syzbot


general protection fault in hsr_netdev_notify (2)

Status: upstream: reported C repro on 2020/09/19 09:45
Reported-by: syzbot+8bb157b3b4a040dacf6b@syzkaller.appspotmail.com
First crash: 1304d, last: 595d
Fix bisection: failed (error log, bisect log)
  
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 general protection fault in hsr_netdev_notify 9 1431d 1552d 0/1 auto-closed as invalid on 2020/09/12 21:35
linux-4.19 general protection fault in hsr_netdev_notify C error 95 585d 1543d 0/1 upstream: reported C repro on 2020/01/24 10:32
Last patch testing requests (1)
Created Duration User Patch Repo Result
2023/03/05 08:32 0m retest repro linux-4.14.y error OK
Fix bisection attempts (18)
Created Duration User Patch Repo Result
2022/10/13 02:11 0m bisect fix linux-4.14.y error job log (0)
2022/08/29 23:48 32m bisect fix linux-4.14.y job log (0) log
2022/07/28 07:17 22m bisect fix linux-4.14.y job log (0) log
2022/06/28 06:54 21m bisect fix linux-4.14.y job log (0) log
2022/05/28 18:08 21m bisect fix linux-4.14.y job log (0) log
2022/04/28 17:47 21m bisect fix linux-4.14.y job log (0) log
2022/03/29 17:19 27m bisect fix linux-4.14.y job log (0) log
2022/02/25 22:30 28m bisect fix linux-4.14.y job log (0) log
2022/01/26 21:50 27m bisect fix linux-4.14.y job log (0) log
2021/12/27 21:28 21m bisect fix linux-4.14.y job log (0) log
2021/11/27 21:05 23m bisect fix linux-4.14.y job log (0) log
2021/10/28 20:42 22m bisect fix linux-4.14.y job log (0) log
2021/09/25 13:39 27m bisect fix linux-4.14.y job log (0) log
2021/08/26 12:41 25m bisect fix linux-4.14.y job log (0) log
2021/07/27 12:18 23m bisect fix linux-4.14.y job log (0) log
2021/06/27 11:51 27m bisect fix linux-4.14.y job log (0) log
2021/05/28 11:23 27m bisect fix linux-4.14.y job log (0) log
2021/04/28 10:54 28m bisect fix linux-4.14.y job log (0) log

Sample crash report:
bond0 (unregistering): Releasing backup interface bond_slave_1
device bond_slave_1 left promiscuous mode
bond0 (unregistering): Releasing backup interface bond_slave_0
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 46 Comm: kworker/u4:2 Not tainted 4.14.218-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: netns cleanup_net
task: ffff8880b574a4c0 task.stack: ffff8880b5750000
RIP: 0010:hsr_netdev_notify+0x2e1/0x8b0 syzkaller/managers/linux-4-14/kernel/net/hsr/hsr_main.c:65
RSP: 0018:ffff8880b57576f0 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: ffff888099a90000 RCX: 0000000000000001
RDX: 0000000000000002 RSI: 00000000ffffffff RDI: ffff8880a2583020
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
R10: 0000000000000000 R11: ffff8880b574a4c0 R12: ffff8880921c5010
R13: ffff8880921c5000 R14: 0000000000000001 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffcf9d54fe8 CR3: 00000000b025d000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 notifier_call_chain+0x108/0x1a0 syzkaller/managers/linux-4-14/kernel/kernel/notifier.c:93
 call_netdevice_notifiers_info syzkaller/managers/linux-4-14/kernel/net/core/dev.c:1667 [inline]
 call_netdevice_notifiers+0x79/0xa0 syzkaller/managers/linux-4-14/kernel/net/core/dev.c:1683
 __bond_release_one+0x1007/0x14c0 syzkaller/managers/linux-4-14/kernel/drivers/net/bonding/bond_main.c:1963
 bond_slave_netdev_event syzkaller/managers/linux-4-14/kernel/drivers/net/bonding/bond_main.c:3134 [inline]
 bond_netdev_event+0x9ee/0xbd0 syzkaller/managers/linux-4-14/kernel/drivers/net/bonding/bond_main.c:3232
 notifier_call_chain+0x108/0x1a0 syzkaller/managers/linux-4-14/kernel/kernel/notifier.c:93
 call_netdevice_notifiers_info syzkaller/managers/linux-4-14/kernel/net/core/dev.c:1667 [inline]
 call_netdevice_notifiers syzkaller/managers/linux-4-14/kernel/net/core/dev.c:1683 [inline]
 rollback_registered_many+0x765/0xba0 syzkaller/managers/linux-4-14/kernel/net/core/dev.c:7203
 unregister_netdevice_many.part.0+0x18/0x2e0 syzkaller/managers/linux-4-14/kernel/net/core/dev.c:8285
 unregister_netdevice_many syzkaller/managers/linux-4-14/kernel/net/core/dev.c:8284 [inline]
 default_device_exit_batch+0x2d8/0x380 syzkaller/managers/linux-4-14/kernel/net/core/dev.c:8746
 ops_exit_list+0xf9/0x150 syzkaller/managers/linux-4-14/kernel/net/core/net_namespace.c:145
 cleanup_net+0x3b3/0x840 syzkaller/managers/linux-4-14/kernel/net/core/net_namespace.c:484
 process_one_work+0x793/0x14a0 syzkaller/managers/linux-4-14/kernel/kernel/workqueue.c:2116
 worker_thread+0x5cc/0xff0 syzkaller/managers/linux-4-14/kernel/kernel/workqueue.c:2250
 kthread+0x30d/0x420 syzkaller/managers/linux-4-14/kernel/kernel/kthread.c:232
 ret_from_fork+0x24/0x30 syzkaller/managers/linux-4-14/kernel/arch/x86/entry/entry_64.S:404
Code: 03 0f 8e d9 04 00 00 83 7d 20 04 75 b5 e8 38 24 5d fa 48 8d 45 10 48 89 c2 48 89 04 24 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 68 05 00 00 48 b8 00 00 00 00 00 fc ff df 4c 
RIP: hsr_netdev_notify+0x2e1/0x8b0 syzkaller/managers/linux-4-14/kernel/net/hsr/hsr_main.c:65 RSP: ffff8880b57576f0
---[ end trace 8ac9bea838b4fe83 ]---

Crashes (7):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/02/15 05:37 linux-4.14.y 2c8a3fceddf0 98682e5e .config console log report syz C ci2-linux-4-14 general protection fault in hsr_netdev_notify
2021/03/29 10:54 linux-4.14.y 670d6552eda8 a8529b82 .config console log report info ci2-linux-4-14 general protection fault in hsr_netdev_notify
2021/03/01 14:49 linux-4.14.y 3242aa3a635c 4c37c133 .config console log report info ci2-linux-4-14 general protection fault in hsr_netdev_notify
2021/02/23 16:30 linux-4.14.y 3242aa3a635c fcc6d71b .config console log report info ci2-linux-4-14 general protection fault in hsr_netdev_notify
2021/01/23 17:05 linux-4.14.y 2d2791fce891 52e37319 .config console log report info ci2-linux-4-14 general protection fault in hsr_netdev_notify
2020/11/09 15:54 linux-4.14.y 6b6446efedb2 cba33199 .config console log report info ci2-linux-4-14
2020/09/19 09:45 linux-4.14.y cbfa1702aaf6 53ce8104 .config console log report info ci2-linux-4-14
* Struck through repros no longer work on HEAD.