syzbot

 sign-in | mailing list | source | docs
🐞 Open [196]
🐞 Fixed [42]
🐞 Invalid [470]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
💬 Send us feedback

kernel BUG at net/key/af_key.c:LINE!

Status: fixed on 2018/02/03 04:36
Fix commit: 6ceabde66643 xfrm: Copy policy family in clone_policy
First crash: 2568d, last: 2568d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream kernel BUG at net/key/af_key.c:LINE! C 63 2517d 2510d 3/27 fixed on 2017/12/04 08:08

Sample crash report:
------------[ cut here ]------------
kernel BUG at net/key/af_key.c:2076!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 0 PID: 3297 Comm: syzkaller116262 Not tainted 4.9.44-gbf7ef8f #34
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8801c7724800 task.stack: ffff8801c7730000
RIP: 0010:[<ffffffff835596ab>]  [<ffffffff835596ab>] pfkey_xfrm_policy2msg+0x1b6b/0x2100 net/key/af_key.c:2076
RSP: 0018:ffff8801c7737820  EFLAGS: 00010297
RAX: ffff8801c7724800 RBX: ffff8801c7728b64 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 000000000000204e RDI: ffff8801c77289fc
RBP: ffff8801c7737890 R08: 0000000000000001 R09: ffff8801c7728d80
R10: 000000000000001b R11: ffffed0038ee51ca R12: ffff8801c7728a18
R13: ffff8801c7728900 R14: 0000000000000001 R15: 0000000000000008
FS:  00007fcfb9482700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020002ff0 CR3: 00000001d1c6e000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffff8801c7728d80 000000d800000000 ffff8801c77378a8 00000000000000d8
 ffffffff83555ea3 ffff8801c7728d90 0000000300000000 ffff8801d1c7eb40
 00000000000000ff ffff8801cf462200 ffff8801c7728900 ffff8801d1c7eb40
Call Trace:
 [<ffffffff835609ca>] dump_sp+0xca/0x450 net/key/af_key.c:2685
 [<ffffffff833a8dd1>] xfrm_policy_walk+0x1b1/0x4d0 net/xfrm/xfrm_policy.c:1047
 [<ffffffff83556812>] pfkey_dump_sp+0x42/0x50 net/key/af_key.c:2708
 [<ffffffff83564627>] pfkey_do_dump+0x67/0x2f0 net/key/af_key.c:299
 [<ffffffff83564f60>] pfkey_spddump+0x1a0/0x210 net/key/af_key.c:2735
 [<ffffffff83560079>] pfkey_process+0x619/0x730 net/key/af_key.c:2825
 [<ffffffff8356190f>] pfkey_sendmsg+0x3af/0x750 net/key/af_key.c:3666
 [<ffffffff82ecbb9a>] sock_sendmsg_nosec net/socket.c:635 [inline]
 [<ffffffff82ecbb9a>] sock_sendmsg+0xca/0x110 net/socket.c:645
 [<ffffffff82ecbe06>] sock_write_iter+0x226/0x3b0 net/socket.c:843
 [<ffffffff8156a91f>] new_sync_write fs/read_write.c:499 [inline]
 [<ffffffff8156a91f>] __vfs_write+0x4bf/0x680 fs/read_write.c:512
 [<ffffffff8156e690>] vfs_write+0x170/0x4e0 fs/read_write.c:560
 [<ffffffff81572089>] SYSC_write fs/read_write.c:607 [inline]
 [<ffffffff81572089>] SyS_write+0xd9/0x1b0 fs/read_write.c:599
 [<ffffffff838a6885>] entry_SYSCALL_64_fastpath+0x23/0xc6
Code: 00 00 00 c7 45 c0 10 00 00 00 e9 31 e5 ff ff e8 2c 0a e1 fd 48 8b 45 d0 be 01 00 00 00 66 89 70 04 e9 3e f5 ff ff e8 15 0a e1 fd <0f> 0b e8 3e 35 fe fd e9 51 ff ff ff be 02 00 00 00 48 89 45 d0 
RIP  [<ffffffff835596ab>] pfkey_xfrm_policy2msg+0x1b6b/0x2100 net/key/af_key.c:2076
 RSP <ffff8801c7737820>
---[ end trace 57bd7f03450215e4 ]---

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/08/27 09:16 https://android.googlesource.com/kernel/common android-4.9 bf7ef8f2d57c be291771 .config console log report syz C ci-android-49-kasan-gce
* Struck through repros no longer work on HEAD.