syzbot


BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:LINE/tfrc_rx_hist_sample_rtt()

Status: upstream: reported C repro on 2017/11/05 09:05
Reported-by: syzbot+3ca02e1a9272a28e8959b32039154c5605164653@syzkaller.appspotmail.com
First crash: 1934d, last: 701d

Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: no output from test machine (log)
Repro: C syz .config

Fix bisection: failed (bisect log)
duplicates (5):
Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
BUG: please report to dccp@vger.kernel.org => prev = 2, last = 2 at net/dccp/ccids/lib/packet_history.c:LINE/tfrc_rx_his 1 1508d 1508d 0/24 closed as dup on 2019/02/27 00:42
BUG: please report to dccp@vger.kernel.org => prev = 10, last = 10 at net/dccp/ccids/lib/packet_history.c:LINE/tfrc_rx_h 1 1454d 1450d 0/24 closed as dup on 2019/02/27 00:42
BUG: please report to dccp@vger.kernel.org => prev = NUM, last = NUM at net/dccp/ccids/lib/packet_history.c:LINE/tfrc_rx C unreliable 38 3d05h 470d 0/24 closed as dup on 2021/08/30 08:50
BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:LINE/tfrc_rx_his C 7456 490d 1679d 0/24 closed as dup on 2018/05/09 05:39
BUG: please report to dccp@vger.kernel.org => prev = 5, last = 5 at net/dccp/ccids/lib/packet_history.c:LINE/tfrc_rx_his 2 527d 1519d 0/24 closed as dup on 2019/02/27 00:44
Patch testing requests:
Created Duration User Patch Repo Result
2022/12/09 23:31 0m retest repro mmots error
2022/12/09 23:31 2m retest repro linux-next error
2022/12/09 22:31 2m retest repro linux-next error
2022/12/09 22:31 0m retest repro mmots error
2022/12/09 21:31 0m retest repro mmots error
2022/12/09 21:31 2m retest repro linux-next error
2022/12/09 20:31 0m retest repro mmots error
2022/12/09 20:31 3m retest repro linux-next error
2022/12/09 19:31 2m retest repro linux-next error
2022/12/09 19:31 0m retest repro mmots error
2022/12/09 18:31 0m retest repro mmots error
2022/12/09 18:31 3m retest repro linux-next error
2022/12/09 17:31 2m retest repro linux-next error
2022/12/09 17:31 0m retest repro mmots error
2022/12/09 16:31 2m retest repro linux-next error
2022/12/09 16:31 0m retest repro mmots error
2022/12/09 15:31 2m retest repro linux-next error
2022/12/09 15:31 0m retest repro mmots error
2022/12/09 14:31 0m retest repro mmots error
2022/12/09 14:31 2m retest repro linux-next error
2022/12/09 13:31 0m retest repro mmots error
2022/12/09 13:31 3m retest repro linux-next error
2022/12/09 12:31 2m retest repro linux-next error
2022/12/09 12:31 0m retest repro mmots error
2022/12/09 11:31 0m retest repro mmots error
2022/12/09 11:31 2m retest repro linux-next error
2022/12/09 10:31 0m retest repro mmots error
2022/12/09 10:31 2m retest repro linux-next error
2022/12/09 09:31 0m retest repro mmots error
2022/12/09 09:31 2m retest repro linux-next error
2022/12/09 08:31 0m retest repro mmots error
2022/12/09 08:31 3m retest repro linux-next error
2022/12/09 07:31 3m retest repro linux-next error
2022/12/09 07:31 0m retest repro mmots error
2022/12/09 06:31 2m retest repro linux-next error
2022/12/09 06:31 0m retest repro mmots error
2022/12/09 05:31 0m retest repro mmots error
2022/12/09 05:31 2m retest repro linux-next error
2022/12/09 04:31 0m retest repro mmots error
