syzbot

 sign-in | mailing list | source | docs
🐞 Open [1418]
Subsystems
🐞 Fixed [5828]
🐞 Invalid [14221]
Missing Backports [92]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: null-ptr-deref Read in xattr_getsecurity

Status: fixed on 2018/05/08 18:30
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+9369930ca44f29e60e2d@syzkaller.appspotmail.com
Fix commit: 1f5781725dcb commoncap: Handle memory allocation failure.
First crash: 2449d, last: 2405d
Discussions (4)
Title Replies (including bot) Last reply
[PATCH 4.16 00/81] 4.16.6-stable review 88 (88) 2018/04/28 15:52
[PATCH 4.14 00/80] 4.14.38-stable review 90 (90) 2018/04/28 14:28
KASAN: null-ptr-deref Read in xattr_getsecurity 7 (8) 2018/04/25 11:01
[GIT PULL] userns bug fix for 4.17-rc3 1 (1) 2018/04/24 23:46

Sample crash report:
RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000013
RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000092 R11: 0000000000000246 R12: 0000000000000014
R13: 0000000000000098 R14: 00000000006f3ee0 R15: 0000000000000002
==================================================================
BUG: KASAN: null-ptr-deref in memcpy include/linux/string.h:345 [inline]
BUG: KASAN: null-ptr-deref in xattr_getsecurity+0x18a/0x1f0 fs/xattr.c:251
Read of size 20 at addr 0000000000000000 by task syz-executor2/6395
xt_nfacct: accounting object `syz1' does not exists

CPU: 0 PID: 6395 Comm: syz-executor2 Not tainted 4.17.0-rc1+ #11
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1b9/0x294 lib/dump_stack.c:113
 kasan_report_error mm/kasan/report.c:352 [inline]
 kasan_report.cold.7+0x6d/0x2fe mm/kasan/report.c:412
 check_memory_region_inline mm/kasan/kasan.c:260 [inline]
 check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
 memcpy+0x23/0x50 mm/kasan/kasan.c:302
 memcpy include/linux/string.h:345 [inline]
 xattr_getsecurity+0x18a/0x1f0 fs/xattr.c:251
 vfs_getxattr+0xf2/0x160 fs/xattr.c:333
 getxattr+0x139/0x2c0 fs/xattr.c:540
 __do_sys_fgetxattr fs/xattr.c:598 [inline]
 __se_sys_fgetxattr fs/xattr.c:589 [inline]
 __x64_sys_fgetxattr+0x188/0x230 fs/xattr.c:589
 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x455389
RSP: 002b:00007f4acd9bec68 EFLAGS: 00000246 ORIG_RAX: 00000000000000c1
RAX: ffffffffffffffda RBX: 00007f4acd9bf6d4 RCX: 0000000000455389
RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000013
RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000092 R11: 0000000000000246 R12: 0000000000000014
R13: 0000000000000098 R14: 00000000006f3ee0 R15: 0000000000000002
==================================================================

