syzbot

 sign-in | mailing list | source | docs
🐞 Open [979] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12499] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

kernel BUG in llc_sap_action_send_xid_c

Status: fixed on 2021/11/10 00:50
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+5e5a981ad7cc54c4b2b4@syzkaller.appspotmail.com
Fix commit: c7c9d2102c9c net: llc: fix skb_over_panic
First crash: 1136d, last: 897d
Cause bisection: failed (error log, bisect log)
  
Discussions (9)
Title Replies (including bot) Last reply
[PATCH 4.19 00/30] 4.19.201-rc1 review 36 (36) 2021/08/05 01:08
[PATCH 5.10 00/67] 5.10.56-rc1 review 83 (83) 2021/08/04 06:35
[PATCH 4.14 00/38] 4.14.242-rc1 review 42 (42) 2021/08/04 02:56
[PATCH 5.13 000/104] 5.13.8-rc1 review 109 (109) 2021/08/03 19:37
[PATCH 5.4 00/40] 5.4.138-rc1 review 44 (44) 2021/08/03 19:16
[PATCH 4.9 00/32] 4.9.278-rc1 review 35 (35) 2021/08/03 19:14
[PATCH 4.4 00/26] 4.4.278-rc1 review 30 (30) 2021/08/03 19:14
[PATCH] net: llc: fix skb_over_panic 2 (2) 2021/07/27 12:20
[syzbot] kernel BUG in llc_sap_action_send_xid_c 0 (1) 2021/04/09 17:58
Similar bugs (28)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 kernel BUG at net/core/skbuff.c:LINE! C unreliable 494 604d 1823d 0/1 upstream: reported C repro on 2019/04/27 20:12
linux-4.14 kernel BUG at net/core/skbuff.c:LINE! C 3066 419d 1839d 0/1 upstream: reported C repro on 2019/04/12 15:43
android-44 kernel BUG at net/core/skbuff.c:LINE! C 79 1614d 1840d 0/2 public: reported C repro on 2019/04/11 08:44
android-54 kernel BUG in pfkey_send_acquire C 278 528d 1193d 0/2 auto-obsoleted due to no activity on 2023/04/19 14:24
upstream kernel BUG at net/core/skbuff.c:LINE! (2) net C 562 2279d 2368d 4/26 fixed on 2018/01/29 03:39
android-5-10 kernel BUG in add_grec C error 83 758d 832d 2/2 fixed on 2022/03/29 10:01
android-54 kernel BUG at net/core/skbuff.c:LINE! C 267 344d 1564d 0/2 auto-obsoleted due to no activity on 2023/08/22 15:17
android-414 kernel BUG at net/core/skbuff.c:LINE! C 2743 1603d 1840d 0/1 public: reported C repro on 2019/04/11 00:00
android-5-10 kernel BUG in add_grec (2) C error inconclusive 1039 518d 518d 2/2 fixed on 2023/02/24 12:10
upstream kernel BUG in netem_enqueue net 9 496d 721d 22/26 fixed on 2023/02/24 13:50
android-5-10 kernel BUG in cdc_ncm_fill_tx_frame C error 40 850d 915d 1/2 fixed on 2021/12/29 12:20
upstream kernel BUG at net/core/skbuff.c:LINE! (3) C done 4399 1157d 2273d 19/26 fixed on 2021/03/10 01:48
upstream kernel BUG at net/core/skbuff.c:LINE! sctp 5 2374d 2444d 3/26 fixed on 2017/10/27 10:10
linux-4.19 kernel BUG in pfkey_send_acquire C done 56 1163d 1193d 1/1 fixed on 2021/03/18 08:30
upstream kernel BUG in pskb_expand_head net C done 1600 440d 891d 22/26 fixed on 2023/02/25 08:02
android-49 kernel BUG at net/core/skbuff.c:LINE! C 391 1603d 1839d 0/3 public: reported C repro on 2019/04/12 00:00
linux-4.19 kernel BUG in ip6_mc_hdr 2 415d 511d 0/1 upstream: reported on 2022/11/30 17:44
upstream kernel BUG in fou_build_udp net C 1 356d 356d 22/26 fixed on 2023/06/08 14:41
android-6-1 kernel BUG in pskb_expand_head 1 321d 321d 0/2 auto-obsoleted due to no activity on 2023/09/05 19:11
upstream kernel BUG in pskb_expand_head (2) bpf net 10 334d 350d 0/26 auto-obsoleted due to no activity on 2023/08/23 09:08
linux-5.15 kernel BUG in pskb_expand_head 1 374d 374d 0/3 auto-obsoleted due to no activity on 2023/08/14 13:19
linux-6.1 kernel BUG in pskb_expand_head 1 330d 330d 0/3 auto-obsoleted due to no activity on 2023/09/07 17:22
upstream kernel BUG in ip6gre_header (2) net C 2 194d 208d 25/26 fixed on 2024/01/20 21:18
upstream kernel BUG in ip6gre_header net C 5 244d 315d 23/26 fixed on 2023/09/28 17:51