2022/12/09 04:31 2m retest repro linux-next error
2022/12/09 03:31 3m retest repro linux-next error
2022/12/09 03:31 0m retest repro mmots error
2022/12/09 02:31 0m retest repro mmots error
2022/12/09 02:31 3m retest repro linux-next error
2022/12/09 01:31 2m retest repro linux-next error
2022/12/09 01:31 0m retest repro mmots error
2022/12/09 00:31 0m retest repro mmots error
2022/12/09 00:31 3m retest repro linux-next error
2022/12/08 23:31 0m retest repro mmots error
2022/12/08 23:31 2m retest repro linux-next error
2022/12/08 22:31 0m retest repro mmots error
2022/12/08 22:31 2m retest repro linux-next error
2022/12/08 21:31 0m retest repro mmots error
2022/12/08 21:31 3m retest repro linux-next error
2022/12/08 20:31 2m retest repro linux-next error
2022/12/08 20:31 0m retest repro mmots error
2022/12/08 19:31 0m retest repro mmots error
2022/12/08 19:31 2m retest repro linux-next error
2022/12/08 18:31 0m retest repro mmots error
2022/12/08 18:31 3m retest repro linux-next error
2022/12/08 17:31 2m retest repro linux-next error
2022/12/08 17:31 0m retest repro mmots error
2022/09/13 23:27 10m retest repro upstream error
2022/09/13 19:27 9m retest repro upstream error
2022/09/10 18:27 10m retest repro net-next error
2022/08/30 20:27 5m retest repro linux-next error
2022/08/30 20:27 0m retest repro mmots error
2022/08/30 19:27 0m retest repro mmots error
2022/08/30 19:27 5m retest repro linux-next error
2022/08/30 18:27 5m retest repro linux-next error
2022/08/30 18:27 0m retest repro mmots error
2022/08/30 17:27 0m retest repro mmots error
2022/08/30 17:27 5m retest repro linux-next error
2022/08/30 16:27 0m retest repro mmots error
2022/08/30 16:27 6m retest repro linux-next error
2022/12/10 00:31 retest repro linux-next pending
2022/12/10 00:31 retest repro mmots pending
2022/12/10 01:31 retest repro mmots pending
2022/12/10 01:31 retest repro linux-next pending

Sample crash report:
BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt()
CPU: 1 PID: 3930 Comm: syzkaller073310 Not tainted 4.15.0-rc8+ #267
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x194/0x257 lib/dump_stack.c:53
 tfrc_rx_hist_sample_rtt+0x407/0x4d0 net/dccp/ccids/lib/packet_history.c:422
 ccid3_hc_rx_packet_recv+0x696/0xeb3 net/dccp/ccids/ccid3.c:765
 ccid_hc_rx_packet_recv net/dccp/ccid.h:185 [inline]
 dccp_deliver_input_to_ccids+0xd9/0x250 net/dccp/input.c:180
 dccp_rcv_established+0x88/0xb0 net/dccp/input.c:378
 dccp_v4_do_rcv+0x135/0x160 net/dccp/ipv4.c:653
 sk_backlog_rcv include/net/sock.h:907 [inline]
 __sk_receive_skb+0x33e/0xc20 net/core/sock.c:511
 dccp_v4_rcv+0xf65/0x1c90 net/dccp/ipv4.c:874
 ip_local_deliver_finish+0x2f1/0xc50 net/ipv4/ip_input.c:216
 NF_HOOK include/linux/netfilter.h:250 [inline]
 ip_local_deliver+0x1ce/0x6e0 net/ipv4/ip_input.c:257
 dst_input include/net/dst.h:466 [inline]
 ip_rcv_finish+0x959/0x1e30 net/ipv4/ip_input.c:397
 NF_HOOK include/linux/netfilter.h:250 [inline]
 ip_rcv+0xc5a/0x1840 net/ipv4/ip_input.c:493
 __netif_receive_skb_core+0x1a41/0x3460 net/core/dev.c:4473
 __netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4538
 process_backlog+0x203/0x740 net/core/dev.c:5217
 napi_poll net/core/dev.c:5615 [inline]
 net_rx_action+0x792/0x1910 net/core/dev.c:5681
