syzbot


WARNING in tcp_close

Status: fixed on 2018/11/12 21:25
Subsystems: net
[Documentation on labels]
Fix commit: 8873c064d1de tcp: do not release socket ownership in tcp_close()
First crash: 2084d, last: 1984d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 WARNING in tcp_close syz 21 1621d 1750d 0/3 public: reported syz repro on 2019/06/14 00:50
android-414 WARNING in tcp_close syz 10 1954d 1813d 0/1 public: reported syz repro on 2019/04/12 00:01
android-44 WARNING in tcp_close syz 17 1582d 1750d 0/2 public: reported syz repro on 2019/06/14 04:14

Sample crash report:
WARNING: CPU: 0 PID: 14881 at net/ipv4/tcp.c:2415 tcp_close+0xf59/0x1300 net/ipv4/tcp.c:2415
Kernel panic - not syncing: panic_on_warn set ...

CPU: 0 PID: 14881 Comm: syz-executor5 Not tainted 4.19.0-rc8+ #75
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c4/0x2b6 lib/dump_stack.c:113
 panic+0x238/0x4e7 kernel/panic.c:184
 __warn.cold.8+0x20/0x4a kernel/panic.c:536
 report_bug+0x254/0x2d0 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:178 [inline]
 do_error_trap+0x1fc/0x4d0 arch/x86/kernel/traps.c:296
 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:316
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:993
RIP: 0010:tcp_close+0xf59/0x1300 net/ipv4/tcp.c:2415
Code: ff ff e8 6a 60 01 fb be 07 00 00 00 48 89 df e8 3d e5 fe ff 4c 8d 63 28 48 89 df e8 d1 db fd ff e9 cc f6 ff ff e8 47 60 01 fb <0f> 0b e9 55 f8 ff ff e8 3b 60 01 fb be 07 00 00 00 48 89 df e8 0e
RSP: 0018:ffff8801c21cf660 EFLAGS: 00010293
RAX: ffff8801c5a74200 RBX: ffff8801cba8c3c0 RCX: ffffffff867d43d7
RDX: 0000000000000000 RSI: ffffffff867d4b89 RDI: 0000000000000005
RBP: ffff8801c21cf720 R08: ffff8801c5a74200 R09: ffffed0039751889
R10: ffffed0039751889 R11: ffff8801cba8c44b R12: ffff8801cba8c3e8
R13: ffff8801cba8c448 R14: ffff8801cba8c440 R15: 0000000000000007
 inet_release+0x104/0x1f0 net/ipv4/af_inet.c:428
 inet6_release+0x50/0x70 net/ipv6/af_inet6.c:457
 __sock_release+0xd7/0x250 net/socket.c:579
 sock_close+0x19/0x20 net/socket.c:1141
 __fput+0x385/0xa30 fs/file_table.c:278
 ____fput+0x15/0x20 fs/file_table.c:309
 task_work_run+0x1e8/0x2a0 kernel/task_work.c:113
 get_signal+0x155e/0x1980 kernel/signal.c:2343
 do_signal+0x9c/0x21e0 arch/x86/kernel/signal.c:816
 exit_to_usermode_loop+0x2e5/0x380 arch/x86/entry/common.c:162
 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:268 [inline]
 do_syscall_64+0x6be/0x820 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457569
Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f39a111dc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: 0000000000364650 RBX: 0000000000000006 RCX: 0000000000457569
RDX: 08d2d601e8976aa5 RSI: 0000000020000100 RDI: 0000000000000005
RBP: 000000000072bf00 R08: 000000002031e000 R09: 000000000000001c
R10: 0000000020000004 R11: 0000000000000246 R12: 00007f39a111e6d4
R13: 00000000004c3921 R14: 00000000004d57d8 R15: 00000000ffffffff
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (284):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/10/22 13:15 upstream 467e050e9760 ecb386fe .config console log report syz ci-upstream-kasan-gce-selinux-root
2018/08/09 17:40 upstream fedb8da96355 1fb62d58 .config console log report syz ci-upstream-kasan-gce
2018/08/09 17:40 upstream fedb8da96355 1fb62d58 .config console log report syz ci-upstream-kasan-gce-root
2018/08/05 12:49 upstream 60f5a2173632 1beb8136 .config console log report syz ci-upstream-kasan-gce-root
2018/08/05 10:44 upstream 60f5a2173632 3476a2df .config console log report syz ci-upstream-kasan-gce
2018/08/09 17:41 upstream fedb8da96355 1fb62d58 .config console log report syz ci-upstream-kasan-gce-386
2018/08/05 11:13 upstream 60f5a2173632 3476a2df .config console log report syz ci-upstream-kasan-gce-386
2018/08/09 17:27 net-old 1be52e97ed3e 1fb62d58 .config console log report syz ci-upstream-net-this-kasan-gce
2018/08/09 17:28 net-next-old 82b94f5d6891 1fb62d58 .config console log report syz ci-upstream-net-kasan-gce
2018/08/05 11:09 net-next-old d89d41556141 3476a2df .config console log report syz ci-upstream-net-kasan-gce
2018/08/14 02:41 linux-next 5ed5da74de9e 7a88b141 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2018/08/05 12:59 linux-next 116b181bb646 1beb8136 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2018/10/20 06:19 upstream c7b70a641df2 ecb386fe .config console log report ci-upstream-kasan-gce
