syzbot


general protection fault in rdma_listen

Status: closed as dup on 2018/03/22 15:25
Subsystems: rdma
[Documentation on labels]
Reported-by: syzbot+6e81476d2dff22e77c18@syzkaller.appspotmail.com
First crash: 2411d, last: 2398d
Duplicate of
Title Repro Cause bisect Fix bisect Count Last Reported
KASAN: null-ptr-deref Write in rdma_resolve_addr rdma C 66 2398d 2409d
Discussions (1)
Title Replies (including bot) Last reply
general protection fault in rdma_listen 1 (2) 2018/03/22 15:24
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 general protection fault in rdma_listen (2) 7 1644d 1664d 0/1 auto-closed as invalid on 2020/08/11 01:18
upstream general protection fault in rdma_listen (2) rdma syz done 104 1655d 2166d 15/28 fixed on 2020/05/10 10:41
linux-4.19 general protection fault in rdma_listen 1 1945d 1945d 0/1 auto-closed as invalid on 2019/10/25 08:41
linux-4.14 BUG: corrupted list in rdma_listen (2) C error 21 775d 1535d 0/1 upstream: reported C repro on 2020/07/30 18:22
linux-4.14 general protection fault in rdma_listen 7 1597d 1684d 0/1 auto-closed as invalid on 2020/09/26 15:09

Sample crash report:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 1 PID: 14066 Comm: syzkaller516130 Not tainted 4.16.0-rc5+ #351
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:rdma_listen+0x72/0x8e0 drivers/infiniband/core/cma.c:3300
RSP: 0018:ffff8801b44af998 EFLAGS: 00010207
RAX: 0000000000000042 RBX: 0000000000000000 RCX: ffffffff841d94c4
RDX: 0000000000000000 RSI: 0000000000000400 RDI: 0000000000000214
RBP: ffff8801b44afa30 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff886133c0 R11: 0000000000000000 R12: 1ffff10036895f35
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000400
FS:  00007f527b618700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc74dacf48 CR3: 00000001ad4ef001 CR4: 00000000001606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 ucma_listen+0x172/0x1f0 drivers/infiniband/core/ucma.c:1064
 ucma_write+0x2d6/0x3d0 drivers/infiniband/core/ucma.c:1633
 __vfs_write+0xef/0x970 fs/read_write.c:480
 vfs_write+0x189/0x510 fs/read_write.c:544
 SYSC_write fs/read_write.c:589 [inline]
 SyS_write+0xef/0x220 fs/read_write.c:581
 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x4495e9
RSP: 002b:00007f527b617ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00000000006e5a1c RCX: 00000000004495e9
RDX: 0000000000000008 RSI: 00000000200001c0 RDI: 0000000000000008
RBP: 00000000006e5a18 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc74dace0f R14: 00007f527b6189c0 R15: 0000000000000007
Code: 60 94 1d 84 c7 00 f1 f1 f1 f1 c7 40 04 00 f2 f2 f2 c7 40 08 f3 f3 f3 f3 e8 dc 82 53 fd 48 8d bb 14 02 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 14 28 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 
RIP: rdma_listen+0x72/0x8e0 drivers/infiniband/core/cma.c:3300 RSP: ffff8801b44af998
---[ end trace b020ea744b81dec4 ]---
Kernel panic - not syncing: Fatal exception
Dumping ftrace buffer:
   (ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (36):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/03/12 12:36 upstream 0c8efd610b58 f505ca4b .config console log report syz C ci-upstream-kasan-gce
2018/03/10 10:47 upstream cdb06e9d8f52 36d1c454 .config console log report syz C ci-upstream-kasan-gce
2018/03/08 05:16 upstream 851710a80961 d50edb7e .config console log report syz C ci-upstream-kasan-gce
2018/03/08 03:09 upstream 851710a80961 d50edb7e .config console log report syz ci-upstream-kasan-gce-386
2018/03/07 23:32 upstream 86f84779d8e9 a5e76540 .config console log report syz ci-upstream-kasan-gce-386
2018/03/20 12:23 upstream 1b5f3ba415fe 72c33b66 .config console log report ci-upstream-kasan-gce
2018/03/20 06:45 upstream 1b5f3ba415fe 7e7d7ed2 .config console log report ci-upstream-kasan-gce
2018/03/20 04:41 upstream 1b5f3ba415fe 7e7d7ed2 .config console log report ci-upstream-kasan-gce
2018/03/20 03:43 upstream 1b5f3ba415fe 7e7d7ed2 .config console log report ci-upstream-kasan-gce
2018/03/20 01:41 upstream 1b5f3ba415fe 7e7d7ed2 .config console log report ci-upstream-kasan-gce
2018/03/20 00:50 upstream 1b5f3ba415fe 7e7d7ed2 .config console log report ci-upstream-kasan-gce
2018/03/18 13:15 upstream 8f5fd927c3a7 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/18 03:34 upstream 8f5fd927c3a7 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/17 09:03 upstream 8f5fd927c3a7 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/16 07:28 upstream e2c15aff5f35 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/15 22:19 upstream e2c15aff5f35 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/15 19:20 upstream 0aa3fdb8b3a6 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/15 07:09 upstream 3032f8c504d2 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/15 03:06 upstream 3032f8c504d2 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/13 23:51 upstream fc6eabbbf8ef 08dacaa0 .config console log report ci-upstream-kasan-gce
2018/03/12 07:16 upstream abeb75218aeb 36d1c454 .config console log report ci-upstream-kasan-gce
2018/03/12 04:55 upstream abeb75218aeb 36d1c454 .config console log report ci-upstream-kasan-gce
2018/03/11 03:48 upstream 3266b5bd97ea 36d1c454 .config console log report ci-upstream-kasan-gce
2018/03/10 11:58 upstream cdb06e9d8f52 36d1c454 .config console log report ci-upstream-kasan-gce
2018/03/09 20:29 upstream 719ea86151f3 36d1c454 .config console log report ci-upstream-kasan-gce
2018/03/09 19:09 upstream 719ea86151f3 36d1c454 .config console log report ci-upstream-kasan-gce
2018/03/09 13:11 upstream 1b88accf6a65 36d1c454 .config console log report ci-upstream-kasan-gce
2018/03/09 09:06 upstream 1b88accf6a65 36d1c454 .config console log report ci-upstream-kasan-gce
2018/03/08 19:45 upstream 1b88accf6a65 acd0caa5 .config console log report ci-upstream-kasan-gce
2018/03/08 00:44 upstream 86f84779d8e9 a5e76540 .config console log report ci-upstream-kasan-gce
2018/03/07 22:01 upstream 86f84779d8e9 a5e76540 .config console log report ci-upstream-kasan-gce
2018/03/15 00:29 upstream 3032f8c504d2 08dacaa0 .config console log report ci-upstream-kasan-gce-386
2018/03/14 07:56 upstream fc6eabbbf8ef 08dacaa0 .config console log report ci-upstream-kasan-gce-386
2018/03/10 11:34 upstream cdb06e9d8f52 36d1c454 .config console log report ci-upstream-kasan-gce-386
2018/03/08 05:20 upstream 851710a80961 d50edb7e .config console log report ci-upstream-kasan-gce-386
2018/03/08 02:55 upstream 851710a80961 d50edb7e .config console log report ci-upstream-kasan-gce-386
* Struck through repros no longer work on HEAD.