syzbot


KASAN: use-after-free Read in tcf_action_destroy
Status: fixed on 2020/11/16 12:12
Reported-by: syzbot+2287853d392e4b42374a@syzkaller.appspotmail.com
Fix commit: 0fedc63fadf0 net_sched: commit action insertions together
First crash: 438d, last: 419d

Cause bisection: introduced by (bisect log) :
commit 4e8ddd7f1758ca4ddd0c1f7cf3e66fce736241d2
Author: Vlad Buslov <vladbu@mellanox.com>
Date: Thu Jul 5 14:24:30 2018 +0000

  net: sched: don't release reference on action overwrite

Crash: KASAN: use-after-free Read in tcf_action_destroy (log)
Repro: C syz .config
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 KASAN: use-after-free Read in tcf_action_destroy C error 2 70d 430d 0/1 upstream: reported C repro on 2020/09/25 05:47
Patch testing requests:
Created Duration User Patch Repo Result
2020/09/22 16:07 17m xiyou.wangcong@gmail.com https://github.com/congwang/linux.git net OK
2020/09/22 05:54 22m xiyou.wangcong@gmail.com https://github.com/congwang/linux.git net report log
2020/09/21 21:33 10m xiyou.wangcong@gmail.com https://github.com/congwang/linux.git net report log
2020/09/21 19:08 10m xiyou.wangcong@gmail.com https://github.com/congwang/linux.git net report log

Sample crash report:

Crashes (8):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2020/10/05 12:49 upstream 549738f15da0 5ef9c291 .config log report syz C
ci-upstream-kasan-gce-root 2020/10/04 05:04 upstream 22fbc037cd32 1a3f9408 .config log report syz C
ci-upstream-net-this-kasan-gce 2020/09/16 15:50 net 2e5117ba9f58 18d7d030 .config log report syz C
ci-upstream-net-kasan-gce 2020/09/16 15:23 net-next 0f9ad4e75944 18d7d030 .config log report syz C
ci-upstream-net-this-kasan-gce 2020/09/16 15:33 net 2e5117ba9f58 18d7d030 .config log report info
ci-upstream-net-kasan-gce 2020/09/20 07:06 net-next a5a3303e26cd 53ce8104 .config log report info
ci-upstream-net-kasan-gce 2020/09/19 04:49 net-next 1d39cd8cf75f 53ce8104 .config log report info
ci-upstream-net-kasan-gce 2020/09/16 15:07 net-next 0f9ad4e75944 18d7d030 .config log report info