2018/10/12 03:23 upstream 9dcd936c5312 ba6ddb43 .config console log report ci-upstream-kasan-gce
2018/10/03 12:39 upstream 6bebe37927f3 0f3e0261 .config console log report ci-upstream-kasan-gce-selinux-root
2018/10/03 06:39 upstream 1d2ba7fee28b 0f3e0261 .config console log report ci-upstream-kasan-gce-selinux-root
2018/10/01 22:13 upstream 17b57b1883c1 e06f7713 .config console log report ci-upstream-kasan-gce
2018/10/01 18:30 upstream 17b57b1883c1 48a50c6b .config console log report ci-upstream-kasan-gce
2018/09/29 18:25 upstream 82ec752cce8b 41e4b329 .config console log report ci-upstream-kasan-gce
2018/09/29 16:39 upstream 82ec752cce8b 41e4b329 .config console log report ci-upstream-kasan-gce
2018/09/28 06:59 upstream c127e59bee3e 0c2fa87b .config console log report ci-upstream-kasan-gce
2018/09/26 09:52 upstream a38523185b40 455b6354 .config console log report ci-upstream-kasan-gce
2018/09/23 19:19 upstream 6bf4ca7fbc85 28d9ac76 .config console log report ci-upstream-kasan-gce-selinux-root
2018/09/23 00:44 upstream 10dc890d4228 37079712 .config console log report ci-upstream-kasan-gce
2018/09/22 20:30 upstream 10dc890d4228 37079712 .config console log report ci-upstream-kasan-gce-smack-root
2018/09/09 13:18 upstream f8f65382c98a 6b5120a4 .config console log report ci-upstream-kasan-gce-selinux-root
2018/09/03 21:53 upstream 60c1f89241d4 a4718693 .config console log report ci-upstream-kasan-gce-root
2018/10/18 05:26 upstream c343db455eb3 b2695b95 .config console log report ci-upstream-kasan-gce-386
2018/09/26 15:21 upstream a38523185b40 455b6354 .config console log report ci-upstream-kasan-gce-386
2018/09/11 13:21 upstream 11da3a7f84f1 8c88323f .config console log report ci-upstream-kasan-gce-386
2018/09/06 18:48 upstream b36fdc6853a3 0bb7a7eb .config console log report ci-upstream-kasan-gce-386
2018/10/15 07:19 net-old 028c99fa912b caf12900 .config console log report ci-upstream-net-this-kasan-gce
2018/10/12 12:29 net-old 6b9bab550cac ba6ddb43 .config console log report ci-upstream-net-this-kasan-gce
2018/10/07 01:58 net-old c1d84a1b42ef 8b311eaf .config console log report ci-upstream-net-this-kasan-gce
2018/09/20 13:29 net-old cf5cca6e4cc4 565a5452 .config console log report ci-upstream-net-this-kasan-gce
2018/09/20 05:07 net-old cf5cca6e4cc4 7f125108 .config console log report ci-upstream-net-this-kasan-gce
2018/09/20 03:14 net-old 69ba423d35c2 7f125108 .config console log report ci-upstream-net-this-kasan-gce
2018/09/18 06:04 net-old c73480910e96 7f125108 .config console log report ci-upstream-net-this-kasan-gce
2018/09/17 06:07 net-old 4bf9ffa0fb57 a343a400 .config console log report ci-upstream-net-this-kasan-gce
2018/09/16 18:03 net-old 34043d250f51 a343a400 .config console log report ci-upstream-net-this-kasan-gce
2018/09/16 07:40 net-old 34043d250f51 a343a400 .config console log report ci-upstream-net-this-kasan-gce
2018/09/15 01:48 net-old 34043d250f51 a343a400 .config console log report ci-upstream-net-this-kasan-gce
2018/07/14 17:57 net-old 6bed5e260709 92a49505 .config console log report ci-upstream-net-this-kasan-gce
2018/09/25 18:21 net-next-old edad8d260e25 b7e11289 .config console log report ci-upstream-net-kasan-gce
2018/09/24 12:13 net-next-old 12ba7e104552 2f485cdf .config console log report ci-upstream-net-kasan-gce
2018/09/23 09:11 net-next-old 739d0def85ca 37079712 .config console log report ci-upstream-net-kasan-gce
2018/09/19 14:13 net-next-old b9d957c5b109 7f125108 .config console log report ci-upstream-net-kasan-gce
2018/09/17 08:37 net-next-old a82738adff16 7f125108 .config console log report ci-upstream-net-kasan-gce
2018/09/10 22:04 net-next-old 11957be20ff6 f167cb6b .config console log report ci-upstream-net-kasan-gce
2018/09/08 15:58 net-next-old 7a8c7f5c30f9 6b5120a4 .config console log report ci-upstream-net-kasan-gce
2018/09/07 06:49 net-next-old 2002bc328ca3 e30d3b52 .config console log report ci-upstream-net-kasan-gce
2018/09/05 09:55 net-next-old 2fc4aa59ab47 49312e6d .config console log report ci-upstream-net-kasan-gce
2018/09/29 13:22 linux-next 4794a36bf08d 41e4b329 .config console log report ci-upstream-linux-next-kasan-gce-root
2018/09/22 12:30 linux-next 46c163a036b4 37079712 .config console log report ci-upstream-linux-next-kasan-gce-root
2018/09/07 02:40 linux-next f2b6e66e9885 e30d3b52 .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.