syzbot

 sign-in | mailing list | source | docs
🐞 Open [71] 🐞 Fixed [70] 🐞 Invalid [133] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

kernel BUG in add_grec (2)

Status: fixed on 2023/02/24 12:10
Reported-by: syzbot+17a1beb51531a35c0b72@syzkaller.appspotmail.com
Fix commit: 44affe7ede59 ipv6: ensure sane device mtu in tunnels
First crash: 752d, last: 513d
Cause bisection: failed (error log, bisect log)
  
Fix bisection the fix commit could be any of (bisect log):
  673a7341bdab Merge 5.10.153 into android12-5.10-lts
  bf760358eac3 Merge branch 'android12-5.10' into android12-5.10-lts
   
Similar bugs (25)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-10 kernel BUG in add_grec C error 83 753d 826d 2/2 fixed on 2022/03/29 10:01
android-54 kernel BUG at net/core/skbuff.c:LINE! C 267 339d 1559d 0/2 auto-obsoleted due to no activity on 2023/08/22 15:17
android-5-10 kernel BUG in cdc_ncm_fill_tx_frame C error 40 845d 910d 1/2 fixed on 2021/12/29 12:20
android-5-15 kernel BUG in add_grec C 38 499d 513d 2/2 fixed on 2022/12/13 18:12
android-44 kernel BUG at net/core/skbuff.c:LINE! C 79 1609d 1835d 0/2 public: reported C repro on 2019/04/11 08:44
linux-4.19 kernel BUG at net/core/skbuff.c:LINE! C unreliable 494 599d 1818d 0/1 upstream: reported C repro on 2019/04/27 20:12
android-54 kernel BUG in pfkey_send_acquire C 278 523d 1188d 0/2 auto-obsoleted due to no activity on 2023/04/19 14:24
upstream kernel BUG at net/core/skbuff.c:LINE! (2) net C 562 2274d 2363d 4/26 fixed on 2018/01/29 03:39
android-414 kernel BUG at net/core/skbuff.c:LINE! C 2743 1598d 1835d 0/1 public: reported C repro on 2019/04/11 00:00
upstream kernel BUG in netem_enqueue net 9 491d 715d 22/26 fixed on 2023/02/24 13:50
upstream kernel BUG at net/core/skbuff.c:LINE! (3) C done 4399 1152d 2268d 19/26 fixed on 2021/03/10 01:48
upstream kernel BUG at net/core/skbuff.c:LINE! sctp 5 2369d 2439d 3/26 fixed on 2017/10/27 10:10
linux-4.19 kernel BUG in pfkey_send_acquire C done 56 1158d 1188d 1/1 fixed on 2021/03/18 08:30
linux-4.14 kernel BUG at net/core/skbuff.c:LINE! C 3066 414d 1834d 0/1 upstream: reported C repro on 2019/04/12 15:43
upstream kernel BUG in llc_sap_action_send_xid_c net C error 61 892d 1105d 20/26 fixed on 2021/11/10 00:50
upstream kernel BUG in pskb_expand_head net C done 1600 435d 886d 22/26 fixed on 2023/02/25 08:02
android-49 kernel BUG at net/core/skbuff.c:LINE! C 391 1598d 1834d 0/3 public: reported C repro on 2019/04/12 00:00
android-5-15 kernel BUG in mld_newpack 1 519d 519d 0/2 auto-obsoleted due to no activity on 2023/03/24 18:30
upstream kernel BUG in mld_newpack net 1 552d 552d 22/26 fixed on 2023/02/24 13:50
upstream kernel BUG in icmp_glue_bits net 2 322d 385d 22/26 fixed on 2023/06/08 14:41
upstream kernel BUG in cdc_ncm_fill_tx_frame usb syz error 4 67d 321d 0/26 upstream: reported syz repro on 2023/06/02 18:39
android-5-15 kernel BUG in cdc_ncm_fill_tx_frame (2) origin:downstream C done 5 332d 346d 2/2 fixed on 2023/06/16 14:10
android-5-15 kernel BUG in cdc_ncm_fill_tx_frame 1 513d 513d 0/2 auto-obsoleted due to no activity on 2023/04/11 17:56
android-5-10 kernel BUG in cdc_ncm_fill_tx_frame (2) C error 3 338d 346d 2/2 fixed on 2023/06/28 00:02
android-5-15 kernel BUG in pfkey_send_acquire syz unreliable error 35 523d 557d 0/2 auto-obsoleted due to no activity on 2023/05/12 13:15
Last patch testing requests (3)
Created Duration User Patch Repo Result
2022/12/12 08:43 15m tudor.ambarus@linaro.org git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git linux-5.15.y OK log
2022/12/12 08:43 15m tudor.ambarus@linaro.org git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git linux-5.10.y OK log
2022/12/12 08:43 19m tudor.ambarus@linaro.org git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master OK log

