syzbot

 sign-in | mailing list | source | docs
🐞 Open [1537]
Subsystems
🐞 Fixed [6444]
🐞 Invalid [16330]
Missing Backports [198]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

kernel panic: stack is corrupted in udp4_lib_lookup2

Status: fixed on 2019/03/06 07:43
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+4ad25edc7a33e4ab91e0@syzkaller.appspotmail.com
Fix commit: 44039e00171b fou6: Prevent unbounded recursion in GUE error handler
First crash: 2396d, last: 2395d
Duplicate bugs (23)
duplicates (23):
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
KASAN: stack-out-of-bounds Read in check_stack_object hardening mm 17 syz 2 2379d 2388d 0/29 closed as dup on 2019/01/06 15:44
KASAN: stack-out-of-bounds Read in process_one_work kernel 17 1 2383d 2380d 0/29 closed as dup on 2019/01/14 17:06
general protection fault in account_system_index_time (2) kernel 2 C 12 2379d 2433d 0/29 closed as dup on 2019/01/04 11:13
KASAN: stack-out-of-bounds Read in corrupted (3) acpica 17 C 5 2380d 2392d 0/29 closed as dup on 2019/01/04 11:23
kernel panic: stack is corrupted in lock_acquire kernel 2 2 2389d 2391d 0/29 closed as dup on 2019/01/04 11:23
BUG: unable to handle kernel paging request in free_block (4) kernel 8 2 2351d 2380d 0/29 closed as dup on 2019/01/14 17:27
kernel panic: stack is corrupted in rb_erase kernel 2 1 2384d 2384d 0/29 closed as dup on 2019/01/11 08:03
WARNING in mem_cgroup_update_lru_size cgroups mm -1 C 2 2390d 2393d 0/29 closed as dup on 2019/01/05 08:11
general protection fault in cpuacct_charge (2) kernel 2 1 2380d 2379d 0/29 closed as dup on 2019/01/15 16:59
KASAN: stack-out-of-bounds Read in timerqueue_add (2) kernel 17 C 4 2385d 2390d 0/29 closed as dup on 2019/01/04 16:39
KASAN: stack-out-of-bounds in update_curr kernel 17 syz 1 2391d 2390d 0/29 closed as dup on 2019/01/04 16:37
kernel panic: stack is corrupted in ktime_get kernel 2 3 2388d 2393d 0/29 closed as dup on 2019/01/04 11:21
BUG: corrupted list in account_entity_enqueue kernel 8 C 9 2388d 2395d 0/29 closed as dup on 2019/01/04 11:12
kernel panic: corrupted stack end detected inside scheduler (3) mm 2 C 1958 2396d 2546d 0/29 closed as dup on 2019/01/04 11:19
kernel panic: stack is corrupted in perf_prepare_sample perf 2 1 2390d 2390d 0/29 closed as dup on 2019/01/06 13:27
kernel panic: stack is corrupted in lock_release kernel 2 4 2390d 2392d 0/29 closed as dup on 2019/01/04 11:20
KASAN: stack-out-of-bounds Read in swake_up_one kernel 17 syz 1 2383d 2380d 0/29 closed as dup on 2019/01/14 17:27
KASAN: use-after-scope Read in corrupted hardening mm -1 C 2 2383d 2380d 0/29 closed as dup on 2019/01/15 07:26
kernel panic: stack is corrupted in __lock_acquire kernel 2 9 2380d 2393d 0/29 closed as dup on 2019/01/04 11:22
general protection fault in timerqueue_add (2) kernel 2 2 2389d 2390d 0/29 closed as dup on 2019/01/04 16:41
kernel panic: stack is corrupted in rcu_dynticks_curr_cpu_in_eqs rcu 2 syz 156 2379d 2393d 0/29 closed as dup on 2019/01/04 11:13
KASAN: stack-out-of-bounds Read in select_idle_sibling kernel 17 2 2397d 2394d 0/29 closed as dup on 2019/01/04 11:22
kernel panic: stack is corrupted in trace_hardirqs_off trace 2 1 2394d 2393d 0/29 closed as dup on 2019/01/04 11:21
Discussions (2)
Title Replies (including bot) Last reply
kernel panic: stack is corrupted in udp4_lib_lookup2 17 (18) 2019/01/07 09:04
[PATCH net 0/2] Fix two further potential unbounded recursions in GUE error handlers 4 (4) 2019/01/04 21:06

Sample crash report:
Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: udp4_lib_lookup2+0x7ea/0x7f0 net/ipv4/udp.c:455
CPU: 0 PID: 25894 Comm: syz-executor3 Not tainted 4.20.0+ #396
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
kobject: 'loop5' (0000000083e9ff32): kobject_uevent_env
Call Trace:
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (11):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/12/31 00:38 upstream 195303136f19 2b42fdc8 .config console log report ci-upstream-kasan-gce-root
2018/12/30 23:54 upstream 195303136f19 2b42fdc8 .config console log report ci-upstream-kasan-gce-smack-root
2018/12/30 13:57 upstream 195303136f19 9942de5f .config console log report ci-upstream-kasan-gce
2018/12/30 12:05 upstream 195303136f19 9942de5f .config console log report ci-upstream-kasan-gce-selinux-root
2018/12/31 03:07 net-old c433570458e4 2b42fdc8 .config console log report ci-upstream-net-this-kasan-gce
2018/12/30 14:13 net-next-old b71acb0e3721 9942de5f .config console log report ci-upstream-net-kasan-gce
2018/12/30 12:00 net-next-old b71acb0e3721 9942de5f .config console log report ci-upstream-net-kasan-gce
2018/12/30 11:45 net-next-old b71acb0e3721 9942de5f .config console log report ci-upstream-net-kasan-gce
2018/12/31 00:01 linux-next 6a1d293238c1 2b42fdc8 .config console log report ci-upstream-linux-next-kasan-gce-root
2018/12/30 12:09 linux-next 6a1d293238c1 9942de5f .config console log report ci-upstream-linux-next-kasan-gce-root
2018/12/30 12:08 linux-next 6a1d293238c1 9942de5f .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.