syzbot

 sign-in | mailing list | source | docs
🐞 Open [208] 🐞 Fixed [22] 🐞 Invalid [61] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

kernel BUG in prog_array_map_poke_run

Status: auto-obsoleted due to no activity on 2024/03/24 07:32
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+4956f9b851d6402719ab@syzkaller.appspotmail.com
First crash: 176d, last: 107d
Fix bisection: fixed by (bisect log) :
commit 13578b4ea461da333b863e7a2f732f0f8e0ffbd0
Author: Jiri Olsa <jolsa@kernel.org>
Date: Wed Dec 6 08:30:40 2023 +0000

  bpf: Fix prog_array_map_poke_run map poke update

  
Bug presence (5)
Date Name Commit Repro Result
2023/12/22 android13-5.15-lts (ToT) 377690365601 C [report] kernel BUG in prog_array_map_poke_run
2023/11/07 lts (merge base) 12952a23a5da C [report] kernel BUG in prog_array_map_poke_run
2024/02/06 lts (merge base) 6139f2a02fe0 C Didn't crash
2023/11/07 upstream (ToT) be3ca57cfb77 C [report] kernel BUG in prog_array_map_poke_run
2023/12/22 upstream (ToT) 24e0d2e527a3 C Didn't crash
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 kernel BUG in prog_array_map_poke_run origin:upstream missing-backport C done 16 117d 175d 0/3 upstream: reported C repro on 2023/11/07 11:42
upstream kernel BUG in prog_array_map_poke_run bpf C done done 35 134d 175d 25/26 fixed on 2024/01/23 01:55
linux-6.1 kernel BUG in prog_array_map_poke_run origin:upstream missing-backport C unreliable 3 130d 175d 0/3 upstream: reported C repro on 2023/11/08 01:21
android-6-1 kernel BUG in prog_array_map_poke_run origin:upstream missing-backport C error 14 117d 175d 2/2 fixed on 2024/01/09 06:37
android-5-10 kernel BUG in prog_array_map_poke_run C 146 5h35m 175d 0/2 upstream: reported C repro on 2023/11/07 04:51
Last patch testing requests (8)
Created Duration User Patch Repo Result
2024/01/28 10:36 14m retest repro android13-5.15-lts OK log
2024/01/28 08:53 22m retest repro android13-5.15-lts OK log
2024/01/28 08:53 21m retest repro android13-5.15-lts OK log
2024/01/28 08:53 21m retest repro android13-5.15-lts OK log
2024/01/28 08:53 21m retest repro android13-5.15-lts OK log
2024/01/28 08:53 13m retest repro android13-5.15-lts OK log
2024/01/28 07:31 20m retest repro android13-5.15-lts OK log
2024/01/28 07:31 19m retest repro android13-5.15-lts OK log

