syzbot

 sign-in | mailing list | source | docs
🐞 Open [106]
🐞 Fixed [70]
🐞 Invalid [176]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit

Status: closed as invalid on 2021/12/13 09:57
Reported-by: syzbot+fb62905520c895c88dec@syzkaller.appspotmail.com
First crash: 1115d, last: 1088d

Sample crash report:
================================================================================
UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2023:28
member access within address ffffc900000571c0 with insufficient space
for an object of type 'struct sk_buff'
CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.10.82-syzkaller-00155-g8d21bcc704ea #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: ipv6_addrconf addrconf_dad_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack_lvl+0x1e2/0x24b lib/dump_stack.c:118
 dump_stack+0x15/0x1d lib/dump_stack.c:135
 ubsan_epilogue lib/ubsan.c:148 [inline]
 handle_object_size_mismatch lib/ubsan.c:229 [inline]
 ubsan_type_mismatch_common+0x1ed/0x3a0 lib/ubsan.c:242
 __ubsan_handle_type_mismatch_v1+0x5b/0x70 lib/ubsan.c:271
 __skb_queue_before include/linux/skbuff.h:2023 [inline]
 __skb_queue_tail include/linux/skbuff.h:2056 [inline]
 wg_xmit+0x4a2/0xae0 drivers/net/wireguard/device.c:182
 __netdev_start_xmit include/linux/netdevice.h:4823 [inline]
 netdev_start_xmit+0x8a/0x160 include/linux/netdevice.h:4837
 xmit_one net/core/dev.c:3589 [inline]
 dev_hard_start_xmit+0x18d/0x2f0 net/core/dev.c:3605
 __dev_queue_xmit+0xfbe/0x1bb0 net/core/dev.c:4168
 dev_queue_xmit+0x17/0x20 net/core/dev.c:4201
 neigh_connected_output+0x288/0x2b0 net/core/neighbour.c:1532
 neigh_output include/net/neighbour.h:524 [inline]
 ip6_finish_output2+0xde2/0x1440 net/ipv6/ip6_output.c:145
 __ip6_finish_output+0x3e4/0x520 net/ipv6/ip6_output.c:210
 ip6_finish_output+0x3f/0x220 net/ipv6/ip6_output.c:220
 NF_HOOK_COND include/linux/netfilter.h:293 [inline]
 ip6_output+0x1f8/0x4b0 net/ipv6/ip6_output.c:243
 dst_output include/net/dst.h:443 [inline]
 NF_HOOK+0xdd/0x280 include/linux/netfilter.h:304
 ndisc_send_skb+0x646/0x9f0 net/ipv6/ndisc.c:508
 ndisc_send_rs+0x26c/0x360 net/ipv6/ndisc.c:702
 addrconf_dad_completed+0x4f3/0x9f0 net/ipv6/addrconf.c:4224
 addrconf_dad_work+0x9c1/0x1520 net/ipv6/addrconf.c:3989
 process_one_work+0x3ca/0x660 kernel/workqueue.c:2289
 worker_thread+0x709/0xa20 kernel/workqueue.c:2435
 kthread+0x371/0x390 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
================================================================================
================================================================================
UBSAN: object-size-mismatch in ./include/linux/skbuff.h:1916:2
member access within address ffffc900000571c0 with insufficient space
for an object of type 'struct sk_buff'
CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.10.82-syzkaller-00155-g8d21bcc704ea #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: ipv6_addrconf addrconf_dad_work
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack_lvl+0x1e2/0x24b lib/dump_stack.c:118
 dump_stack+0x15/0x1d lib/dump_stack.c:135
 ubsan_epilogue lib/ubsan.c:148 [inline]
 handle_object_size_mismatch lib/ubsan.c:229 [inline]
 ubsan_type_mismatch_common+0x1ed/0x3a0 lib/ubsan.c:242
 __ubsan_handle_type_mismatch_v1+0x5b/0x70 lib/ubsan.c:271
 __skb_insert include/linux/skbuff.h:1916 [inline]
 __skb_queue_before include/linux/skbuff.h:2023 [inline]
 __skb_queue_tail include/linux/skbuff.h:2056 [inline]
 wg_xmit+0x513/0xae0 drivers/net/wireguard/device.c:182
 __netdev_start_xmit include/linux/netdevice.h:4823 [inline]
 netdev_start_xmit+0x8a/0x160 include/linux/netdevice.h:4837
 xmit_one net/core/dev.c:3589 [inline]
 dev_hard_start_xmit+0x18d/0x2f0 net/core/dev.c:3605
 __dev_queue_xmit+0xfbe/0x1bb0 net/core/dev.c:4168
 dev_queue_xmit+0x17/0x20 net/core/dev.c:4201
 neigh_connected_output+0x288/0x2b0 net/core/neighbour.c:1532
 neigh_output include/net/neighbour.h:524 [inline]
 ip6_finish_output2+0xde2/0x1440 net/ipv6/ip6_output.c:145
 __ip6_finish_output+0x3e4/0x520 net/ipv6/ip6_output.c:210
 ip6_finish_output+0x3f/0x220 net/ipv6/ip6_output.c:220
 NF_HOOK_COND include/linux/netfilter.h:293 [inline]
 ip6_output+0x1f8/0x4b0 net/ipv6/ip6_output.c:243
 dst_output include/net/dst.h:443 [inline]
 NF_HOOK+0xdd/0x280 include/linux/netfilter.h:304
 ndisc_send_skb+0x646/0x9f0 net/ipv6/ndisc.c:508
 ndisc_send_rs+0x26c/0x360 net/ipv6/ndisc.c:702
 addrconf_dad_completed+0x4f3/0x9f0 net/ipv6/addrconf.c:4224
 addrconf_dad_work+0x9c1/0x1520 net/ipv6/addrconf.c:3989
 process_one_work+0x3ca/0x660 kernel/workqueue.c:2289
 worker_thread+0x709/0xa20 kernel/workqueue.c:2435
 kthread+0x371/0x390 kernel/kthread.c:313
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
================================================================================

