syzbot


INFO: task hung in tcf_ife_init
Status: upstream: reported C repro on 2020/09/03 08:48
Reported-by: syzbot+80e32b5d1f9923f8ace6@syzkaller.appspotmail.com
Fix commit: act_ife: load meta modules before tcf_idr_check_alloc()
Patched on: [ci-upstream-bpf-kasan-gce ci-upstream-linux-next-kasan-gce-root ci-upstream-net-this-kasan-gce], missing on: [ci-qemu-upstream ci-qemu-upstream-386 ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-net-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb]
First crash: 18d, last: 14d

Cause bisection: introduced by (bisect log):

commit 4e8ddd7f1758ca4ddd0c1f7cf3e66fce736241d2
Author: Vlad Buslov <vladbu@mellanox.com>
Date: Thu Jul 5 14:24:30 2018 +0000

  net: sched: don't release reference on action overwrite

Crash: KASAN: use-after-free Read in __tcf_action_put (log)
Repro: C syz .config
similar bugs (1):
Kernel Title Repro Bisected Count Last Reported Patched Status
linux-4.19 INFO: task hung in tcf_ife_init C 1 18d 18d 0/1 upstream: reported C repro on 2020/09/03 06:16
Patch testing requests:
Created Duration User Patch Repo Result
2020/09/03 18:49 17m xiyou.wangcong@gmail.com https://github.com/congwang/linux.git net OK

Sample crash report:

Crashes (4):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Maintainers
ci-upstream-kasan-gce-selinux-root 2020/09/07 21:57 upstream f4d51dff abf9ba4f .config log report syz C davem@davemloft.net, jhs@mojatatu.com, jiri@resnulli.us, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, xiyou.wangcong@gmail.com
ci-upstream-kasan-gce-root 2020/09/06 08:58 upstream 9322c47b abf9ba4f .config log report syz C davem@davemloft.net, jhs@mojatatu.com, jiri@resnulli.us, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, xiyou.wangcong@gmail.com
ci-upstream-net-this-kasan-gce 2020/09/03 05:53 net 1996cf46 abf9ba4f .config log report syz C davem@davemloft.net, jhs@mojatatu.com, jiri@resnulli.us, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, xiyou.wangcong@gmail.com
ci-upstream-net-kasan-gce 2020/09/03 08:35 net-next d3dfc362 abf9ba4f .config log report syz C davem@davemloft.net, jhs@mojatatu.com, jiri@resnulli.us, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, xiyou.wangcong@gmail.com