syzbot


WARNING in qrtr_tun_write_iter

Status: fixed on 2021/03/10 01:48
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+c2a7e5c5211605a90865@syzkaller.appspotmail.com
Fix commit: 2a80c1581237 net/qrtr: restrict user-controlled length in qrtr_tun_write_iter()
First crash: 1287d, last: 1252d
Cause bisection: failed (error log, bisect log)
  
Discussions (5)
Title Replies (including bot) Last reply
[PATCH 4.19 00/50] 4.19.177-rc1 review 56 (56) 2021/02/23 21:17
[PATCH] net/qrtr: restrict user-controlled length in qrtr_tun_write_iter() 9 (9) 2021/02/22 08:45
[PATCH 5.10 000/104] 5.10.17-rc1 review 121 (121) 2021/02/19 21:26
[PATCH 5.4 00/60] 5.4.99-rc1 review 65 (65) 2021/02/17 01:12
WARNING in qrtr_tun_write_iter 0 (1) 2021/01/10 03:48
Last patch testing requests (1)
Created Duration User Patch Repo Result
2021/02/02 09:06 15m snovitoll@gmail.com https://linux.googlesource.com/linux/kernel/git/torvalds/linux refs/changes/16/8016/1 OK

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 8469 at mm/page_alloc.c:4976 __alloc_pages_nodemask+0x5f8/0x730 mm/page_alloc.c:5011
Modules linked in:
CPU: 0 PID: 8469 Comm: syz-executor105 Not tainted 5.11.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__alloc_pages_nodemask+0x5f8/0x730 mm/page_alloc.c:4976
Code: 00 00 0c 00 0f 85 a7 00 00 00 8b 3c 24 4c 89 f2 44 89 e6 c6 44 24 70 00 48 89 6c 24 58 e8 d0 d7 ff ff 49 89 c5 e9 ea fc ff ff <0f> 0b e9 b5 fd ff ff 89 74 24 14 4c 89 4c 24 08 4c 89 74 24 18 e8
RSP: 0018:ffffc900013efb70 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 1ffff9200027df72 RCX: 0000000000000000
RDX: 0000000000000000 RSI: dffffc0000000000 RDI: 0000000000040dc0
RBP: 0000000000040dc0 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff81b1f7f1 R11: 0000000000000000 R12: 0000000000000012
R13: 0000000000000012 R14: 0000000000000000 R15: 0000000020000020
FS:  0000000002127880(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000000 CR3: 0000000027766000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 alloc_pages_current+0x18c/0x2a0 mm/mempolicy.c:2267
 alloc_pages include/linux/gfp.h:547 [inline]
 kmalloc_order+0x2e/0xb0 mm/slab_common.c:837
 kmalloc_order_trace+0x14/0x120 mm/slab_common.c:853
 kmalloc include/linux/slab.h:557 [inline]
 kzalloc include/linux/slab.h:682 [inline]
 qrtr_tun_write_iter+0x8a/0x180 net/qrtr/tun.c:83
 call_write_iter include/linux/fs.h:1901 [inline]
 new_sync_write+0x426/0x650 fs/read_write.c:518
 vfs_write+0x791/0xa30 fs/read_write.c:605
 ksys_write+0x12d/0x250 fs/read_write.c:658
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x440279
Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffc5f1b8358 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440279
RDX: 0000000020000020 RSI: 0000000020000000 RDI: 0000000000000003
RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a80
R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000

