syzbot


KASAN: use-after-free Read in dump_schedule
Status: fixed on 2021/03/10 01:48
Reported-by: syzbot+621fd33c0b53d15ee8de@syzkaller.appspotmail.com
Fix commit: cc00bcaa5899 netfilter: x_tables: Switch synchronization to RCU
First crash: 379d, last: 268d

Cause bisection: introduced by (bisect log) :
commit 7b9eba7ba0c1b24df42b70b62d154b284befbccf
Author: Leandro Dorileo <leandro.maciel.dorileo@intel.com>
Date: Mon Apr 8 17:12:17 2019 +0000

  net/sched: taprio: fix picos_per_byte miscalculation

Crash: WARNING in taprio_dequeue (log)
Repro: C syz .config

Fix bisection: fixed by (bisect log) :
commit cc00bcaa589914096edef7fb87ca5cee4a166b5c
Author: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Date: Wed Nov 25 18:27:22 2020 +0000

  netfilter: x_tables: Switch synchronization to RCU

similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: use-after-free Read in dump_schedule (2) syz done 5 10d 116d 0/22 upstream: reported syz repro on 2021/05/24 09:12
Patch testing requests:
Created Duration User Patch Repo Result
2020/10/30 21:06 18m anmol.karan123@gmail.com patch upstream report log
2020/09/06 03:40 17m anant.thazhemadam@gmail.com https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master report log

Sample crash report:

Crashes (7):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2020/09/05 01:35 upstream 59126901f200 abf9ba4f .config log report syz C
ci-upstream-kasan-gce-smack-root 2020/09/03 12:12 upstream fc3abb53250a abf9ba4f .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2020/09/08 03:25 linux-next 7a6956579ce6 abf9ba4f .config log report syz C
ci-upstream-net-kasan-gce 2020/11/29 17:27 net-next e71d2b957ee4 a0092f9d .config log report info
ci-upstream-net-kasan-gce 2020/11/18 19:18 net-next 6997faa997ba 09323409 .config log report info
ci-upstream-net-kasan-gce 2020/11/15 17:14 net-next 0064c5c1b3bf 1bf9a662 .config log report info
ci-upstream-linux-next-kasan-gce-root 2020/12/23 10:49 linux-next d7a03a44a5e9 04201c06 .config log report info