syzbot


general protection fault in ip_route_output_key_hash_rcu

Status: closed as invalid on 2019/10/03 03:38
Subsystems: net
[Documentation on labels]
First crash: 1712d, last: 1683d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 general protection fault in ip_route_output_key_hash_rcu 2 1691d 1697d 0/1 auto-closed as invalid on 2019/12/10 05:04
upstream KMSAN: uninit-value in IP6_ECN_decapsulate net C 981 100d 2016d 25/26 fixed on 2023/12/21 03:45

Sample crash report:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 21173 Comm: kworker/0:13 Not tainted 5.3.0-rc5 #109
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: krxrpcd rxrpc_peer_keepalive_worker
RIP: 0010:__read_once_size include/linux/compiler.h:199 [inline]
RIP: 0010:__in_dev_get_rcu include/linux/inetdevice.h:219 [inline]
RIP: 0010:__mkroute_output net/ipv4/route.c:2322 [inline]
RIP: 0010:ip_route_output_key_hash_rcu+0x429/0x2d70 net/ipv4/route.c:2627
Code: 00 0f 85 bd 25 00 00 48 8b 85 70 ff ff ff 48 89 da 48 c1 ea 03 48 8b 40 18 48 89 85 38 ff ff ff 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 0f 85 83 25 00 00 48 8b 85 68 ff ff ff 4c 8b a8 20 03
RSP: 0018:ffff888064b27558 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 0000000000000320 RCX: 0000000000000000
RDX: 0000000000000064 RSI: ffffffff86033a3b RDI: ffff888064b27686
RBP: ffff888064b27638 R08: ffff888064652700 R09: 0000000000000000
R10: fffffbfff134ae37 R11: ffff888064652700 R12: ffff888092844100
R13: ffff888064b27698 R14: ffff888064b27908 R15: ffff888064b278e0
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffe7ec18d48 CR3: 0000000079de6000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
 ip_route_output_key_hash+0x1ef/0x360 net/ipv4/route.c:2456
 __ip_route_output_key include/net/route.h:125 [inline]
 ip_route_output_flow+0x28/0xc0 net/ipv4/route.c:2714
 udp_sendmsg+0x1bc9/0x2830 net/ipv4/udp.c:1140
 inet_sendmsg+0x9e/0xe0 net/ipv4/af_inet.c:807
 sock_sendmsg_nosec net/socket.c:637 [inline]
 sock_sendmsg+0xd7/0x130 net/socket.c:657
 kernel_sendmsg+0x44/0x50 net/socket.c:677
 rxrpc_send_keepalive+0x1ff/0x940 net/rxrpc/output.c:656
 rxrpc_peer_keepalive_dispatch net/rxrpc/peer_event.c:369 [inline]
 rxrpc_peer_keepalive_worker+0x7be/0xd02 net/rxrpc/peer_event.c:430
 process_one_work+0x9af/0x1740 kernel/workqueue.c:2269
 worker_thread+0x98/0xe40 kernel/workqueue.c:2415
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Modules linked in:
---[ end trace f3ffd71f1dea789f ]---
RIP: 0010:__read_once_size include/linux/compiler.h:199 [inline]
RIP: 0010:__in_dev_get_rcu include/linux/inetdevice.h:219 [inline]
RIP: 0010:__mkroute_output net/ipv4/route.c:2322 [inline]
RIP: 0010:ip_route_output_key_hash_rcu+0x429/0x2d70 net/ipv4/route.c:2627
Code: 00 0f 85 bd 25 00 00 48 8b 85 70 ff ff ff 48 89 da 48 c1 ea 03 48 8b 40 18 48 89 85 38 ff ff ff 48 b8 00 00 00 00 00 fc ff df <80> 3c 02 00 0f 85 83 25 00 00 48 8b 85 68 ff ff ff 4c 8b a8 20 03
RSP: 0018:ffff888064b27558 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 0000000000000320 RCX: 0000000000000000
RDX: 0000000000000064 RSI: ffffffff86033a3b RDI: ffff888064b27686
RBP: ffff888064b27638 R08: ffff888064652700 R09: 0000000000000000
R10: fffffbfff134ae37 R11: ffff888064652700 R12: ffff888092844100
R13: ffff888064b27698 R14: ffff888064b27908 R15: ffff888064b278e0
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f9acb176330 CR3: 0000000008c6d000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600

