syzbot

 sign-in | mailing list | source | docs
🐞 Open [142]
🐞 Fixed [16]
🐞 Invalid [163]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

WARNING in xfrm_policy_insert

Status: public: reported C repro on 2019/04/14 00:02
Reported-by: syzbot+1e78e68b2552cf8bce66@syzkaller.appspotmail.com
First crash: 2396d, last: 1855d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in xfrm_policy_insert net C inconclusive done 6 1619d 2472d 15/28 fixed on 2020/07/28 19:58
linux-4.14 WARNING in xfrm_policy_insert syz done 8 1650d 1909d 1/1 fixed on 2020/06/15 08:02
linux-4.19 WARNING in xfrm_policy_insert C error 8 1642d 1891d 0/1 upstream: reported C repro on 2019/09/17 18:21
android-414 WARNING in xfrm_policy_insert C 7 1815d 1903d 0/1 public: reported C repro on 2019/09/06 10:33
android-49 WARNING in xfrm_policy_insert C 27 1815d 2048d 0/3 public: reported C repro on 2019/04/14 00:00

Sample crash report:
netlink: 12 bytes leftover after parsing attributes in process `syz-executor903'.
netlink: 12 bytes leftover after parsing attributes in process `syz-executor903'.
------------[ cut here ]------------
WARNING: CPU: 1 PID: 2086 at net/xfrm/xfrm_policy.c:770 xfrm_policy_insert+0x600/0xf20 net/xfrm/xfrm_policy.c:770()
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 2086 Comm: syz-executor903 Not tainted 4.4.174+ #4
 0000000000000000 201083044d439bc8 ffff8801cf147428 ffffffff81aad1a1
 0000000000000000 ffffffff82835ee0 ffffffff82a9b140 0000000000000302
 ffffffff82548f00 ffff8801cf147508 ffffffff813a48c2 0000000041b58ab3
Call Trace:
 [<ffffffff81aad1a1>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81aad1a1>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
 [<ffffffff813a48c2>] panic+0x1b9/0x37b kernel/panic.c:112
 [<ffffffff813a4ab9>] warn_slowpath_common kernel/panic.c:455 [inline]
 [<ffffffff813a4ab9>] warn_slowpath_common.cold+0x20/0x20 kernel/panic.c:435
 [<ffffffff810d3aaa>] warn_slowpath_null+0x2a/0x30 kernel/panic.c:492
 [<ffffffff82548f00>] xfrm_policy_insert+0x600/0xf20 net/xfrm/xfrm_policy.c:770
 [<ffffffff82583b1c>] xfrm_add_policy+0x23c/0x4d0 net/xfrm/xfrm_user.c:1578
 [<ffffffff8257888c>] xfrm_user_rcv_msg+0x37c/0x630 net/xfrm/xfrm_user.c:2563
 [<ffffffff822f06e4>] netlink_rcv_skb+0xd4/0x2e0 net/netlink/af_netlink.c:2361
 [<ffffffff82571210>] xfrm_netlink_rcv+0x70/0x90 net/xfrm/xfrm_user.c:2571
 [<ffffffff822ef137>] netlink_unicast_kernel net/netlink/af_netlink.c:1277 [inline]
 [<ffffffff822ef137>] netlink_unicast+0x4d7/0x700 net/netlink/af_netlink.c:1303
 [<ffffffff822efb86>] netlink_sendmsg+0x6b6/0xc80 net/netlink/af_netlink.c:1859
 [<ffffffff821d838e>] sock_sendmsg_nosec net/socket.c:638 [inline]
 [<ffffffff821d838e>] sock_sendmsg+0xbe/0x110 net/socket.c:648
 [<ffffffff821da269>] ___sys_sendmsg+0x769/0x890 net/socket.c:1975
 [<ffffffff821dd0c5>] __sys_sendmsg+0xc5/0x160 net/socket.c:2009
 [<ffffffff821dd18d>] SYSC_sendmsg net/socket.c:2020 [inline]
 [<ffffffff821dd18d>] SyS_sendmsg+0x2d/0x50 net/socket.c:2016
 [<ffffffff82718ba1>] entry_SYSCALL_64_fastpath+0x1e/0x9a
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (13):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/09/14 04:01 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 32d59357 .config console log report syz C ci-android-44-kasan-gce
2019/09/26 16:44 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 24d405a3 .config console log report syz ci-android-44-kasan-gce
2019/09/09 12:13 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b a60cb4cd .config console log report syz ci-android-44-kasan-gce
2019/09/06 09:33 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 040fda58 .config console log report syz ci-android-44-kasan-gce
2019/01/18 08:45 https://android.googlesource.com/kernel/common android-4.4 b355d4f7ce55 5bf17c30 .config console log report syz ci-android-44-kasan-gce
2018/08/09 19:43 https://android.googlesource.com/kernel/common android-4.4 a5fc66599b61 1fb62d58 .config console log report syz ci-android-44-kasan-gce
2018/04/30 16:12 https://android.googlesource.com/kernel/common android-4.4 12ef385f51fe 06db3cec .config console log report syz ci-android-44-kasan-gce
2019/10/23 14:02 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b d0686497 .config console log report ci-android-44-kasan-gce
2019/10/11 01:40 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 1a3bad90 .config console log report ci-android-44-kasan-gce
2019/09/14 02:51 https://android.googlesource.com/kernel/common android-4.4 62872f952d6b 32d59357 .config console log report ci-android-44-kasan-gce
2019/01/18 06:20 https://android.googlesource.com/kernel/common android-4.4 b355d4f7ce55 5bf17c30 .config console log report ci-android-44-kasan-gce
2018/08/09 16:35 https://android.googlesource.com/kernel/common android-4.4 a5fc66599b61 1fb62d58 .config console log report ci-android-44-kasan-gce
2018/04/30 15:36 https://android.googlesource.com/kernel/common android-4.4 12ef385f51fe 06db3cec .config console log report ci-android-44-kasan-gce
* Struck through repros no longer work on HEAD.