Sample crash report:
------------[ cut here ]------------
kernel BUG at kernel/bpf/arraymap.c:1037!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 3953 Comm: kworker/0:6 Not tainted 5.15.137-syzkaller-01792-g61cfd264993d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
Workqueue: events prog_array_map_clear_deferred
RIP: 0010:prog_array_map_poke_run+0x696/0x6b0 kernel/bpf/arraymap.c:1037
Code: 47 e6 ff 48 83 c4 70 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bd 47 e6 ff 0f 0b e9 de f9 ff ff e8 b1 47 e6 ff 0f 0b e8 aa 47 e6 ff <0f> 0b e8 a3 47 e6 ff 0f 0b e8 9c 47 e6 ff 0f 0b 66 2e 0f 1f 84 00
RSP: 0018:ffffc90000c17b70 EFLAGS: 00010293
RAX: ffffffff8189af86 RBX: ffff888114d04e90 RCX: ffff8881146d8000
RDX: 0000000000000000 RSI: 00000000fffffff0 RDI: 00000000ffffffea
RBP: ffffc90000c17c08 R08: ffffffff8189ad11 R09: fffff52000182f39
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888112628100
R13: dffffc0000000000 R14: ffff888120b4dc00 R15: 00000000fffffff0
FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffd3e5671f8 CR3: 000000011fd00000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 fd_array_map_delete_elem+0x154/0x250 kernel/bpf/arraymap.c:830
 bpf_fd_array_map_clear kernel/bpf/arraymap.c:878 [inline]
 prog_array_map_clear_deferred+0xf8/0x210 kernel/bpf/arraymap.c:1057
 process_one_work+0x6bb/0xc10 kernel/workqueue.c:2317
 worker_thread+0xad5/0x12a0 kernel/workqueue.c:2464
 kthread+0x421/0x510 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:298
 </TASK>
Modules linked in:
---[ end trace 58f016f107480003 ]---
RIP: 0010:prog_array_map_poke_run+0x696/0x6b0 kernel/bpf/arraymap.c:1037
Code: 47 e6 ff 48 83 c4 70 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bd 47 e6 ff 0f 0b e9 de f9 ff ff e8 b1 47 e6 ff 0f 0b e8 aa 47 e6 ff <0f> 0b e8 a3 47 e6 ff 0f 0b e8 9c 47 e6 ff 0f 0b 66 2e 0f 1f 84 00
RSP: 0018:ffffc90000c17b70 EFLAGS: 00010293
RAX: ffffffff8189af86 RBX: ffff888114d04e90 RCX: ffff8881146d8000
RDX: 0000000000000000 RSI: 00000000fffffff0 RDI: 00000000ffffffea
RBP: ffffc90000c17c08 R08: ffffffff8189ad11 R09: fffff52000182f39
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888112628100
R13: dffffc0000000000 R14: ffff888120b4dc00 R15: 00000000fffffff0
FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0c2c1bdac8 CR3: 000000011ce30000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (32):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/11/28 03:26 android13-5.15-lts 61cfd264993d 7ec6c044 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/11/27 21:18 android13-5.15-lts 61cfd264993d 7ec6c044 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/11/10 03:49 android13-5.15-lts 61cfd264993d 56230772 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/11/10 02:21 android13-5.15-lts 61cfd264993d 56230772 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/11/10 01:46 android13-5.15-lts 61cfd264993d 56230772 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/11/09 04:39 android13-5.15-lts 61cfd264993d 4862372a .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/11/09 04:09 android13-5.15-lts 61cfd264993d 4862372a .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/11/07 03:36 android13-5.15-lts 61cfd264993d 83211397 .config console log report syz C ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2024/01/04 21:34 android13-5.15-lts 92ec34b6c034 28c42cff .config console log report syz [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2024/01/04 18:27 android13-5.15-lts 92ec34b6c034 28c42cff .config console log report syz [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2024/01/14 07:31 android13-5.15-lts ea2937bdd12f 551587c1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2024/01/14 05:19 android13-5.15-lts ea2937bdd12f 551587c1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2024/01/10 02:10 android13-5.15-lts 819bb2da7f5d b438bd66 .config console log report info ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2024/01/08 02:34 android13-5.15-lts 92ec34b6c034 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2024/01/03 15:16 android13-5.15-lts 1370e896a3b8 fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/12/31 23:06 android13-5.15-lts 28e3f5851a99 fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/12/25 14:01 android13-5.15-lts 28e3f5851a99 fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/12/19 12:59 android13-5.15-lts 377690365601 3ad490ea .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/12/19 09:07 android13-5.15-lts 05ef4ccb5774 3ad490ea .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/12/17 09:04 android13-5.15-lts 05ef4ccb5774 3222d10c .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/12/14 01:30 android13-5.15-lts 05ef4ccb5774 3222d10c .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/12/11 10:21 android13-5.15-lts b1355f1607d5 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/12/10 19:26 android13-5.15-lts b1355f1607d5 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/12/05 20:14 android13-5.15-lts 0e7c7966689d 858d62d1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/12/02 23:44 android13-5.15-lts eb99a642b7e6 f819d6f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/12/01 04:59 android13-5.15-lts eb99a642b7e6 f819d6f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/11/25 07:07 android13-5.15-lts 61cfd264993d 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/11/24 16:30 android13-5.15-lts 61cfd264993d 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/11/24 12:49 android13-5.15-lts 61cfd264993d 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
2023/11/15 13:38 android13-5.15-lts 61cfd264993d cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/11/11 13:02 android13-5.15-lts 61cfd264993d 6d6dbf8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-5-15 kernel BUG in prog_array_map_poke_run
2023/11/07 02:58 android13-5.15-lts 61cfd264993d 83211397 .config console log report info ci2-android-5-15-perf kernel BUG in prog_array_map_poke_run
* Struck through repros no longer work on HEAD.