syzbot


KASAN: out-of-bounds Read in __dev_queue_xmit

Status: auto-closed as invalid on 2019/08/08 04:58
Reported-by: syzbot+a0b53e808111ec98a630@syzkaller.appspotmail.com
First crash: 1953d, last: 1953d

Sample crash report:
==================================================================
BUG: KASAN: out-of-bounds in __dev_queue_xmit+0x16bb/0x1cd0 net/core/dev.c:3483
Read of size 4 at addr ffff8881d4c0c20c by task syz-executor.3/15762

CPU: 1 PID: 15762 Comm: syz-executor.3 Not tainted 4.14.98+ #7
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0xb9/0x10e lib/dump_stack.c:53
 print_address_description+0x60/0x226 mm/kasan/report.c:252
 kasan_report_error mm/kasan/report.c:351 [inline]
 kasan_report mm/kasan/report.c:409 [inline]
 kasan_report.cold+0x88/0x2a5 mm/kasan/report.c:393

The buggy address belongs to the page:
page:ffffea0007530300 count:1 mapcount:0 mapping:          (null) index:0x0
flags: 0x4000000000000000()
raw: 4000000000000000 0000000000000000 0000000000000000 00000001ffffffff
raw: dead000000000100 dead000000000200 0000000000000000 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff8881d4c0c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff8881d4c0c180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff8881d4c0c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                         ^
 ffff8881d4c0c280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff8881d4c0c300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/02/09 04:57 android-4.14 57de59b3cf53 fa6c7b70 .config console log report ci-android-414-kasan-gce-root
* Struck through repros no longer work on HEAD.