Crashes (69):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/12/01 07:32 android12-5.10-lts 8d21bcc704ea 5fa3eacc .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/30 10:56 android12-5.10-lts 8d21bcc704ea 80270552 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/29 16:53 android12-5.10-lts 8d21bcc704ea d0830353 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/29 14:33 android12-5.10-lts 4b644356291a d0830353 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/25 17:38 android12-5.10-lts 4b644356291a 63eeac02 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/22 13:04 android12-5.10-lts 4b644356291a 545ab074 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/22 10:04 android12-5.10-lts 4b644356291a 4eb20a4e .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/20 02:17 android12-5.10-lts 971945b72224 4eb20a4e .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/19 20:34 android12-5.10-lts 971945b72224 3a9d0024 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/19 14:14 android12-5.10-lts 706ebf15a1f9 3a9d0024 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/19 14:14 android12-5.10-lts 706ebf15a1f9 3a9d0024 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/19 11:01 android12-5.10-lts 706ebf15a1f9 31a30fc0 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/19 11:01 android12-5.10-lts 706ebf15a1f9 31a30fc0 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/19 11:01 android12-5.10-lts 706ebf15a1f9 31a30fc0 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/18 14:01 android12-5.10-lts 87acf4924e1b 31a30fc0 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/18 14:01 android12-5.10-lts 87acf4924e1b 31a30fc0 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/18 14:01 android12-5.10-lts 87acf4924e1b 31a30fc0 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/16 22:07 android12-5.10-lts 87acf4924e1b cafff8b6 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/16 22:07 android12-5.10-lts 87acf4924e1b cafff8b6 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/16 22:07 android12-5.10-lts 87acf4924e1b cafff8b6 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/16 10:04 android12-5.10-lts 87acf4924e1b 600426bd .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/16 10:04 android12-5.10-lts 87acf4924e1b 600426bd .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/16 10:04 android12-5.10-lts 87acf4924e1b 600426bd .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/13 15:35 android12-5.10-lts 87acf4924e1b 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/13 15:35 android12-5.10-lts 87acf4924e1b 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/13 15:35 android12-5.10-lts 87acf4924e1b 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/11 12:36 android12-5.10-lts be686d451ef9 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/11 12:36 android12-5.10-lts be686d451ef9 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/11 12:36 android12-5.10-lts be686d451ef9 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/10 12:34 android12-5.10-lts bb235e8cc2b6 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/10 12:34 android12-5.10-lts bb235e8cc2b6 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/10 12:34 android12-5.10-lts bb235e8cc2b6 75b04091 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/10 00:32 android12-5.10-lts bb235e8cc2b6 55fa030c .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/10 00:32 android12-5.10-lts bb235e8cc2b6 55fa030c .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/10 00:32 android12-5.10-lts bb235e8cc2b6 55fa030c .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/09 12:55 android12-5.10-lts bb235e8cc2b6 59bcaf9a .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/09 12:55 android12-5.10-lts bb235e8cc2b6 59bcaf9a .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/09 12:55 android12-5.10-lts bb235e8cc2b6 59bcaf9a .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 23:35 android12-5.10-lts bb235e8cc2b6 8ab17e57 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 23:35 android12-5.10-lts bb235e8cc2b6 8ab17e57 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 23:35 android12-5.10-lts bb235e8cc2b6 8ab17e57 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 11:29 android12-5.10-lts bb235e8cc2b6 d29682f1 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 11:29 android12-5.10-lts bb235e8cc2b6 d29682f1 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 11:29 android12-5.10-lts bb235e8cc2b6 d29682f1 .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 09:11 android12-5.10-lts bb235e8cc2b6 4c1be0be .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 09:11 android12-5.10-lts bb235e8cc2b6 4c1be0be .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/08 09:11 android12-5.10-lts bb235e8cc2b6 4c1be0be .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/04 22:50 android12-5.10-lts a7c8ce846007 4c1be0be .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/04 22:50 android12-5.10-lts a7c8ce846007 4c1be0be .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
2021/11/04 22:50 android12-5.10-lts a7c8ce846007 4c1be0be .config console log report ci2-android-5-10 android12-5.10-lts test error: UBSAN: object-size-mismatch in wg_xmit
* Struck through repros no longer work on HEAD.