syzbot


kernel BUG in mld_newpack

Status: auto-obsoleted due to no activity on 2023/03/24 18:30
Reported-by: syzbot+0d233d4d5ec2576a169b@syzkaller.appspotmail.com
First crash: 520d, last: 520d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-10 kernel BUG in add_grec C error 83 753d 827d 2/2 fixed on 2022/03/29 10:01
android-54 kernel BUG at net/core/skbuff.c:LINE! C 267 339d 1559d 0/2 auto-obsoleted due to no activity on 2023/08/22 15:17
android-5-10 kernel BUG in add_grec (2) C error inconclusive 1039 513d 513d 2/2 fixed on 2023/02/24 12:10
android-5-10 kernel BUG in cdc_ncm_fill_tx_frame C error 40 845d 911d 1/2 fixed on 2021/12/29 12:20
upstream kernel BUG in mld_newpack net 1 552d 552d 22/26 fixed on 2023/02/24 13:50

Sample crash report:
skbuff: skb_over_panic: text:ffffffff845da952 len:56 put:8 head:ffff88810d8a3000 data:ffff88810d8a3050 tail:0x88 end:0x80 dev:syztnl0
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:113!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 26 Comm: kworker/1:0 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Workqueue: ipv6_addrconf addrconf_dad_work
RIP: 0010:skb_panic+0x14c/0x150 net/core/skbuff.c:113
Code: c7 a0 70 be 85 48 8b 75 c0 48 8b 55 b8 8b 4d d4 44 8b 45 d0 4c 8b 4d c8 31 c0 53 41 56 41 55 41 54 e8 03 fe dc 00 48 83 c4 20 <0f> 0b 66 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 78 4c
RSP: 0018:ffffc900001b7798 EFLAGS: 00010282
RAX: 0000000000000085 RBX: ffff8881069c6000 RCX: 931a63c8fd32ee00
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: ffffc900001b77e0 R08: ffffffff815838e9 R09: ffffed103ee265e8
R10: ffffed103ee265e8 R11: 1ffff1103ee265e7 R12: ffff88810d8a3050
R13: 0000000000000088 R14: 0000000000000080 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffbb012b058 CR3: 000000011fa95000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000002000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 skb_over_panic net/core/skbuff.c:118 [inline]
 skb_put+0x153/0x210 net/core/skbuff.c:2039
 mld_newpack+0x682/0xa00 net/ipv6/mcast.c:1770
 add_grhead net/ipv6/mcast.c:1851 [inline]
 add_grec+0xf56/0x13d0 net/ipv6/mcast.c:1989
 mld_send_initial_cr net/ipv6/mcast.c:2236 [inline]
 ipv6_mc_dad_complete+0x246/0x5f0 net/ipv6/mcast.c:2247
 addrconf_dad_completed+0x733/0xe20 net/ipv6/addrconf.c:4248
 addrconf_dad_work+0xd8f/0x1680
 process_one_work+0x6db/0xc00 kernel/workqueue.c:2313
 worker_thread+0xb3e/0x1340 kernel/workqueue.c:2460
 kthread+0x41c/0x500 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30
 </TASK>
Modules linked in:
---[ end trace 9e692b146247547c ]---
RIP: 0010:skb_panic+0x14c/0x150 net/core/skbuff.c:113
Code: c7 a0 70 be 85 48 8b 75 c0 48 8b 55 b8 8b 4d d4 44 8b 45 d0 4c 8b 4d c8 31 c0 53 41 56 41 55 41 54 e8 03 fe dc 00 48 83 c4 20 <0f> 0b 66 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 78 4c
RSP: 0018:ffffc900001b7798 EFLAGS: 00010282
RAX: 0000000000000085 RBX: ffff8881069c6000 RCX: 931a63c8fd32ee00
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: ffffc900001b77e0 R08: ffffffff815838e9 R09: ffffed103ee265e8
R10: ffffed103ee265e8 R11: 1ffff1103ee265e7 R12: ffff88810d8a3050
R13: 0000000000000088 R14: 0000000000000080 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffbb012b058 CR3: 00000001067df000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000002000 DR6: 00000000ffff0ff0 DR7: 0000000000000400

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/11/16 21:10 android13-5.15-lts 4ec71a9ec769 3a127a31 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in mld_newpack
* Struck through repros no longer work on HEAD.