Crashes (57):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/01/06 10:29 upstream 6207214a70bf b1c228e1 .config console log report syz C ci-upstream-kasan-gce
2021/02/10 09:57 upstream e0756cfc7d7c 2bd9619f .config console log report info ci-upstream-kasan-gce-smack-root WARNING in qrtr_tun_write_iter
2021/02/09 03:39 upstream e0756cfc7d7c 2bd9619f .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/02/07 06:59 upstream 964d069f93c4 0655e081 .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/02/05 07:05 upstream 5c279c4cf206 23a562df .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/02/04 20:09 upstream 61556703b610 42b90a7c .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/02/03 16:55 upstream 3aaf0a27ffc2 624dad51 .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/02/03 12:45 upstream 3aaf0a27ffc2 624dad51 .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/02/03 10:03 upstream 3aaf0a27ffc2 624dad51 .config console log report info ci-upstream-kasan-gce-smack-root WARNING in qrtr_tun_write_iter
2021/01/31 20:44 upstream 6642d600b541 fc9fd31e .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/01/30 21:24 upstream 0e9bcda5d286 fc9fd31e .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/01/28 14:04 upstream 76c057c84d28 eefc07f2 .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/01/28 10:47 upstream 76c057c84d28 eefc07f2 .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/01/24 10:33 upstream e1ae4b0be158 52e37319 .config console log report info ci-upstream-kasan-gce-smack-root WARNING in qrtr_tun_write_iter
2021/01/23 04:59 upstream 83d09ad4b950 4080af96 .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/01/22 17:07 upstream 9f29bd8b2e71 d4f4eca5 .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/01/22 11:19 upstream 9f29bd8b2e71 d4f4eca5 .config console log report info ci-upstream-kasan-gce-smack-root WARNING in qrtr_tun_write_iter
2021/01/21 18:48 upstream 9791581c049c d4f4eca5 .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/01/20 21:38 upstream 45dfb8a5659a d4f4eca5 .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/01/20 04:00 upstream 1e2a199f6ccd 63631df1 .config console log report info ci-upstream-kasan-gce-smack-root WARNING in qrtr_tun_write_iter
2021/01/20 01:46 upstream 1e2a199f6ccd 63631df1 .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/01/19 15:48 upstream 1e2a199f6ccd 63631df1 .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/01/19 15:31 upstream 1e2a199f6ccd 63631df1 .config console log report info ci-upstream-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/01/17 20:11 upstream 0da0a8a0a0e1 813be542 .config console log report info ci-upstream-kasan-gce WARNING in qrtr_tun_write_iter
2021/01/23 05:56 upstream 83d09ad4b950 4080af96 .config console log report info ci-upstream-kasan-gce-386 WARNING in qrtr_tun_write_iter
2021/02/04 07:22 linux-next 58b6c0e507b7 624dad51 .config console log report info ci-upstream-linux-next-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/01/27 03:47 linux-next bc085f8fc88f 55a7d4df .config console log report info ci-upstream-linux-next-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/01/25 10:45 linux-next bc085f8fc88f 52e37319 .config console log report info ci-upstream-linux-next-kasan-gce-root WARNING in qrtr_tun_write_iter
2021/01/16 22:58 upstream 1d94330a437a 65a7a854 .config console log report info ci-upstream-kasan-gce-smack-root
2021/01/16 05:57 upstream 5ee88057889b 65a7a854 .config console log report info ci-upstream-kasan-gce-root
2021/01/16 05:49 upstream 5ee88057889b 65a7a854 .config console log report info ci-upstream-kasan-gce
2021/01/16 05:47 upstream f4e087c666f5 65a7a854 .config console log report info ci-upstream-kasan-gce-smack-root
2021/01/16 05:20 upstream 5ee88057889b 65a7a854 .config console log report info ci-upstream-kasan-gce-root
2021/01/15 11:29 upstream 146620506274 65a7a854 .config console log report info ci-upstream-kasan-gce
2021/01/15 00:03 upstream 65f0d2414b70 65a7a854 .config console log report info ci-upstream-kasan-gce
2021/01/14 14:27 upstream 65f0d2414b70 269d24e8 .config console log report info ci-upstream-kasan-gce
2021/01/14 10:34 upstream 65f0d2414b70 269d24e8 .config console log report info ci-upstream-kasan-gce-smack-root
2021/01/14 10:34 upstream 65f0d2414b70 269d24e8 .config console log report info ci-upstream-kasan-gce-root
2021/01/14 10:32 upstream 65f0d2414b70 269d24e8 .config console log report info ci-upstream-kasan-gce
2021/01/13 08:38 upstream e609571b5ffa 0cdd6185 .config console log report info ci-upstream-kasan-gce-root
2021/01/12 04:09 upstream a0d54b4f5b21 2c1f2513 .config console log report info ci-upstream-kasan-gce
2021/01/11 07:57 upstream 0653161f0fac 2c1f2513 .config console log report info ci-upstream-kasan-gce
2021/01/09 09:08 upstream 6279d812eab6 c104d4a3 .config console log report info ci-upstream-kasan-gce
2021/01/08 17:45 upstream f5e6c330254a c104d4a3 .config console log report info ci-upstream-kasan-gce
2021/01/07 13:41 upstream 71c061d24438 c104d4a3 .config console log report info ci-upstream-kasan-gce
2021/01/06 10:14 upstream 6207214a70bf b1c228e1 .config console log report info ci-upstream-kasan-gce
2021/01/06 03:41 upstream 6207214a70bf b1c228e1 .config console log report info ci-upstream-kasan-gce
2021/01/16 06:13 upstream 5ee88057889b 65a7a854 .config console log report info ci-upstream-kasan-gce-386
2021/01/14 10:39 upstream 65f0d2414b70 269d24e8 .config console log report info ci-upstream-kasan-gce-386
2021/01/14 13:50 linux-next 9152a993930d 269d24e8 .config console log report info ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.