syzbot


WARNING in format_decode (2)

Status: fixed on 2018/12/07 08:24
Reported-by: syzbot+1ec5c5ec949c4adaa0c4@syzkaller.appspotmail.com
Fix commit: 1efb6ee3edea bpf: fix check of allowed specifiers in bpf_trace_printk
First crash: 1498d, last: 1415d
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in format_decode C 1 1646d 1646d 6/24 fixed on 2018/05/08 18:30
android-49 WARNING in format_decode 1 1440d 1267d 0/3 auto-closed as invalid on 2019/04/28 09:31

Sample crash report:
**                                                      **
**   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **
**********************************************************
------------[ cut here ]------------
Please remove unsupported %� in format string
WARNING: CPU: 0 PID: 5683 at lib/vsprintf.c:2152 format_decode+0x8fc/0xaf0 lib/vsprintf.c:2152
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 5683 Comm: syz-executor332 Not tainted 4.20.0-rc1+ #329
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x244/0x39d lib/dump_stack.c:113
 panic+0x2ad/0x55c kernel/panic.c:188
 __warn.cold.8+0x20/0x45 kernel/panic.c:540
 report_bug+0x254/0x2d0 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:178 [inline]
 do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:271
 do_invalid_op+0x36/0x40 arch/x86/kernel/traps.c:290
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:969
RIP: 0010:format_decode+0x8fc/0xaf0 lib/vsprintf.c:2152
Code: e8 19 39 b5 f9 41 c6 45 00 12 e9 9b fd ff ff e8 0a 39 b5 f9 0f be f3 48 c7 c7 c0 f1 d5 88 c6 05 22 0a 47 02 01 e8 c4 9a 7e f9 <0f> 0b 4d 8b 66 c0 e9 59 fe ff ff 48 8b bd 70 ff ff ff e8 bd 85 f8
RSP: 0018:ffff8801b9d6f670 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8165e9b5 RDI: 0000000000000005
RBP: ffff8801b9d6f718 R08: ffff8801b9cdc3c0 R09: ffffed003b5c3ef8
R10: ffffed003b5c3ef8 R11: ffff8801dae1f7c7 R12: ffff8801b9d6faec
R13: ffff8801b9d6f790 R14: ffff8801b9d6f6f0 R15: 0000000000000000
 vsnprintf+0x185/0x1b60 lib/vsprintf.c:2248
 vscnprintf+0x2d/0x80 lib/vsprintf.c:2399
 __trace_array_vprintk.part.59+0x5b/0x2f0 kernel/trace/trace.c:2992
 __trace_array_vprintk kernel/trace/trace.c:3023 [inline]
 trace_array_vprintk kernel/trace/trace.c:3023 [inline]
 trace_vprintk+0x71/0x90 kernel/trace/trace.c:3061
 __trace_printk+0xce/0x120 kernel/trace/trace_printk.c:238
 ____bpf_trace_printk kernel/trace/bpf_trace.c:271 [inline]
 bpf_trace_printk+0xb30/0xc50 kernel/trace/bpf_trace.c:163
 bpf_prog_12183cdb1cd51dab+0x4e8/0x1000
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (16):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2018/11/10 12:00 upstream aa4330e15c26 f9815aaf .config log report syz C
ci-upstream-kasan-gce-smack-root 2018/11/10 11:15 upstream aa4330e15c26 f9815aaf .config log report syz C
ci-upstream-kasan-gce-selinux-root 2018/11/10 11:09 upstream aa4330e15c26 f9815aaf .config log report syz C
ci-upstream-bpf-kasan-gce 2018/11/10 08:41 bpf da85d8bfd151 f9815aaf .config log report syz C
ci-upstream-net-kasan-gce 2018/11/10 09:21 net-next 12ceaf8864c2 f9815aaf .config log report syz C
ci-upstream-bpf-next-kasan-gce 2018/11/10 09:04 bpf-next c8123ead13a5 f9815aaf .config log report syz C
ci-upstream-bpf-kasan-gce 2018/11/03 02:31 bpf 7de414a9dd91 8bd6bd63 .config log report syz
ci-upstream-net-kasan-gce 2018/11/02 09:39 net-next 7c6c54b505b8 1f38e9ae .config log report syz
ci-upstream-net-kasan-gce 2018/08/26 11:09 net-next 2ad0d5269970 758cd203 .config log report syz
ci-upstream-bpf-kasan-gce 2018/11/10 05:58 bpf da85d8bfd151 f9815aaf .config log report
ci-upstream-bpf-kasan-gce 2018/11/02 23:52 bpf 7de414a9dd91 8bd6bd63 .config log report
ci-upstream-net-this-kasan-gce 2018/08/28 11:19 net 53ae914d898e 7ef1de9e .config log report
ci-upstream-bpf-next-kasan-gce 2018/11/17 17:30 bpf-next 592ee43faf86 b08ee62a .config log report
ci-upstream-net-kasan-gce 2018/11/02 07:06 net-next 7c6c54b505b8 1f38e9ae .config log report
ci-upstream-net-kasan-gce 2018/09/18 10:02 net-next ce5b127b172e 7f125108 .config log report
ci-upstream-net-kasan-gce 2018/08/26 09:18 net-next 2ad0d5269970 758cd203 .config log report
* Struck through repros no longer work on HEAD.