 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285
 do_softirq_own_stack+0x2a/0x40 arch/x86/entry/entry_64.S:1150
 </IRQ>
 do_softirq.part.19+0x14d/0x190 kernel/softirq.c:329
 do_softirq kernel/softirq.c:177 [inline]
 __local_bh_enable_ip+0x1ee/0x230 kernel/softirq.c:182
 local_bh_enable include/linux/bottom_half.h:32 [inline]
 rcu_read_unlock_bh include/linux/rcupdate.h:727 [inline]
 ip_finish_output2+0x96e/0x1560 net/ipv4/ip_output.c:231
 ip_finish_output+0x864/0xd10 net/ipv4/ip_output.c:317
 NF_HOOK_COND include/linux/netfilter.h:239 [inline]
 ip_output+0x1d2/0x860 net/ipv4/ip_output.c:405
 dst_output include/net/dst.h:460 [inline]
 ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124
 ip_queue_xmit+0x8c6/0x18e0 net/ipv4/ip_output.c:504
 dccp_transmit_skb+0x9ac/0x10f0 net/dccp/output.c:142
 dccp_xmit_packet+0x215/0x740 net/dccp/output.c:281
 dccp_write_xmit+0x17d/0x1d0 net/dccp/output.c:363
 dccp_sendmsg+0x6d0/0xa80 net/dccp/proto.c:808
 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:763
 sock_sendmsg_nosec net/socket.c:638 [inline]
 sock_sendmsg+0xca/0x110 net/socket.c:648
 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2028
 __sys_sendmsg+0xe5/0x210 net/socket.c:2062
 SYSC_sendmsg net/socket.c:2073 [inline]
 SyS_sendmsg+0x2d/0x50 net/socket.c:2069
 entry_SYSCALL_64_fastpath+0x29/0xa0
RIP: 0033:0x446469
RSP: 002b:00007f97bc44dda8 EFLAGS: 00000293 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000006dbc3c RCX: 0000000000446469
RDX: 0000000000000080 RSI: 00000000206c8000 RDI: 0000000000000005
RBP: 00000000006dbc38 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: f8e4cbe49e572d45
R13: 54c1b85d98aba1df R14: a6eaa24dbeb18c29 R15: 000000000000000c
net_ratelimit: 213 callbacks suppressed
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
net_ratelimit: 236 callbacks suppressed
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread
dccp_close: ABORT with 24 bytes unread

Crashes (281):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce 2018/01/18 09:52 upstream 1d966eb4d632 56cc113a .config log report syz C
ci-upstream-net-kasan-gce 2018/01/18 09:53 net-next 4f7d58517f46 56cc113a .config log report syz C
ci-upstream-mmots-kasan-gce 2018/01/18 09:52 mmots ce3c209f6733 56cc113a .config log report syz C
ci-upstream-next-kasan-gce 2018/01/18 09:33 linux-next a362f6d2cdbd 56cc113a .config log report syz C
ci-upstream-kasan-gce 2017/12/06 21:39 upstream e56d565d67ae 5d643f8e .config log report syz
ci-upstream-mmots-kasan-gce 2017/12/09 23:01 mmots 82bcf1def3b5 5ad0ce95 .config log report syz
ci-upstream-next-kasan-gce 2017/12/07 19:36 linux-next e40fd8d6b4d9 5d643f8e .config log report syz
ci-upstream-kasan-gce-root 2018/04/04 00:22 upstream f2d285669aae 676bd07e .config log report
ci-upstream-kasan-gce-root 2018/04/03 15:22 upstream 642e7fd23353 676bd07e .config log report
ci-upstream-kasan-gce 2018/03/03 09:25 upstream 0573fed92b67 2c6f473e .config log report
ci-upstream-kasan-gce-386 2018/01/27 09:47 upstream c4e0ca7fa241 1d18b112 .config log report
ci-upstream-net-kasan-gce 2018/04/13 06:16 net-next 17dec0a94915 eb2295de .config log report
ci-upstream-net-kasan-gce 2018/04/13 02:05 net-next 17dec0a94915 eb2295de .config log report
