syzbot

 sign-in | mailing list | source | docs
🐞 Open [978] 🐞 Fixed [3281] 🐞 Invalid [6226]

KASAN: use-after-free Read in ip6_pol_route (2)
Status: upstream: reported C repro on 2021/02/19 09:34
Reported-by: syzbot+eeda6c04066577b6a84c@syzkaller.appspotmail.com
First crash: 164d, last: 62d

Cause bisection: introduced by (bisect log) :
commit 40947e13997a1cba4e875893ca6e5d5e61a0689d
Author: Florian Westphal <fw@strlen.de>
Date: Fri Feb 12 23:59:56 2021 +0000

  mptcp: schedule worker when subflow is closed

Crash: KASAN: use-after-free Read in ip6_pol_route (log)
Repro: C syz .config

Fix bisection: fixed by (bisect log) [no-op commit]:
commit 5edf8bd6f4a225f7ad0501f921f9717df152e7fb
Author: Niklas Söderlund <niklas.soderlund+renesas@ragnatech.se>
Date: Wed Dec 9 20:07:37 2020 +0000

  arm64: dts: renesas: rcar-gen3: Add missing CMT nodes

similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: use-after-free Read in ip6_pol_route 249 1437d 1445d 3/22 fixed on 2017/10/24 06:54
Patch testing requests:
Created Duration User Patch Repo Result
2021/03/25 21:49 19m alaaemadhossney.ae@gmail.com git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git master OK

Sample crash report:

Crashes (4):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-net-kasan-gce 2021/02/15 01:46 net-next c4762993129f 98682e5e .config log report syz C KASAN: use-after-free Read in ip6_pol_route
ci-upstream-net-this-kasan-gce 2021/03/02 05:47 net 73f476aa1975 183afb6c .config log report info KASAN: use-after-free Read in ip6_pol_route
ci-upstream-net-kasan-gce 2021/02/15 01:23 net-next c4762993129f 98682e5e .config log report info KASAN: use-after-free Read in ip6_pol_route
ci-upstream-bpf-next-kasan-gce 2021/05/28 01:25 bpf-next d6a6a55518c1 858ea628 .config log report info general protection fault in ip6_pol_route