upstream kernel BUG in ip6gre_header (3) net 1 78d 78d 0/26 closed as invalid on 2024/03/01 17:31
linux-6.1 kernel BUG in ip6gre_header origin:upstream C 1 7d13h 315d 0/3 upstream: reported C repro on 2023/06/14 11:11
upstream kernel BUG in ipgre_header net C 4 144d 158d 25/26 fixed on 2024/01/20 21:18
linux-6.1 kernel BUG in ipgre_header origin:upstream C 5 29d 158d 0/3 upstream: reported C repro on 2023/11/18 02:08
Last patch testing requests (1)
Created Duration User Patch Repo Result
2021/07/24 20:00 16m paskripkin@gmail.com patch upstream OK

Sample crash report:
skbuff: skb_over_panic: text:ffffffff8717de50 len:692 put:3 head:ffff888025f6f000 data:ffff888025f6f00e tail:0x2c2 end:0x2c0 dev:bond0
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:109!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 8372 Comm: syz-executor543 Not tainted 5.12.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:skb_panic+0x16c/0x16e net/core/skbuff.c:109
Code: f8 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 40 b2 65 8a ff 74 24 10 ff 74 24 20 e8 e7 c0 c4 ff <0f> 0b e8 d2 e0 75 f8 4c 8b 64 24 18 e8 c8 87 b9 f8 48 c7 c1 80 be
RSP: 0018:ffffc9000132f7b8 EFLAGS: 00010282
RAX: 0000000000000086 RBX: ffff888012a91140 RCX: 0000000000000000
RDX: ffff888021d6d4c0 RSI: ffffffff815c4d75 RDI: fffff52000265ee9
RBP: ffffffff8a65bec0 R08: 0000000000000086 R09: 0000000000000000
R10: ffffffff815bdb0e R11: 0000000000000000 R12: ffffffff8717de50
R13: 0000000000000003 R14: ffff88801aa24000 R15: 00000000000002c0
FS:  0000000001d53300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055acdca69398 CR3: 0000000020a7b000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 skb_over_panic net/core/skbuff.c:114 [inline]
 skb_put.cold+0x24/0x24 net/core/skbuff.c:1914
 llc_pdu_init_as_xid_cmd include/net/llc_pdu.h:377 [inline]
 llc_sap_action_send_xid_c+0x240/0x380 net/llc/llc_s_ac.c:84
 llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]
 llc_sap_next_state net/llc/llc_sap.c:182 [inline]
 llc_sap_state_process+0x22a/0x4f0 net/llc/llc_sap.c:209
 llc_ui_sendmsg+0x9ee/0x1040 net/llc/af_llc.c:964
 sock_sendmsg_nosec net/socket.c:654 [inline]
 sock_sendmsg+0xcf/0x120 net/socket.c:674
 ____sys_sendmsg+0x331/0x810 net/socket.c:2350
 ___sys_sendmsg+0xf3/0x170 net/socket.c:2404
 __sys_sendmmsg+0x195/0x470 net/socket.c:2490
 __do_sys_sendmmsg net/socket.c:2519 [inline]
 __se_sys_sendmmsg net/socket.c:2516 [inline]
 __x64_sys_sendmmsg+0x99/0x100 net/socket.c:2516
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x43f329
Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc10253fb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 0000000000400488 RCX: 000000000043f329
RDX: 0000000000000006 RSI: 0000000020005bc0 RDI: 0000000000000003
RBP: 0000000000403310 R08: 0000000000400488 R09: 0000000000400488
R10: 0000000004000000 R11: 0000000000000246 R12: 00000000004033a0
R13: 0000000000000000 R14: 00000000004ad018 R15: 0000000000400488
Modules linked in:
---[ end trace 4d95aeb9a24efeaa ]---
RIP: 0010:skb_panic+0x16c/0x16e net/core/skbuff.c:109
Code: f8 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 40 b2 65 8a ff 74 24 10 ff 74 24 20 e8 e7 c0 c4 ff <0f> 0b e8 d2 e0 75 f8 4c 8b 64 24 18 e8 c8 87 b9 f8 48 c7 c1 80 be
RSP: 0018:ffffc9000132f7b8 EFLAGS: 00010282
RAX: 0000000000000086 RBX: ffff888012a91140 RCX: 0000000000000000
RDX: ffff888021d6d4c0 RSI: ffffffff815c4d75 RDI: fffff52000265ee9
RBP: ffffffff8a65bec0 R08: 0000000000000086 R09: 0000000000000000
R10: ffffffff815bdb0e R11: 0000000000000000 R12: ffffffff8717de50
R13: 0000000000000003 R14: ffff88801aa24000 R15: 00000000000002c0
