb58 2fa91450 .config console log report syz ci-upstream-kasan-gce-386
2017/12/01 18:34 upstream 3c1c4ddffb58 2fa91450 .config console log report syz ci-upstream-kasan-gce-386
2017/12/01 18:05 upstream 3c1c4ddffb58 2fa91450 .config console log report syz ci-upstream-kasan-gce-386
2017/12/04 06:12 linux-next 7cc61a0a562c 48359b97 .config console log report syz ci-upstream-next-kasan-gce
2017/12/04 04:12 linux-next fb20eb9d798d 16668351 .config console log report syz ci-upstream-next-kasan-gce
2017/12/03 21:14 linux-next fb20eb9d798d 16668351 .config console log report syz ci-upstream-next-kasan-gce
2017/12/03 10:30 mmots 4131d5166185 29b0fd90 .config console log report syz ci-upstream-mmots-kasan-gce
2017/12/03 09:33 mmots 4131d5166185 29b0fd90 .config console log report syz ci-upstream-mmots-kasan-gce
2017/12/03 08:19 mmots 4131d5166185 29b0fd90 .config console log report syz ci-upstream-mmots-kasan-gce
2017/12/02 19:36 linux-next fb20eb9d798d 16668351 .config console log report syz ci-upstream-next-kasan-gce
2017/12/02 18:52 linux-next fb20eb9d798d 16668351 .config console log report syz ci-upstream-next-kasan-gce
2017/12/02 16:49 linux-next fb20eb9d798d 16668351 .config console log report syz ci-upstream-next-kasan-gce
2017/12/02 16:38 linux-next fb20eb9d798d 16668351 .config console log report syz ci-upstream-next-kasan-gce
2017/12/02 13:06 mmots 4131d5166185 29b0fd90 .config console log report syz ci-upstream-mmots-kasan-gce
2017/12/02 12:06 mmots 4131d5166185 29b0fd90 .config console log report syz ci-upstream-mmots-kasan-gce
2017/12/02 11:55 mmots 4131d5166185 29b0fd90 .config console log report syz ci-upstream-mmots-kasan-gce
2017/12/02 01:30 mmots 4131d5166185 29b0fd90 .config console log report syz ci-upstream-mmots-kasan-gce
2017/12/01 18:24 mmots 4131d5166185 29b0fd90 .config console log report syz ci-upstream-mmots-kasan-gce
2017/12/01 17:16 linux-next fb20eb9d798d 16668351 .config console log report syz ci-upstream-next-kasan-gce
2017/12/06 21:38 upstream e56d565d67ae 5d643f8e .config console log report ci-upstream-kasan-gce
2017/12/06 04:57 upstream 328b4ed93b69 0796857b .config console log report ci-upstream-kasan-gce
2017/12/05 21:05 upstream fd6d2e506ce6 de212f1a .config console log report ci-upstream-kasan-gce
2017/12/05 18:09 upstream fd6d2e506ce6 de212f1a .config console log report ci-upstream-kasan-gce
2017/12/05 15:31 upstream fd6d2e506ce6 de212f1a .config console log report ci-upstream-kasan-gce
2017/12/05 05:41 upstream 2391f0b4808e de212f1a .config console log report ci-upstream-kasan-gce
2017/12/04 13:01 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 05:16 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 03:15 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 02:40 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 02:37 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 02:15 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 01:38 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 01:16 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 00:50 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/03 21:41 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce
2017/12/04 05:18 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce-386
2017/12/04 04:26 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce-386
2017/12/04 04:21 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce-386
2017/12/05 08:06 linux-next 7ceb97a071e8 de212f1a .config console log report ci-upstream-next-kasan-gce
2017/12/05 01:45 linux-next 7cc61a0a562c 48359b97 .config console log report ci-upstream-next-kasan-gce
2017/12/04 05:42 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/04 05:42 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/04 04:57 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/04 04:25 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/04 04:20 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/04 04:13 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/04 03:55 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/04 03:53 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/04 03:33 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/04 03:27 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/04 02:07 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/04 02:02 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/04 01:41 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/04 01:05 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/03 23:10 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/03 23:09 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/03 22:47 mmots 4131d5166185 29b0fd90 .config console log report ci-upstream-mmots-kasan-gce
2017/12/03 22:28 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
2017/12/03 21:57 linux-next fb20eb9d798d 16668351 .config console log report ci-upstream-next-kasan-gce
* Struck through repros no longer work on HEAD.