Sample crash report:
skbuff: skb_over_panic: text:ffffffff844073b8 len:160 put:72 head:ffff888121186000 data:ffff888121186000 tail:0xa0 end:0x80 dev:<NULL>
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:110!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 422 Comm: syz-executor.5 Not tainted 5.10.147-syzkaller-01341-gbc7618b4936f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
RIP: 0010:skb_panic+0x14c/0x150 net/core/skbuff.c:106
Code: c7 40 28 79 85 48 8b 75 c0 48 8b 55 b8 8b 4d d4 44 8b 45 d0 4c 8b 4d c8 31 c0 53 41 56 41 55 41 54 e8 85 01 d1 00 48 83 c4 20 <0f> 0b 66 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 78 4c
RSP: 0018:ffffc900010f6b68 EFLAGS: 00010282
RAX: 0000000000000086 RBX: ffffffff857928c0 RCX: f3f33acf1c13e000
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: ffffc900010f6bb0 R08: ffffffff8153d388 R09: ffffed103ee2a5e8
R10: ffffed103ee2a5e8 R11: 1ffff1103ee2a5e7 R12: ffff888121186000
R13: 00000000000000a0 R14: 0000000000000080 R15: dffffc0000000000
FS:  00007f355c4b0700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000002000f038 CR3: 0000000121038000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 skb_over_panic net/core/skbuff.c:115 [inline]
 skb_put+0x153/0x210 net/core/skbuff.c:1877
 dump_esp_combs net/key/af_key.c:3013 [inline]
 pfkey_send_acquire+0x19a8/0x2db0 net/key/af_key.c:3234
 km_query+0x75/0xe0 net/xfrm/xfrm_state.c:2212
 xfrm_state_find+0x24f5/0x33f0 net/xfrm/xfrm_state.c:1140
 xfrm_tmpl_resolve_one net/xfrm/xfrm_policy.c:2400 [inline]
 xfrm_tmpl_resolve net/xfrm/xfrm_policy.c:2445 [inline]
 xfrm_resolve_and_create_bundle+0x66d/0x2c80 net/xfrm/xfrm_policy.c:2738
 xfrm_lookup_with_ifid+0x111e/0x2440 net/xfrm/xfrm_policy.c:3072
 xfrm_lookup net/xfrm/xfrm_policy.c:3196 [inline]
 xfrm_lookup_route+0x3b/0x160 net/xfrm/xfrm_policy.c:3207
 ip_route_output_flow+0x1e7/0x310 net/ipv4/route.c:2792
 udp_sendmsg+0x1615/0x28c0 net/ipv4/udp.c:1210
 inet_sendmsg+0xa1/0xc0 net/ipv4/af_inet.c:821
 sock_sendmsg_nosec net/socket.c:652 [inline]
 sock_sendmsg net/socket.c:672 [inline]
 ____sys_sendmsg+0x597/0x8e0 net/socket.c:2343
 ___sys_sendmsg net/socket.c:2397 [inline]
 __sys_sendmmsg+0x5c6/0x820 net/socket.c:2487
 __do_sys_sendmmsg net/socket.c:2516 [inline]
 __se_sys_sendmmsg net/socket.c:2513 [inline]
 __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2513
 do_syscall_64+0x34/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x61/0xc6
RIP: 0033:0x7f355c57e5a9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f355c4b0168 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 00007f355c69f120 RCX: 00007f355c57e5a9
RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000003
RBP: 00007f355c5d9580 R08: 0000000000000000 R09: 0000000000000000
R10: 000000a742250118 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe9f29db5f R14: 00007f355c4b0300 R15: 0000000000022000
Modules linked in:
---[ end trace efbd1d607a035cd8 ]---
RIP: 0010:skb_panic+0x14c/0x150 net/core/skbuff.c:106
Code: c7 40 28 79 85 48 8b 75 c0 48 8b 55 b8 8b 4d d4 44 8b 45 d0 4c 8b 4d c8 31 c0 53 41 56 41 55 41 54 e8 85 01 d1 00 48 83 c4 20 <0f> 0b 66 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 78 4c
RSP: 0018:ffffc900010f6b68 EFLAGS: 00010282
RAX: 0000000000000086 RBX: ffffffff857928c0 RCX: f3f33acf1c13e000
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: ffffc900010f6bb0 R08: ffffffff8153d388 R09: ffffed103ee2a5e8
R10: ffffed103ee2a5e8 R11: 1ffff1103ee2a5e7 R12: ffff888121186000
R13: 00000000000000a0 R14: 0000000000000080 R15: dffffc0000000000
FS:  00007f355c4b0700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000002000f038 CR3: 0000000121038000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (1039):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/10/12 23:13 android12-5.10-lts bc7618b4936f 16a9c9e0 .config console log report syz ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/23 16:23 android12-5.10-lts 673a7341bdab 52fdf57a .config strace log report syz C ci2-android-5-10 kernel BUG in cdc_ncm_fill_tx_frame