FS:  0000000001d53300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055acdca69398 CR3: 0000000020a7b000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (61):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/04/09 09:43 net-old 864db232dc70 6a81331a .config console log report syz C ci-upstream-net-this-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/04/09 08:58 net-next-old 4438669eb703 6a81331a .config console log report syz C ci-upstream-net-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/07/27 08:29 net-old 92766c4628ea fd511809 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/07/03 01:29 net-old dbe69e433722 55aa55c2 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/03/15 05:29 net-old 6577b9a551ae cc1cff8f .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/07/11 14:11 net-next-old 5e437416ff66 8f5a7b8c .config console log report info ci-upstream-net-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/05/15 07:18 net-next-old 30515832e987 8bdd5343 .config console log report info ci-upstream-net-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/04/11 21:35 net-next-old cbd312539284 bfeda1b1 .config console log report info ci-upstream-net-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/04/09 08:24 net-next-old 4438669eb703 6a81331a .config console log report info ci-upstream-net-kasan-gce kernel BUG in llc_sap_action_send_xid_c
2021/11/08 14:06 upstream 6b75d88fa81b d29682f1 .config console log report info ci-qemu-upstream kernel BUG in ipgre_header
2021/11/08 11:24 upstream 6b75d88fa81b d29682f1 .config console log report info ci-qemu-upstream kernel BUG in pskb_expand_head
2021/11/03 09:58 upstream 56d33754481f 17f3edd2 .config console log report info ci-qemu-upstream kernel BUG in pskb_expand_head
2021/11/03 07:52 upstream bfc484fe6abb 17f3edd2 .config console log report info ci-upstream-kasan-gce-smack-root kernel BUG in __ip6_append_data
2021/11/03 06:22 upstream 56d33754481f 17f3edd2 .config console log report info ci-qemu-upstream kernel BUG in pskb_expand_head
2021/10/29 15:43 upstream f25a5481af12 098b5d53 .config console log report info ci-qemu-upstream kernel BUG in pskb_expand_head
2021/10/23 19:27 upstream 9c0c4d24ac00 282f03fb .config console log report info ci-qemu-upstream kernel BUG in pskb_expand_head
2021/10/08 21:52 upstream 741668ef7832 efe0f24d .config console log report info ci-upstream-kasan-gce kernel BUG in isotp_rcv
2021/09/25 18:11 upstream 7d42e9818258 8cac236e .config console log report info ci-upstream-kasan-gce-smack-root kernel BUG in isotp_rcv
2021/09/20 00:08 upstream d4d016caa4b8 70b76c1d .config console log report info ci-upstream-kasan-gce kernel BUG in isotp_rcv
2021/07/23 01:54 upstream 9bead1b58c4c bc5f1d88 .config console log report info ci-qemu-upstream kernel BUG in pskb_expand_head
2021/07/21 21:33 upstream 8cae8cd89f05 29c3f20f .config console log report info ci-upstream-kasan-gce-smack-root kernel BUG in isotp_rcv
2021/06/20 21:55 upstream cba5e97280f5 aba2b2fb .config console log report info ci-upstream-kasan-gce-selinux-root kernel BUG in isotp_rcv
2021/11/02 17:28 upstream bfc484fe6abb 17f3edd2 .config console log report info ci-qemu-upstream-386 kernel BUG in pskb_expand_head
2021/10/19 16:54 upstream d9abdee5fd5a 24dc29db .config console log report info ci-qemu-upstream-386 kernel BUG in pskb_expand_head
2021/09/24 18:58 upstream 4c4f0c2bf341 8cac236e .config console log report info ci-upstream-kasan-gce-386 kernel BUG in isotp_rcv
2021/08/02 09:57 upstream c500bee1c5b2 6c236867 .config console log report info ci-qemu-upstream-386 kernel BUG in isotp_rcv
2021/11/09 13:59 net-old 0b9111922b1f 59bcaf9a .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in ip6_mc_hdr
2021/11/08 22:34 net-old c45231a7668d d29682f1 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in ip6_mc_hdr
2021/11/08 03:56 net-old 08fcdfa6e3ae 4c1be0be .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in add_grhead
