syzbot


[upstream] KASAN: use-after-free Read in update_blocked_averages
Status: fixed on 2019/03/21 17:09
Reported-by: syzbot+0dbf864d3b52555e8265@syzkaller.appspotmail.com
Fix commit: bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
First crash: 135d, last: 120d

Bisection: introduced by (bisect log):

commit b8a51b38e4d4dec3e379d52c0fe1a66827f7cf1e
Author: Stefano Brivio <sbrivio@redhat.com>
Date: Thu Nov 8 11:19:23 2018 +0000

  fou, fou6: ICMP error handlers for FoU and GUE

Tree: net-next
Crash: kernel panic: stack is corrupted in rcu_dynticks_curr_cpu_in_eqs (log)
Repro: C syz .config

Sample crash report:

All crashes (3):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci-upstream-net-kasan-gce 2018/11/11 07:41 net-next 12ceaf88 f3c4e618 .config log report syz C
ci-upstream-net-kasan-gce 2018/11/13 13:45 net-next 3e536cff 5f5f6d14 .config log report syz C davem@davemloft.net, kuznet@ms2.inr.ac.ru, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, yoshfuji@linux-ipv6.org
ci-upstream-net-kasan-gce 2018/11/26 02:03 net-next 358be656 3d3ec907 .config log report crecklin@redhat.com, keescook@chromium.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org