syzbot

 sign-in | mailing list | source | docs
🐞 Open [1569]
Subsystems
🐞 Fixed [5936]
🐞 Invalid [14430]
Missing Backports [102]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: refcount bug in ax25_release (3)

Status: upstream: reported C repro on 2024/05/26 23:38
Subsystems: hams
[Documentation on labels]
Reported-by: syzbot+33841dc6aa3e1d86b78a@syzkaller.appspotmail.com
First crash: 212d, last: 5m
Cause bisection: introduced by (bisect log) :
commit 9fd75b66b8f68498454d685dc4ba13192ae069b0
Author: Duoming Zhou <duoming@zju.edu.cn>
Date: Fri Mar 18 00:54:04 2022 +0000

  ax25: Fix refcount leaks caused by ax25_cb_del()

Crash: WARNING in ax25_release (log)
Repro: C syz .config
  
Discussions (7)
Title Replies (including bot) Last reply
[syzbot] Monthly hams report (Dec 2024) 0 (1) 2024/12/16 09:45
[syzbot] Monthly hams report (Nov 2024) 0 (1) 2024/11/15 10:49
[syzbot] Monthly hams report (Oct 2024) 0 (1) 2024/10/14 19:37
[syzbot] Monthly hams report (Sep 2024) 0 (1) 2024/09/13 10:03
[syzbot] Monthly hams report (Aug 2024) 0 (1) 2024/08/13 08:52
[syzbot] [hams?] WARNING: refcount bug in ax25_release (3) 0 (3) 2024/06/26 05:29
[syzbot] Monthly hams report (Jun 2024) 0 (1) 2024/06/11 13:40
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 WARNING: refcount bug in ax25_release 6 52d 188d 0/3 upstream: reported on 2024/06/15 15:04
upstream WARNING: refcount bug in ax25_release hams 1 465d 465d 0/28 closed as invalid on 2023/12/15 13:48
upstream WARNING: refcount bug in ax25_release (2) hams C 240 212d 278d 25/28 fixed on 2024/05/22 23:16

Sample crash report:
------------[ cut here ]------------
refcount_t: decrement hit 0; leaking memory.
WARNING: CPU: 0 PID: 5231 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31
Modules linked in:
CPU: 0 UID: 0 PID: 5231 Comm: syz-executor234 Not tainted 6.12.0-rc3-syzkaller-00164-g34d35b4edbbe #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31
Code: b2 00 00 00 e8 f7 12 d8 fc 5b 5d c3 cc cc cc cc e8 eb 12 d8 fc c6 05 8e f0 49 0b 01 90 48 c7 c7 e0 bc 60 8c e8 47 0c 99 fc 90 <0f> 0b 90 90 eb d9 e8 cb 12 d8 fc c6 05 6b f0 49 0b 01 90 48 c7 c7
RSP: 0018:ffffc9000353f9c8 EFLAGS: 00010246
RAX: 1742b9254644b300 RBX: ffff8880315dc664 RCX: ffff888040118000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000004 R08: ffffffff8155e402 R09: fffffbfff1cf9fd8
R10: dffffc0000000000 R11: fffffbfff1cf9fd8 R12: ffff8880315dc620
R13: 0000000000000000 R14: ffff8880315dc664 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f935a7d1110 CR3: 000000002d708000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __refcount_dec include/linux/refcount.h:336 [inline]
 refcount_dec include/linux/refcount.h:351 [inline]
 ref_tracker_free+0x6af/0x7e0 lib/ref_tracker.c:236
 netdev_tracker_free include/linux/netdevice.h:4082 [inline]
 netdev_put include/linux/netdevice.h:4099 [inline]
 ax25_release+0x368/0x950 net/ax25/af_ax25.c:1069
 __sock_release net/socket.c:658 [inline]
 sock_close+0xbc/0x240 net/socket.c:1426
 __fput+0x23f/0x880 fs/file_table.c:431
 task_work_run+0x24f/0x310 kernel/task_work.c:228
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0xa2f/0x28e0 kernel/exit.c:939
 do_group_exit+0x207/0x2c0 kernel/exit.c:1088
 __do_sys_exit_group kernel/exit.c:1099 [inline]
 __se_sys_exit_group kernel/exit.c:1097 [inline]
 __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1097
 x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f935a755c49
Code: Unable to access opcode bytes at 0x7f935a755c1f.
RSP: 002b:00007fff83fa40b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f935a755c49
RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
RBP: 00007f935a7d02b0 R08: ffffffffffffffb8 R09: 0000000000000006
R10: 00000000200003c0 R11: 0000000000000246 R12: 00007f935a7d02b0
R13: 0000000000000000 R14: 00007f935a7d0d00 R15: 00007f935a726e90
 </TASK>