Crashes (68):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/04/22 07:52 upstream 5e7c7806111a d23fcf6c .config console log report ci-upstream-kasan-gce
2018/04/21 15:33 upstream 83beed7b2b26 d23fcf6c .config console log report ci-upstream-kasan-gce-root
2018/04/20 16:33 upstream 87ef12027b9b cc402841 .config console log report ci-upstream-kasan-gce-root
2018/04/20 13:58 upstream 87ef12027b9b cc402841 .config console log report ci-upstream-kasan-gce
2018/04/20 08:10 upstream 87ef12027b9b eae05cb0 .config console log report ci-upstream-kasan-gce
2018/04/19 19:54 upstream 87ef12027b9b 3642839c .config console log report ci-upstream-kasan-gce-root
2018/04/19 11:05 upstream 87ef12027b9b d1b2ef69 .config console log report ci-upstream-kasan-gce-root
2018/04/19 01:25 upstream a27fc14219f2 829f0234 .config console log report ci-upstream-kasan-gce
2018/04/18 17:09 upstream a27fc14219f2 52643b44 .config console log report ci-upstream-kasan-gce-root
2018/04/18 09:14 upstream a27fc14219f2 52643b44 .config console log report ci-upstream-kasan-gce
2018/04/17 02:03 upstream a27fc14219f2 b80fd3b5 .config console log report ci-upstream-kasan-gce-root
2018/04/16 12:59 upstream 60cc43fc8884 802ac912 .config console log report ci-upstream-kasan-gce-root
2018/04/16 11:36 upstream 60cc43fc8884 802ac912 .config console log report ci-upstream-kasan-gce
2018/04/16 04:46 upstream 71b8ebbf3d7b 7a67784c .config console log report ci-upstream-kasan-gce
2018/04/15 08:22 upstream 18b7fd1c93e5 7a67784c .config console log report ci-upstream-kasan-gce-root
2018/04/15 03:49 upstream 18b7fd1c93e5 7a67784c .config console log report ci-upstream-kasan-gce
2018/04/14 00:53 upstream 1bad9ce155a7 7a67784c .config console log report ci-upstream-kasan-gce-root
2018/04/13 10:19 upstream 16e205cf42da 0a0c5db6 .config console log report ci-upstream-kasan-gce
2018/04/11 22:46 upstream b284d4d5a678 9cd56d71 .config console log report ci-upstream-kasan-gce
2018/04/11 11:18 upstream b284d4d5a678 8b8de427 .config console log report ci-upstream-kasan-gce-root
2018/04/10 22:08 upstream c18bb396d3d2 8b8de427 .config console log report ci-upstream-kasan-gce
2018/04/10 15:21 upstream c18bb396d3d2 8e873e9d .config console log report ci-upstream-kasan-gce-root
2018/04/10 11:26 upstream c18bb396d3d2 b9f65507 .config console log report ci-upstream-kasan-gce
2018/04/09 20:46 upstream fd40ffc72e2f b9f65507 .config console log report ci-upstream-kasan-gce
2018/04/09 19:17 upstream 3fd14cdcc05a f13fb445 .config console log report ci-upstream-kasan-gce
2018/04/08 13:54 upstream 3fd14cdcc05a 77bd5117 .config console log report ci-upstream-kasan-gce-root
2018/04/07 00:22 upstream 3fd14cdcc05a d613535f .config console log report ci-upstream-kasan-gce
2018/04/06 19:19 upstream 38c23685b273 4f1152d4 .config console log report ci-upstream-kasan-gce-root
2018/04/06 12:12 upstream 38c23685b273 4f1152d4 .config console log report ci-upstream-kasan-gce
2018/04/06 04:47 upstream 3c8ba0d61d04 a932eae6 .config console log report ci-upstream-kasan-gce-root
2018/04/05 11:32 upstream 06dd3dfeea60 5e1ccffc .config console log report ci-upstream-kasan-gce-root
2018/04/05 08:29 upstream 3e968c9f1401 676bd07e .config console log report ci-upstream-kasan-gce-root
2018/04/05 02:13 upstream 3e968c9f1401 676bd07e .config console log report ci-upstream-kasan-gce-root
2018/04/04 23:43 upstream 3e968c9f1401 676bd07e .config console log report ci-upstream-kasan-gce
2018/04/04 14:17 upstream 17dec0a94915 676bd07e .config console log report ci-upstream-kasan-gce-root
2018/04/04 14:17 upstream 17dec0a94915 676bd07e .config console log report ci-upstream-kasan-gce-root
2018/04/04 09:52 upstream 17dec0a94915 676bd07e .config console log report ci-upstream-kasan-gce
2018/04/03 21:24 upstream f2d285669aae 676bd07e .config console log report ci-upstream-kasan-gce-root
2018/04/03 20:40 upstream f2d285669aae 676bd07e .config console log report ci-upstream-kasan-gce
2018/04/03 09:51 upstream 642e7fd23353 676bd07e .config console log report ci-upstream-kasan-gce-root
2018/04/03 09:49 upstream 642e7fd23353 676bd07e .config console log report ci-upstream-kasan-gce
2018/04/02 23:36 upstream 86bbbebac193 676bd07e .config console log report ci-upstream-kasan-gce-root
2018/04/12 04:57 upstream f2d285669aae 9cd56d71 .config console log report ci-upstream-kasan-gce-386
2018/04/09 14:11 upstream f2d285669aae f13fb445 .config console log report ci-upstream-kasan-gce-386
2018/04/07 18:03 upstream f2d285669aae 66f22a7f .config console log report ci-upstream-kasan-gce-386
2018/04/07 00:24 upstream f2d285669aae d613535f .config console log report ci-upstream-kasan-gce-386
2018/04/06 01:16 upstream f2d285669aae a932eae6 .config console log report ci-upstream-kasan-gce-386
2018/04/03 22:23 upstream f2d285669aae 676bd07e .config console log report ci-upstream-kasan-gce-386
2018/04/03 10:16 upstream 642e7fd23353 676bd07e .config console log report ci-upstream-kasan-gce-386
2018/03/09 05:15 upstream 1b88accf6a65 36d1c454 .config console log report ci-upstream-kasan-gce-386
* Struck through repros no longer work on HEAD.