syzbot

 sign-in | mailing list | source | docs
🐞 Open [982] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12500] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

BUG: corrupted list in rxrpc_local_processor

Status: fixed on 2019/09/06 20:45
Subsystems: afs net
[Documentation on labels]
Reported-by: syzbot+193e29e9387ea5837f1d@syzkaller.appspotmail.com
Fix commit: b00df840fb40 rxrpc: Fix local endpoint replacement
First crash: 1720d, last: 1712d
Cause bisection: introduced by (bisect log) :
commit 427545b3046326cd7b4dbbd7869f08737df2ad2b
Author: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Tue Jul 9 02:53:12 2019 +0000

  nfp: tls: count TSO segments separately for the TLS offload

Crash: general protection fault in send_hsr_supervision_frame (log)
Repro: C syz .config
  
Discussions (4)
Title Replies (including bot) Last reply
[PATCH AUTOSEL 5.2 01/76] batman-adv: Fix netlink dumping of all mcast_flags buckets 82 (82) 2019/08/30 13:25
[PATCH AUTOSEL 4.19 01/45] net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ context 45 (45) 2019/08/29 18:15
[PATCH net 0/2] rxrpc: Fix local endpoint handling 4 (4) 2019/08/15 23:33
BUG: corrupted list in rxrpc_local_processor 2 (6) 2019/08/13 00:51
Last patch testing requests (2)
Created Duration User Patch Repo Result
2019/08/14 07:05 11m dhowells@redhat.com git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git 845c5b494a6e00cab2a99d4ac035b8d3e898fa35 report log
2019/08/12 22:41 12m dhowells@redhat.com git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git 03a62469fffcbd535d85e42ef25ba098262e9d72 report log

Sample crash report:
list_del corruption. prev->next should be ffff8880a4b844a0, but was ffff8880a401d220
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:51!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 3516 Comm: kworker/0:2 Not tainted 5.3.0-rc3+ #164
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: krxrpcd rxrpc_local_processor
RIP: 0010:__list_del_entry_valid.cold+0xf/0x4f lib/list_debug.c:51
Code: e8 e9 03 1e fe 0f 0b 48 89 f1 48 c7 c7 80 25 c6 87 4c 89 e6 e8 d5 03 1e fe 0f 0b 4c 89 f6 48 c7 c7 20 27 c6 87 e8 c4 03 1e fe <0f> 0b 4c 89 ea 4c 89 f6 48 c7 c7 60 26 c6 87 e8 b0 03 1e fe 0f 0b
RSP: 0018:ffff88809cba7cc0 EFLAGS: 00010286
RAX: 0000000000000054 RBX: ffff8880a4b844b8 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815c3b96 RDI: ffffed1013974f8a
RBP: ffff88809cba7cd8 R08: 0000000000000054 R09: ffffed1015d060d1
R10: ffffed1015d060d0 R11: ffff8880ae830687 R12: ffff88809be803b8
R13: ffff88809be803b8 R14: ffff8880a4b844a0 R15: ffff88809515a080
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fffb5cf71a4 CR3: 0000000095a3c000 CR4: 00000000001406f0
Call Trace:
 __list_del_entry include/linux/list.h:131 [inline]
 list_del_init include/linux/list.h:190 [inline]
 rxrpc_local_destroyer net/rxrpc/local_object.c:429 [inline]
 rxrpc_local_processor+0x251/0x830 net/rxrpc/local_object.c:465
 process_one_work+0x9af/0x1740 kernel/workqueue.c:2269
 worker_thread+0x98/0xe40 kernel/workqueue.c:2415
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Modules linked in:
---[ end trace c0f32704bf5fd9c8 ]---
RIP: 0010:__list_del_entry_valid.cold+0xf/0x4f lib/list_debug.c:51
Code: e8 e9 03 1e fe 0f 0b 48 89 f1 48 c7 c7 80 25 c6 87 4c 89 e6 e8 d5 03 1e fe 0f 0b 4c 89 f6 48 c7 c7 20 27 c6 87 e8 c4 03 1e fe <0f> 0b 4c 89 ea 4c 89 f6 48 c7 c7 60 26 c6 87 e8 b0 03 1e fe 0f 0b
RSP: 0018:ffff88809cba7cc0 EFLAGS: 00010286
RAX: 0000000000000054 RBX: ffff8880a4b844b8 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815c3b96 RDI: ffffed1013974f8a
RBP: ffff88809cba7cd8 R08: 0000000000000054 R09: ffffed1015d060d1
R10: ffffed1015d060d0 R11: ffff8880ae830687 R12: ffff88809be803b8
R13: ffff88809be803b8 R14: ffff8880a4b844a0 R15: ffff88809515a080
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fffb5cf71a4 CR3: 0000000095a3c000 CR4: 00000000001406f0

Crashes (1679):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/08/17 04:10 net-old 12ed60151345 8fd428a1 .config console log report syz C ci-upstream-net-this-kasan-gce
2019/08/14 18:17 net-old a1794de8b92e 5576551b .config console log report syz C ci-upstream-net-this-kasan-gce
2019/08/12 15:49 net-old 125b7e0949d4 acb51638 .config console log report syz C ci-upstream-net-this-kasan-gce
2019/08/12 10:20 net-old 125b7e0949d4 acb51638 .config console log report syz C ci-upstream-net-this-kasan-gce
2019/08/14 17:57 linux-next 17da61ae48ec 5576551b .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2019/08/17 09:31 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 09:05 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 08:22 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 07:49 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 06:56 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 06:17 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 05:38 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 04:35 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 04:06 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 03:05 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 02:10 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 01:04 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/17 00:26 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 23:09 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 23:07 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 22:06 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 20:58 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 20:36 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 19:30 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 18:21 net-old 12ed60151345 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 17:23 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 17:13 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 16:12 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 15:11 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 14:44 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 13:42 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 12:46 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 12:03 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 11:28 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 10:40 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 10:01 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 09:16 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 09:13 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 08:10 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 07:59 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 06:55 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 06:54 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 05:52 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 05:30 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 04:27 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/16 04:20 net-old 2aafdf5a5786 8fd428a1 .config console log report ci-upstream-net-this-kasan-gce
2019/08/15 10:27 linux-next 17da61ae48ec 0d298d6b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/09 08:55 linux-next 87b983f55b8c ede31a9b .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.