2022/11/21 17:53 android12-5.10-lts 6b31c548a114 5bb70014 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/16 20:29 android12-5.10-lts 6b31c548a114 3a127a31 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/16 18:40 android12-5.10-lts 6b31c548a114 3a127a31 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/15 23:31 android12-5.10-lts 0118fb827bc7 3a127a31 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/14 10:59 android12-5.10-lts 0118fb827bc7 943f4cb8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/14 09:32 android12-5.10-lts 0118fb827bc7 7ba4d859 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/13 19:29 android12-5.10-lts 0118fb827bc7 7ba4d859 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/13 07:56 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/13 04:48 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/13 01:58 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/12 16:03 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/12 07:22 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/12 04:43 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/11 16:56 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/11 03:40 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/11 02:02 android12-5.10-lts 0118fb827bc7 3ead01ad .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/10 17:06 android12-5.10-lts 0118fb827bc7 3ead01ad .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/10 02:26 android12-5.10-lts 0118fb827bc7 b2488a87 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/09 10:25 android12-5.10-lts 0118fb827bc7 5fa28208 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/09 09:24 android12-5.10-lts 0118fb827bc7 5fa28208 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/09 02:55 android12-5.10-lts 0118fb827bc7 5fa28208 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/08 13:35 android12-5.10-lts 0118fb827bc7 060f945e .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/07 15:00 android12-5.10-lts 0118fb827bc7 a779b11a .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/07 13:58 android12-5.10-lts 0118fb827bc7 a779b11a .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/07 12:29 android12-5.10-lts 0118fb827bc7 a779b11a .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/07 10:10 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/07 07:04 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/07 05:36 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/06 23:12 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/06 21:17 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/06 18:18 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/06 17:06 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/06 13:41 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/06 11:17 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/06 07:31 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/11/06 06:16 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in add_grec
2022/03/29 11:57 android12-5.10-lts 414e6c8e941c 6bdac766 .config console log report info ci2-android-5-10 kernel BUG in add_grec
2022/11/13 11:31 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/12 22:05 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/12 12:54 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/12 09:52 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/12 01:41 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/11 19:07 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/11 13:17 android12-5.10-lts 0118fb827bc7 f42ee5d8 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/10 15:27 android12-5.10-lts 0118fb827bc7 3ead01ad .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/10 00:34 android12-5.10-lts 0118fb827bc7 bebca8b7 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/09 14:49 android12-5.10-lts 0118fb827bc7 bebca8b7 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/09 12:07 android12-5.10-lts 0118fb827bc7 5fa28208 .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/08 19:20 android12-5.10-lts 0118fb827bc7 060f945e .config console log report info ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/07 08:10 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/11/06 08:18 android12-5.10-lts 0118fb827bc7 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-10 kernel BUG in pfkey_send_acquire
2022/09/30 20:45 android12-5.10-lts 391716695e71 feb56351 .config console log report info [disk image] [vmlinux] ci2-android-5-10 kernel BUG in mld_newpack
2022/05/12 19:12 android12-5.10-lts f64cd19a00c1 9ad6612a .config console log report info ci2-android-5-10 kernel BUG in cdc_ncm_fill_tx_frame
2022/04/19 11:59 android12-5.10-lts 414e6c8e941c c334415e .config console log report info ci2-android-5-10 kernel BUG in icmp_glue_bits
* Struck through repros no longer work on HEAD.