syzbot

 sign-in | mailing list | source | docs
🐞 Open [1621]
Subsystems
🐞 Fixed [6275]
🐞 Invalid [15945]
Missing Backports [189]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: user-memory-access Write in tipc_crypto_stop

Status: moderation: reported on 2025/06/05 00:52
Subsystems: tipc
[Documentation on labels]
Reported-by: syzbot+d387b6f2fcaa15964a70@syzkaller.appspotmail.com
First crash: 8d02h, last: 8d02h

Sample crash report:
==================================================================
BUG: KASAN: user-memory-access in instrument_atomic_read_write include/linux/instrumented.h:96 [inline]
BUG: KASAN: user-memory-access in atomic_fetch_sub_release include/linux/atomic/atomic-instrumented.h:400 [inline]
BUG: KASAN: user-memory-access in __refcount_sub_and_test include/linux/refcount.h:389 [inline]
BUG: KASAN: user-memory-access in __refcount_dec_and_test include/linux/refcount.h:432 [inline]
BUG: KASAN: user-memory-access in refcount_dec_and_test include/linux/refcount.h:450 [inline]
BUG: KASAN: user-memory-access in tipc_aead_put net/tipc/crypto.c:398 [inline]
BUG: KASAN: user-memory-access in tipc_crypto_stop+0x1fb/0x430 net/tipc/crypto.c:1536
Write of size 4 at addr 00000000ffff00c0 by task kworker/u8:0/12

CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: netns cleanup_net
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 kasan_report+0x118/0x150 mm/kasan/report.c:634
 check_region_inline mm/kasan/generic.c:-1 [inline]
 kasan_check_range+0x2b0/0x2c0 mm/kasan/generic.c:189
 instrument_atomic_read_write include/linux/instrumented.h:96 [inline]
 atomic_fetch_sub_release include/linux/atomic/atomic-instrumented.h:400 [inline]
 __refcount_sub_and_test include/linux/refcount.h:389 [inline]
 __refcount_dec_and_test include/linux/refcount.h:432 [inline]
 refcount_dec_and_test include/linux/refcount.h:450 [inline]
 tipc_aead_put net/tipc/crypto.c:398 [inline]
 tipc_crypto_stop+0x1fb/0x430 net/tipc/crypto.c:1536
 tipc_exit_net+0x7b/0x140 net/tipc/core.c:119
 ops_exit_list net/core/net_namespace.c:200 [inline]
 ops_undo_list+0x49a/0x990 net/core/net_namespace.c:253
 cleanup_net+0x4c5/0x8a0 net/core/net_namespace.c:686
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/06/01 00:48 upstream 0f70f5b08a47 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: user-memory-access Write in tipc_crypto_stop
* Struck through repros no longer work on HEAD.