syzbot


BUG: unable to handle kernel NULL pointer dereference in htb_select_queue
Status: upstream: reported syz repro on 2021/03/09 15:13
Reported-by: syzbot+b53a709f04722ca12a3c@syzkaller.appspotmail.com
Fix commit: fb3a3e37de33 sch_htb: Fix offload cleanup in htb_destroy on htb_init failure 93bde210c434 sch_htb: Fix select_queue for non-offload mode
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32]
First crash: 171d, last: 122d

Cause bisection: introduced by (bisect log) :
commit d03b195b5aa015f6c11988b86a3625f8d5dbac52
Author: Maxim Mikityanskiy <maximmi@mellanox.com>
Date: Tue Jan 19 12:08:13 2021 +0000

  sch_htb: Hierarchical QoS hardware offload

Crash: BUG: unable to handle kernel NULL pointer dereference in htb_select_queue (log)
Repro: syz .config
Patch testing requests:
Created Duration User Patch Repo Result
2021/03/11 10:55 11m yildirim.fatih@gmail.com upstream report log

Sample crash report:

Crashes (8):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-net-kasan-gce 2021/02/20 00:50 net-next 38b5133ad607 f689d40a .config log report syz BUG: unable to handle kernel NULL pointer dereference in htb_select_queue
ci-upstream-kasan-gce 2021/03/24 11:08 upstream 7acac4b3196c e613994b .config log report info BUG: unable to handle kernel NULL pointer dereference in htb_select_queue
ci-upstream-kasan-gce 2021/02/27 15:12 upstream 3fb6d0e00efc 4c37c133 .config log report info BUG: unable to handle kernel NULL pointer dereference in htb_select_queue
ci-upstream-net-kasan-gce 2021/03/03 06:08 net-next d310ec03a34e e5b64d68 .config log report info BUG: unable to handle kernel NULL pointer dereference in htb_select_queue
ci-upstream-net-kasan-gce 2021/02/19 21:39 net-next 38b5133ad607 f689d40a .config log report info BUG: unable to handle kernel NULL pointer dereference in htb_select_queue
ci-upstream-net-kasan-gce 2021/02/11 15:18 net-next e4b62cf7559f a52ee10a .config log report info BUG: unable to handle kernel NULL pointer dereference in htb_select_queue
ci-upstream-net-kasan-gce 2021/02/08 19:37 net-next badc6ac32122 2ce644fc .config log report info BUG: unable to handle kernel NULL pointer dereference in htb_select_queue
ci-upstream-net-kasan-gce 2021/02/03 04:11 net-next 9ae4bdc6e4c1 624dad51 .config log report info BUG: unable to handle kernel NULL pointer dereference in htb_select_queue