syzbot

 sign-in | mailing list | source | docs
🐞 Open [1028] Subsystems 🐞 Fixed [5251] 🐞 Invalid [12568] Missing Backports [85] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING in bpf_prog_select_runtime

Status: fixed on 2018/07/09 18:05
Subsystems: bpf
[Documentation on labels]
Reported-by: syzbot+3b889862e65a98317058@syzkaller.appspotmail.com
Fix commit: 9facc336876f bpf: reject any prog that failed read-only lock
First crash: 2198d, last: 2149d
Discussions (3)
Title Replies (including bot) Last reply
[PATCH 4.17 000/101] 4.17.9-stable review 100 (101) 2018/07/22 11:42
[PATCH bpf 0/2] Two bpf fixes 7 (7) 2018/06/15 21:16
WARNING in bpf_prog_select_runtime 1 (2) 2018/06/14 09:45
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 WARNING in bpf_prog_select_runtime 3 1247d 1390d 0/1 auto-closed as invalid on 2021/04/02 15:25
linux-4.14 WARNING in bpf_prog_select_runtime (2) 1 1100d 1100d 0/1 auto-closed as invalid on 2021/08/28 08:39
linux-4.14 WARNING in bpf_prog_select_runtime (3) C 28 427d 817d 0/1 upstream: reported C repro on 2022/02/06 16:31