Crashes (46):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/08/19 17:15 upstream d1abaeb3be7b ee12860b .config console log report ci-upstream-kasan-gce-selinux-root
2019/08/14 19:26 upstream a8dba0531bc0 5576551b .config console log report ci-upstream-kasan-gce-selinux-root
2019/08/04 16:00 upstream d8778f13b73f 6affd8e8 .config console log report ci-upstream-kasan-gce-root
2019/07/22 21:52 upstream c6dd78fcb8ee 55e0c077 .config console log report ci-upstream-kasan-gce-root
2019/08/09 03:46 net-old f6649feb264e ede31a9b .config console log report ci-upstream-net-this-kasan-gce
2019/08/08 07:33 net-old 33920f1ec5bf e6ebef88 .config console log report ci-upstream-net-this-kasan-gce
2019/08/06 16:10 net-old 107e47cc80ec c6f01e54 .config console log report ci-upstream-net-this-kasan-gce
2019/08/06 11:30 net-old 107e47cc80ec 6affd8e8 .config console log report ci-upstream-net-this-kasan-gce
2019/08/05 21:12 net-old 107e47cc80ec 6affd8e8 .config console log report ci-upstream-net-this-kasan-gce
2019/08/02 20:56 net-old 107e47cc80ec 835dffe7 .config console log report ci-upstream-net-this-kasan-gce
2019/07/28 13:26 net-old 107e47cc80ec c85e1c5b .config console log report ci-upstream-net-this-kasan-gce
2019/07/24 17:37 net-old 107e47cc80ec 32329ceb .config console log report ci-upstream-net-this-kasan-gce
2019/07/24 12:14 net-old 107e47cc80ec 32329ceb .config console log report ci-upstream-net-this-kasan-gce
2019/08/18 11:54 net-next-old d83d508b74c4 55bf8926 .config console log report ci-upstream-net-kasan-gce
2019/08/18 05:14 net-next-old d83d508b74c4 55bf8926 .config console log report ci-upstream-net-kasan-gce
2019/08/17 07:12 net-next-old 13b18f1d281b 8fd428a1 .config console log report ci-upstream-net-kasan-gce
2019/08/16 21:53 net-next-old 459c5fb44379 8fd428a1 .config console log report ci-upstream-net-kasan-gce
2019/08/15 16:14 net-next-old ecb9f80db23a 0d298d6b .config console log report ci-upstream-net-kasan-gce
2019/08/14 22:53 net-next-old c162610c7db2 5576551b .config console log report ci-upstream-net-kasan-gce
2019/08/14 20:56 net-next-old c162610c7db2 5576551b .config console log report ci-upstream-net-kasan-gce
2019/08/14 15:25 net-next-old c162610c7db2 5576551b .config console log report ci-upstream-net-kasan-gce
2019/08/13 12:42 net-next-old 53f6f391786e 8620c2c2 .config console log report ci-upstream-net-kasan-gce
2019/08/08 21:34 net-next-old 13dfb3fa4943 e6ebef88 .config console log report ci-upstream-net-kasan-gce
2019/08/07 17:56 net-next-old 13dfb3fa4943 e6ebef88 .config console log report ci-upstream-net-kasan-gce
2019/08/06 09:19 net-next-old 31cc088a4f5d 6affd8e8 .config console log report ci-upstream-net-kasan-gce
2019/08/05 04:39 net-next-old 31cc088a4f5d 6affd8e8 .config console log report ci-upstream-net-kasan-gce
2019/08/04 21:49 net-next-old 31cc088a4f5d 6affd8e8 .config console log report ci-upstream-net-kasan-gce
2019/08/04 14:25 net-next-old 31cc088a4f5d 6affd8e8 .config console log report ci-upstream-net-kasan-gce
2019/08/04 04:34 net-next-old 31cc088a4f5d 6affd8e8 .config console log report ci-upstream-net-kasan-gce
2019/08/03 23:50 net-next-old 31cc088a4f5d 6affd8e8 .config console log report ci-upstream-net-kasan-gce
2019/08/02 04:30 net-next-old 31cc088a4f5d 835dffe7 .config console log report ci-upstream-net-kasan-gce
2019/08/01 20:08 net-next-old 31cc088a4f5d 835dffe7 .config console log report ci-upstream-net-kasan-gce
2019/08/01 03:13 net-next-old 31cc088a4f5d c692b5bd .config console log report ci-upstream-net-kasan-gce
2019/07/30 08:38 net-next-old 31cc088a4f5d f28bf2a5 .config console log report ci-upstream-net-kasan-gce
2019/07/28 18:25 net-next-old 31cc088a4f5d c85e1c5b .config console log report ci-upstream-net-kasan-gce
2019/07/28 09:14 net-next-old 31cc088a4f5d c85e1c5b .config console log report ci-upstream-net-kasan-gce
2019/07/26 07:21 net-next-old 31cc088a4f5d 732bc5a0 .config console log report ci-upstream-net-kasan-gce
2019/07/25 14:24 net-next-old 31cc088a4f5d 32329ceb .config console log report ci-upstream-net-kasan-gce
2019/07/25 10:39 net-next-old 31cc088a4f5d 32329ceb .config console log report ci-upstream-net-kasan-gce
2019/07/24 08:45 net-next-old 31cc088a4f5d de453f34 .config console log report ci-upstream-net-kasan-gce
2019/07/24 06:59 net-next-old 31cc088a4f5d de453f34 .config console log report ci-upstream-net-kasan-gce
2019/07/22 12:20 net-next-old 31cc088a4f5d b3c615f5 .config console log report ci-upstream-net-kasan-gce
2019/07/22 04:13 net-next-old 31cc088a4f5d 1656845f .config console log report ci-upstream-net-kasan-gce
2019/07/21 18:06 net-next-old 31cc088a4f5d 1656845f .config console log report ci-upstream-net-kasan-gce
2019/08/08 22:52 linux-next 2ae256317763 ede31a9b .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.