syzbot

 sign-in | mailing list | source | docs
🐞 Open [979] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12497] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

usb-testing boot error: BUG: unable to handle kernel paging request in rtm_to_ifaddr

Status: closed as invalid on 2022/08/23 08:13
Subsystems: net
[Documentation on labels]
First crash: 614d, last: 614d

Sample crash report:
BUG: unable to handle page fault for address: ffffdc000000003f
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 100026067 P4D 100026067 PUD 0 
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 1215 Comm: dhcpcd Not tainted 6.0.0-rc1-syzkaller-00028-g4dce3b375179 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
RIP: 0010:bitmap_fill include/linux/bitmap.h:253 [inline]
RIP: 0010:neigh_parms_data_state_setall include/net/neighbour.h:106 [inline]
RIP: 0010:rtm_to_ifaddr+0x2bf/0xc40 net/ipv4/devinet.c:863
Code: 03 80 3c 02 00 0f 85 a5 08 00 00 4d 8b b7 50 01 00 00 48 ba 00 00 00 00 00 fc ff df 49 8d be 98 00 00 00 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 72 08 00 00 49 8d 47 10 be 04 00 00 00 49 c7 86
RSP: 0018:ffffc900010df508 EFLAGS: 00010a06
RAX: dffffc0000000000 RBX: ffff88811a7ff000 RCX: 1fffe0000000003f
RDX: dffffc0000000000 RSI: ffffffff8523e841 RDI: ffff0000000001fa
RBP: 1ffff9200021bea6 R08: 00000000aef8103b R09: 0000000000000000
R10: 0000000080000000 R11: 0000000000052040 R12: ffff888100170f00
R13: ffff88811a7ff011 R14: ffff000000000162 R15: ffff88810e6d1800
FS:  00007f7c2bcbc740(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffdc000000003f CR3: 000000010e48a000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 inet_rtm_newaddr+0x126/0x980 net/ipv4/devinet.c:942
 rtnetlink_rcv_msg+0x43a/0xc90 net/core/rtnetlink.c:6089
 netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2501
 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
 netlink_unicast+0x543/0x7f0 net/netlink/af_netlink.c:1345
 netlink_sendmsg+0x917/0xe10 net/netlink/af_netlink.c:1921
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg+0xcf/0x120 net/socket.c:734
 ____sys_sendmsg+0x6eb/0x810 net/socket.c:2482
 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2536
 __sys_sendmsg+0xf3/0x1c0 net/socket.c:2565
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f7c2bdb4163
Code: 64 89 02 48 c7 c0 ff ff ff ff eb b7 66 2e 0f 1f 84 00 00 00 00 00 90 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 89 54 24 1c 48
RSP: 002b:00007fffaed3f948 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f7c2bcbc6c8 RCX: 00007f7c2bdb4163
RDX: 0000000000000000 RSI: 00007fffaed53af8 RDI: 000000000000000c
RBP: 000000000000000c R08: 0000000000000000 R09: 00007fffaed53af8
R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
R13: 00007fffaed53af8 R14: 0000000000000044 R15: 0000000000000001
 </TASK>
Modules linked in:
CR2: ffffdc000000003f
---[ end trace 0000000000000000 ]---
RIP: 0010:bitmap_fill include/linux/bitmap.h:253 [inline]
RIP: 0010:neigh_parms_data_state_setall include/net/neighbour.h:106 [inline]
RIP: 0010:rtm_to_ifaddr+0x2bf/0xc40 net/ipv4/devinet.c:863
Code: 03 80 3c 02 00 0f 85 a5 08 00 00 4d 8b b7 50 01 00 00 48 ba 00 00 00 00 00 fc ff df 49 8d be 98 00 00 00 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 72 08 00 00 49 8d 47 10 be 04 00 00 00 49 c7 86
RSP: 0018:ffffc900010df508 EFLAGS: 00010a06
RAX: dffffc0000000000 RBX: ffff88811a7ff000 RCX: 1fffe0000000003f
RDX: dffffc0000000000 RSI: ffffffff8523e841 RDI: ffff0000000001fa
RBP: 1ffff9200021bea6 R08: 00000000aef8103b R09: 0000000000000000
R10: 0000000080000000 R11: 0000000000052040 R12: ffff888100170f00
R13: ffff88811a7ff011 R14: ffff000000000162 R15: ffff88810e6d1800
FS:  00007f7c2bcbc740(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffdc000000003f CR3: 000000010e48a000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	03 80 3c 02 00 0f    	add    0xf00023c(%rax),%eax
   6:	85 a5 08 00 00 4d    	test   %esp,0x4d000008(%rbp)
   c:	8b b7 50 01 00 00    	mov    0x150(%rdi),%esi
  12:	48 ba 00 00 00 00 00 	movabs $0xdffffc0000000000,%rdx
  19:	fc ff df
  1c:	49 8d be 98 00 00 00 	lea    0x98(%r14),%rdi
  23:	48 89 f9             	mov    %rdi,%rcx
  26:	48 c1 e9 03          	shr    $0x3,%rcx
* 2a:	80 3c 11 00          	cmpb   $0x0,(%rcx,%rdx,1) <-- trapping instruction
  2e:	0f 85 72 08 00 00    	jne    0x8a6
  34:	49 8d 47 10          	lea    0x10(%r15),%rax
  38:	be 04 00 00 00       	mov    $0x4,%esi
  3d:	49                   	rex.WB
  3e:	c7                   	.byte 0xc7
  3f:	86                   	.byte 0x86

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/08/19 09:42 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 4dce3b375179 26a13b38 .config console log report ci2-upstream-usb usb-testing boot error: BUG: unable to handle kernel paging request in rtm_to_ifaddr
* Struck through repros no longer work on HEAD.