Sample crash report:
RAX: ffffffffffffffda RBX: 00000000012b1914 RCX: 0000000000455979
RDX: 0000000020000180 RSI: 00000000401054d5 RDI: 0000000000000004
RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
R13: 0000000000000367 R14: 00000000006f9248 R15: 000000000000000a
WARNING: CPU: 1 PID: 4515 at include/linux/filter.h:651 bpf_prog_lock_ro include/linux/filter.h:651 [inline]
WARNING: CPU: 1 PID: 4515 at include/linux/filter.h:651 bpf_prog_select_runtime+0x53c/0x640 kernel/bpf/core.c:1503
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 4515 Comm: syz-executor0 Not tainted 4.17.0-rc3+ #36
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1b9/0x294 lib/dump_stack.c:113
 panic+0x22f/0x4de kernel/panic.c:184
 __warn.cold.8+0x163/0x1b3 kernel/panic.c:536
 report_bug+0x252/0x2d0 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:178 [inline]
 do_error_trap+0x1de/0x490 arch/x86/kernel/traps.c:296
 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:315
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:992
RIP: 0010:bpf_prog_lock_ro include/linux/filter.h:651 [inline]
RIP: 0010:bpf_prog_select_runtime+0x53c/0x640 kernel/bpf/core.c:1503
RSP: 0018:ffff8801d9ba7788 EFLAGS: 00010293
RAX: ffff8801ae0ee5c0 RBX: ffffc90001e52000 RCX: ffffffff818588b7
RDX: 0000000000000000 RSI: ffffffff81858c4c RDI: 0000000000000005
RBP: ffff8801d9ba77e8 R08: ffff8801ae0ee5c0 R09: 0000000000000006
R10: ffff8801ae0ee5c0 R11: 0000000000000000 R12: 00000000fffffff4
R13: ffffffff81862da0 R14: 0000000000000000 R15: ffff8801d77eb9c0
 bpf_migrate_filter net/core/filter.c:1069 [inline]
 bpf_prepare_filter+0xb65/0x1060 net/core/filter.c:1117
 __get_filter+0x1e0/0x280 net/core/filter.c:1310
 sk_attach_filter+0x1d/0x90 net/core/filter.c:1325
 tun_attach_filter drivers/net/tun.c:2765 [inline]
 __tun_chr_ioctl+0x1198/0x4420 drivers/net/tun.c:3113
 tun_chr_ioctl+0x2a/0x40 drivers/net/tun.c:3161
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x1cf/0x16a0 fs/ioctl.c:684
 ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
 __do_sys_ioctl fs/ioctl.c:708 [inline]
 __se_sys_ioctl fs/ioctl.c:706 [inline]
 __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x455979
RSP: 002b:0000000000a3e8e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00000000012b1914 RCX: 0000000000455979
RDX: 0000000020000180 RSI: 00000000401054d5 RDI: 0000000000000004
RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
R13: 0000000000000367 R14: 00000000006f9248 R15: 000000000000000a
Dumping ftrace buffer:
   (ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (45):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/05/07 06:51 upstream 701e39d05119 a211da1a .config console log report syz ci-upstream-kasan-gce
2018/05/06 20:45 upstream ee946c36be21 6c18ddb0 .config console log report syz ci-upstream-kasan-gce
2018/05/02 03:47 upstream f2125992e7cb d5b114b4 .config console log report syz ci-upstream-kasan-gce-root
2018/05/06 16:09 upstream ee946c36be21 6c18ddb0 .config console log report syz ci-upstream-kasan-gce-386
2018/05/16 16:49 https://github.com/google/kmsan.git master 9822946c7fee 75b2448a .config console log report syz ci-upstream-kmsan-gce
2018/05/16 06:13 https://github.com/google/kmsan.git master 06b2df0593a8 68ce85f1 .config console log report syz ci-upstream-kmsan-gce
2018/05/16 05:47 https://github.com/google/kmsan.git master 06b2df0593a8 68ce85f1 .config console log report syz ci-upstream-kmsan-gce
2018/05/16 02:04 https://github.com/google/kmsan.git master 06b2df0593a8 68ce85f1 .config console log report syz ci-upstream-kmsan-gce
2018/05/11 18:33 https://github.com/google/kmsan.git master 74ee2200b89f 12c7428a .config console log report syz ci-upstream-kmsan-gce
2018/06/15 14:53 upstream 4c5e8fc62d6a 27c5f59f .config console log report ci-upstream-kasan-gce-root
2018/05/28 22:44 upstream 786b71f5b754 f48c20b8 .config console log report ci-upstream-kasan-gce
2018/05/25 23:39 upstream 62d18ecfa641 f48c20b8 .config console log report ci-upstream-kasan-gce-root
2018/05/20 02:13 upstream 0b449a441dac f48c20b8 .config console log report ci-upstream-kasan-gce-root
2018/05/18 19:16 upstream 3acf4e395260 849705db .config console log report ci-upstream-kasan-gce
2018/05/18 09:38 upstream 3acf4e395260 c992b767 .config console log report ci-upstream-kasan-gce-root
2018/05/07 06:36 upstream 701e39d05119 a211da1a .config console log report ci-upstream-kasan-gce
2018/05/06 20:24 upstream ee946c36be21 6c18ddb0 .config console log report ci-upstream-kasan-gce
2018/05/02 03:35 upstream f2125992e7cb d5b114b4 .config console log report ci-upstream-kasan-gce-root
2018/05/06 15:53 upstream ee946c36be21 6c18ddb0 .config console log report ci-upstream-kasan-gce-386
2018/05/17 15:49 net-next-old b9f672af148b 90c54c49 .config console log report ci-upstream-net-kasan-gce
2018/06/10 00:36 https://github.com/google/kmsan.git master d6c351f832e3 866118af .config console log report ci-upstream-kmsan-gce
2018/06/04 14:03 https://github.com/google/kmsan.git master 8fc8ecd1c58a 6cbe7c26 .config console log report ci-upstream-kmsan-gce
2018/05/25 05:14 https://github.com/google/kmsan.git master 1b9cd4eccac9 f48c20b8 .config console log report ci-upstream-kmsan-gce
2018/05/18 07:02 https://github.com/google/kmsan.git master cd34f1881058 738d58ad .config console log report ci-upstream-kmsan-gce
2018/05/18 04:47 https://github.com/google/kmsan.git master cd34f1881058 738d58ad .config console log report ci-upstream-kmsan-gce
2018/05/18 03:53 https://github.com/google/kmsan.git master cd34f1881058 738d58ad .config console log report ci-upstream-kmsan-gce
2018/05/17 15:16 https://github.com/google/kmsan.git master 8a1c25bfc1f0 90c54c49 .config console log report ci-upstream-kmsan-gce
2018/05/17 08:54 https://github.com/google/kmsan.git master 314993d1ef28 a367c1d7 .config console log report ci-upstream-kmsan-gce
2018/05/17 05:06 https://github.com/google/kmsan.git master 314993d1ef28 a367c1d7 .config console log report ci-upstream-kmsan-gce
2018/05/16 16:33 https://github.com/google/kmsan.git master 9822946c7fee 75b2448a .config console log report ci-upstream-kmsan-gce
2018/05/16 16:31 https://github.com/google/kmsan.git master 9822946c7fee 75b2448a .config console log report ci-upstream-kmsan-gce
2018/05/16 13:52 https://github.com/google/kmsan.git master 9822946c7fee 75b2448a .config console log report ci-upstream-kmsan-gce
2018/05/16 06:00 https://github.com/google/kmsan.git master 06b2df0593a8 68ce85f1 .config console log report ci-upstream-kmsan-gce
2018/05/16 05:17 https://github.com/google/kmsan.git master 06b2df0593a8 68ce85f1 .config console log report ci-upstream-kmsan-gce
2018/05/16 05:15 https://github.com/google/kmsan.git master 06b2df0593a8 68ce85f1 .config console log report ci-upstream-kmsan-gce
2018/05/16 01:44 https://github.com/google/kmsan.git master 06b2df0593a8 68ce85f1 .config console log report ci-upstream-kmsan-gce
2018/05/13 21:33 https://github.com/google/kmsan.git master 9bad779decc0 c05b619d .config console log report ci-upstream-kmsan-gce
2018/05/13 01:05 https://github.com/google/kmsan.git master 74ee2200b89f e726f42b .config console log report ci-upstream-kmsan-gce
2018/05/11 17:49 https://github.com/google/kmsan.git master 74ee2200b89f 12c7428a .config console log report ci-upstream-kmsan-gce
2018/05/10 06:32 https://github.com/google/kmsan.git master 74ee2200b89f 12c7428a .config console log report ci-upstream-kmsan-gce
2018/05/09 16:53 https://github.com/google/kmsan.git master 74ee2200b89f 12c7428a .config console log report ci-upstream-kmsan-gce
2018/05/09 11:45 https://github.com/google/kmsan.git master 74ee2200b89f 12c7428a .config console log report ci-upstream-kmsan-gce
2018/05/04 16:53 https://github.com/google/kmsan.git master d2d741e5d189 9ce14f4b .config console log report ci-upstream-kmsan-gce
2018/04/30 17:04 https://github.com/google/kmsan.git master d2d741e5d189 06db3cec .config console log report ci-upstream-kmsan-gce
2018/04/28 10:49 https://github.com/google/kmsan.git master d2d741e5d189 d5a5d045 .config console log report ci-upstream-kmsan-gce
* Struck through repros no longer work on HEAD.