Crashes (2316):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/23 18:48 net 34d35b4edbbe 15fa2979 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 20:21 net-next 6b3099ebca13 1d58202c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/06/24 22:37 net-next 568ebdaba637 215eef4a .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 23:16 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 573067a5a685 1ac6aa80 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING: refcount bug in ax25_release
2024/12/19 14:05 upstream eabcdba3ad40 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: refcount bug in ax25_release
2024/12/18 06:45 upstream aef25be35d23 a0626d3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: refcount bug in ax25_release
2024/12/16 23:18 upstream f44d154d6e3d f93b2b55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING: refcount bug in ax25_release
2024/12/13 01:07 upstream 150b567e0d57 941924eb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: refcount bug in ax25_release
2024/11/16 07:01 upstream f868cd251776 cfe3a04a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING: refcount bug in ax25_release
2024/05/25 15:57 upstream 56fb6f92854f a10a183e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING: refcount bug in ax25_release
2024/12/21 12:52 upstream 499551201b5f d7f584ee .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/21 07:01 upstream e9b8ffafd20a d7f584ee .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/21 05:41 upstream e9b8ffafd20a d7f584ee .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/21 02:31 upstream e9b8ffafd20a d7f584ee .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/21 01:08 upstream e9b8ffafd20a d7f584ee .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/20 21:37 upstream e9b8ffafd20a 49cfeac8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/20 18:11 upstream 8faabc041a00 49cfeac8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/18 20:01 upstream aef25be35d23 1432fc84 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/17 20:18 upstream 59dbb9d81adf a0626d3a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/16 20:49 upstream 78d4f34e2115 eec85da6 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/16 19:30 upstream 78d4f34e2115 eec85da6 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/16 14:35 upstream 78d4f34e2115 eec85da6 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/16 06:48 upstream dccbe2047a5b 7cbfbb3a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/16 05:38 upstream dccbe2047a5b 7cbfbb3a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in ax25_release
2024/12/17 11:16 upstream f44d154d6e3d f93b2b55 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING: refcount bug in ax25_release
2024/12/21 04:25 net cc54ec56d822 1ac6aa80 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/21 04:18 net cc54ec56d822 1ac6aa80 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 23:11 net cc54ec56d822 1ac6aa80 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 20:24 net cc54ec56d822 1ac6aa80 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 19:13 net cc54ec56d822 1ac6aa80 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 17:25 net cc54ec56d822 1ac6aa80 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 08:11 net c0cc126882ba 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 06:59 net c0cc126882ba 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 04:28 net ce1219c3f76b 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 00:36 net ce1219c3f76b 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 19:43 net ce1219c3f76b 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 15:07 net ce1219c3f76b 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 11:25 net 5c964c8a97c1 1432fc84 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 09:57 net 5c964c8a97c1 1432fc84 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 07:56 net 5c964c8a97c1 1432fc84 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 05:05 net 5c964c8a97c1 1432fc84 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 03:10 net 5c964c8a97c1 1432fc84 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/18 23:04 net 954a2b40719a 1432fc84 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/18 15:21 net 954a2b40719a a0626d3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/17 19:01 net 7ed2d9158877 c8c15bb2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/17 14:21 net c8eb0c3ffde6 f93b2b55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/17 05:25 net c8eb0c3ffde6 f93b2b55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/17 03:53 net c8eb0c3ffde6 f93b2b55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/17 01:38 net 922b4b955a03 f93b2b55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/16 17:54 net 922b4b955a03 f93b2b55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/16 12:32 net 922b4b955a03 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/16 10:08 net 922b4b955a03 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/16 08:58 net 922b4b955a03 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in ax25_release
2024/12/21 14:19 net-next ae418e95dd93 d7f584ee .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/12/21 10:22 net-next ae418e95dd93 d7f584ee .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/12/21 09:14 net-next ae418e95dd93 d7f584ee .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/12/21 08:09 net-next ae418e95dd93 d7f584ee .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 15:42 net-next b73e56f16250 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/12/20 11:33 net-next b73e56f16250 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 21:24 net-next 6b3099ebca13 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/12/19 15:29 net-next 4fefbc66dfb3 1d58202c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/05/22 23:27 net-next 4b377b4868ef 4d098039 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in ax25_release
2024/11/10 21:39 linux-next 929beafbe7ac 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING: refcount bug in ax25_release
* Struck through repros no longer work on HEAD.