ci-upstream-net-kasan-gce 2018/04/11 13:55 net-next 17dec0a94915 8b8de427 .config log report
ci-upstream-net-kasan-gce 2018/04/11 07:52 net-next 17dec0a94915 8b8de427 .config log report
ci-upstream-net-kasan-gce 2018/04/11 02:20 net-next 17dec0a94915 8b8de427 .config log report
ci-upstream-net-kasan-gce 2018/04/10 20:14 net-next 17dec0a94915 8b8de427 .config log report
ci-upstream-net-kasan-gce 2018/04/10 07:01 net-next 17dec0a94915 b9f65507 .config log report
ci-upstream-net-kasan-gce 2018/04/09 13:36 net-next 17dec0a94915 f13fb445 .config log report
ci-upstream-net-kasan-gce 2018/04/09 04:38 net-next 17dec0a94915 77bd5117 .config log report
ci-upstream-net-kasan-gce 2018/04/08 23:06 net-next 17dec0a94915 77bd5117 .config log report
ci-upstream-net-kasan-gce 2018/04/08 16:28 net-next 17dec0a94915 77bd5117 .config log report
ci-upstream-net-kasan-gce 2018/04/08 01:40 net-next 17dec0a94915 66f22a7f .config log report
ci-upstream-net-kasan-gce 2018/04/05 11:54 net-next 17dec0a94915 5e1ccffc .config log report
ci-upstream-net-kasan-gce 2018/04/05 07:35 net-next 17dec0a94915 676bd07e .config log report
ci-upstream-net-kasan-gce 2018/04/04 22:02 net-next 17dec0a94915 676bd07e .config log report
ci-upstream-net-kasan-gce 2018/04/04 06:04 net-next 4608f064532c 676bd07e .config log report
ci-upstream-net-kasan-gce 2018/04/04 02:34 net-next 4608f064532c 676bd07e .config log report
ci-upstream-net-kasan-gce 2018/04/03 02:29 net-next 159f02977b2f 676bd07e .config log report
ci-upstream-net-kasan-gce 2018/04/02 14:38 net-next 28e9c1d530b4 dc889257 .config log report
ci-upstream-net-kasan-gce 2018/03/23 09:40 net-next 6686c459e144 2e9d9054 .config log report
ci-upstream-net-kasan-gce 2018/03/20 10:13 net-next c314c7ba4038 7e7d7ed2 .config log report
ci-upstream-net-kasan-gce 2018/03/17 23:18 net-next d7cb44496a9b 08dacaa0 .config log report
ci-upstream-net-kasan-gce 2018/03/15 01:10 net-next a870a02cc963 08dacaa0 .config log report
ci-upstream-net-kasan-gce 2018/03/14 08:55 net-next be9fc0971a5c 08dacaa0 .config log report
ci-upstream-net-kasan-gce 2018/03/10 20:45 net-next f44b1886a5f8 36d1c454 .config log report
ci-upstream-net-kasan-gce 2018/03/07 21:16 net-next 30855ffc29b9 a5e76540 .config log report
ci-upstream-net-kasan-gce 2018/02/28 01:55 net-next 3f5a68300a40 05b5a32c .config log report
ci-upstream-net-kasan-gce 2018/02/18 11:22 net-next 1ec010e70593 833f78c7 .config log report
ci-upstream-net-kasan-gce 2018/02/16 12:30 net-next 35ed663f5f4f c8b3f7c1 .config log report
ci-upstream-net-kasan-gce 2018/02/14 08:51 net-next 77079683617b 88bc17df .config log report
ci-upstream-net-kasan-gce 2018/02/11 11:12 net-next 9a61df9e5f74 4e9b726d .config log report
ci-upstream-net-kasan-gce 2018/02/11 05:45 net-next 9a61df9e5f74 4e9b726d .config log report
ci-upstream-net-kasan-gce 2018/02/11 04:19 net-next 9a61df9e5f74 4e9b726d .config log report
ci-upstream-net-kasan-gce 2018/02/11 01:05 net-next 9a61df9e5f74 4e9b726d .config log report
ci-upstream-net-kasan-gce 2018/02/09 22:46 net-next 617aebe6a97e 2b6b214c .config log report
ci-upstream-net-kasan-gce 2018/02/09 13:10 net-next 617aebe6a97e 9fb5ec43 .config log report
* Struck through repros no longer work on HEAD.