syzbot


general protection fault in hash_ipportnet4_uadt
Status: fixed on 2020/02/18 14:31
Reported-by: syzbot+34bd2369d38707f3f4a7@syzkaller.appspotmail.com
Fix commit: 22dad713b8a5 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
First crash: 649d, last: 647d

Cause bisection: introduced by (bisect log) :
commit 23c42a403a9cfdbad6004a556c927be7dd61a8ee
Author: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Sat Oct 27 13:07:40 2018 +0000

  netfilter: ipset: Introduction of new commands and protocol version 7

Crash: general protection fault in hash_ipportnet4_uadt (log)
Repro: C syz .config
duplicates (11):
Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
general protection fault in hash_ip6_uadt C 6 648d 648d 0/22 closed as dup on 2020/01/08 09:52
general protection fault in hash_netnet4_uadt C 7 647d 648d 0/22 closed as dup on 2020/01/08 09:53
general protection fault in hash_netport4_uadt C 12 647d 648d 0/22 closed as dup on 2020/01/08 09:54
general protection fault in hash_ipportip4_uadt 2 648d 648d 0/22 closed as dup on 2020/01/08 15:53
general protection fault in hash_netport6_uadt syz 6 648d 648d 0/22 closed as dup on 2020/01/08 09:53
general protection fault in hash_ipport4_uadt syz 6 647d 648d 0/22 closed as dup on 2020/01/08 09:52
general protection fault in hash_mac4_uadt C done 6 648d 649d 0/22 closed as dup on 2020/01/08 09:54
general protection fault in hash_ip4_uadt C done 12 647d 648d 0/22 closed as dup on 2020/01/08 09:53
general protection fault in hash_ipportip6_uadt C 6 647d 648d 0/22 closed as dup on 2020/01/08 16:06
general protection fault in hash_net4_uadt C done 5 648d 648d 0/22 closed as dup on 2020/01/08 09:53
general protection fault in hash_ipportnet6_uadt C 6 648d 648d 0/22 closed as dup on 2020/01/08 09:53

Sample crash report:

Crashes (13):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2020/01/09 09:35 upstream b07f636fca1c ddc3e859 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2020/01/09 02:05 upstream b07f636fca1c ddc3e859 .config log report syz C
ci-upstream-kasan-gce-root 2020/01/08 15:23 upstream ae6088216ce4 ddc3e859 .config log report syz C
ci-upstream-kasan-gce 2020/01/08 08:14 upstream ae6088216ce4 6738e0b3 .config log report syz C
ci-upstream-kasan-gce-root 2020/01/08 05:19 upstream ae6088216ce4 6738e0b3 .config log report syz C
ci-upstream-kasan-gce-386 2020/01/08 09:24 upstream ae6088216ce4 6738e0b3 .config log report syz C
ci-upstream-kasan-gce-386 2020/01/08 03:35 upstream ae6088216ce4 6738e0b3 .config log report syz C
ci-upstream-net-this-kasan-gce 2020/01/07 23:16 net c101fffcd7fa 1bcd407e .config log report syz C
ci-upstream-net-this-kasan-gce 2020/01/07 17:27 net c101fffcd7fa 1bcd407e .config log report syz C
ci-upstream-net-kasan-gce 2020/01/08 02:34 net-next 1ece2fbe9b42 6738e0b3 .config log report syz C
ci-upstream-net-kasan-gce 2020/01/07 19:52 net-next 1b935183aeff 1bcd407e .config log report syz C
ci-upstream-net-kasan-gce 2020/01/10 00:44 net-next 4a4a52d49d11 4de4e9f0 .config log report
ci-upstream-net-kasan-gce 2020/01/07 13:47 net-next 1b935183aeff 1bcd407e .config log report