2021/11/03 00:39 net-old cc0356d6a02e 17f3edd2 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in fou_build_udp
2021/09/30 11:18 net-old d88fd1b546ff be530f6c .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in fou_build_udp
2021/09/28 17:34 net-old c894b51e2a23 d82cb927 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in isotp_rcv
2021/09/26 05:51 net-old 7fe7f3182a0d 8cac236e .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in fou_build_udp
2021/09/06 08:01 bpf 57f780f1c433 d236a457 .config console log report info ci-upstream-bpf-kasan-gce kernel BUG in ip6_mc_hdr
2021/08/04 15:03 net-old d1a58c013a58 6c236867 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in isotp_rcv
2021/07/23 20:23 net-old 9f42f674a892 bc5f1d88 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in isotp_rcv
2021/07/16 11:46 net-old 65875073eddd f115ae98 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in fou_build_udp
2021/07/05 16:02 net-old dbe69e433722 55aa55c2 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in isotp_rcv
2021/06/26 02:48 net-old be7f62eebaff ae6bf8dd .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in ip6_mc_hdr
2021/05/03 12:32 net-old bbd6f0a94813 77e2b668 .config console log report info ci-upstream-net-this-kasan-gce kernel BUG in ip6_mc_hdr
2021/11/05 16:01 net-next-old cc0356d6a02e 4c1be0be .config console log report info ci-upstream-net-kasan-gce kernel BUG in ip6gre_header
2021/11/03 08:51 net-next-old cc0356d6a02e 17f3edd2 .config console log report info ci-upstream-net-kasan-gce kernel BUG in ip6gre_header
2021/10/15 16:33 net-next-old 40088915f547 0c5d9412 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/10/11 05:26 net-next-old 0182d0788cd6 838e7e2c .config console log report info ci-upstream-net-kasan-gce kernel BUG in ip6_mc_hdr
2021/09/23 00:01 net-next-old 428168f99517 8cac236e .config console log report info ci-upstream-net-kasan-gce kernel BUG in ip6_mc_hdr
2021/09/09 18:41 net-next-old 626bf91a292e e2776ee4 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/09/09 15:32 net-next-old 626bf91a292e e2776ee4 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/08/19 11:53 net-next-old 19b8ece42c56 a2fe1cb5 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/08/03 16:38 net-next-old 7cdd0a89ec70 6c236867 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/07/04 09:46 net-next-old 5e437416ff66 55aa55c2 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/06/30 18:13 net-next-old b6df00789e28 84fd4c77 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/06/27 02:06 net-next-old ff8744b5eb11 9d2ab5df .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/06/20 14:03 net-next-old adc2e56ebe63 aba2b2fb .config console log report info ci-upstream-net-kasan-gce kernel BUG in isotp_rcv
2021/06/09 10:56 net-next-old 5552571c657d 5c2fe346 .config console log report info ci-upstream-net-kasan-gce kernel BUG in isotp_rcv
2021/06/01 14:16 net-next-old e099f3e8b71c 032639db .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/05/29 03:31 net-next-old 38e9673ce08f 858ea628 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/05/27 09:23 net-next-old c7a551b2e44a 858ea628 .config console log report info ci-upstream-net-kasan-gce kernel BUG in fou_build_udp
2021/05/23 02:10 net-next-old f5120f599880 3c7fef33 .config console log report info ci-upstream-net-kasan-gce kernel BUG in ip6_mc_hdr
2021/03/29 15:30 net-next-old 72642f4127c3 a8529b82 .config console log report info ci-upstream-net-kasan-gce kernel BUG in ip6_mc_hdr
2021/11/02 20:14 linux-next 9150de4aac1e 17f3edd2 .config console log report info ci-upstream-linux-next-kasan-gce-root kernel BUG in isotp_rcv
* Struck through repros no longer work on HEAD.