| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | general protection fault in fib6_walk_continue net | 1 | 57d | 57d | 0/28 | closed as invalid on 2025/01/02 16:12 |
syzbot |
sign-in | mailing list | source | docs |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | general protection fault in fib6_walk_continue net | 1 | 57d | 57d | 0/28 | closed as invalid on 2025/01/02 16:12 |
================================================================== BUG: KASAN: user-memory-access in fib6_walk_continue+0x224/0x412 net/ipv6/ip6_fib.c:2077 Read of size 8 at addr 00000000000c202d by task syz-executor.1/2046 CPU: 0 PID: 2046 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:113 [<ffffffff831668cc>] show_stack+0x34/0x40 arch/riscv/kernel/stacktrace.c:119 [<ffffffff831756ba>] __dump_stack lib/dump_stack.c:88 [inline] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:106 [<ffffffff80474da6>] __kasan_report mm/kasan/report.c:446 [inline] [<ffffffff80474da6>] kasan_report+0x1de/0x1e0 mm/kasan/report.c:459 [<ffffffff80475b20>] check_region_inline mm/kasan/generic.c:183 [inline] [<ffffffff80475b20>] __asan_load8+0x6e/0x96 mm/kasan/generic.c:256 [<ffffffff82d770ae>] fib6_walk_continue+0x224/0x412 net/ipv6/ip6_fib.c:2077 [<ffffffff82d78b6e>] fib6_walk+0xf4/0x1ce net/ipv6/ip6_fib.c:2160 [<ffffffff82d78d1c>] fib6_clean_tree+0xd4/0x10e net/ipv6/ip6_fib.c:2240 [<ffffffff82d7a5fa>] __fib6_clean_all+0xd8/0x266 net/ipv6/ip6_fib.c:2256 [<ffffffff82d82326>] fib6_clean_all net/ipv6/ip6_fib.c:2267 [inline] [<ffffffff82d82326>] fib6_run_gc+0x118/0x25c net/ipv6/ip6_fib.c:2330 [<ffffffff82d8e7cc>] ndisc_netdev_event+0xce/0x3f0 net/ipv6/ndisc.c:1802 [<ffffffff800aac84>] notifier_call_chain+0xb8/0x188 kernel/notifier.c:84 [<ffffffff800aad7e>] raw_notifier_call_chain+0x2a/0x38 kernel/notifier.c:392 [<ffffffff8271d086>] call_netdevice_notifiers_info+0x9e/0x10c net/core/dev.c:1919 [<ffffffff82722c60>] call_netdevice_notifiers_extack net/core/dev.c:1931 [inline] [<ffffffff82722c60>] call_netdevice_notifiers net/core/dev.c:1945 [inline] [<ffffffff82722c60>] dev_set_mac_address+0x218/0x25a net/core/dev.c:8400 [<ffffffff82722cdc>] dev_set_mac_address_user+0x3a/0x58 net/core/dev.c:8414 [<ffffffff827687f4>] do_setlink+0xfb4/0x21c4 net/core/rtnetlink.c:2684 [<ffffffff8276a6a2>] __rtnl_newlink+0x99e/0xfa0 net/core/rtnetlink.c:3412 [<ffffffff8276ad04>] rtnl_newlink+0x60/0x8c net/core/rtnetlink.c:3527 [<ffffffff8276b46c>] rtnetlink_rcv_msg+0x338/0x9a0 net/core/rtnetlink.c:5592 [<ffffffff8296ded2>] netlink_rcv_skb+0xf8/0x2be net/netlink/af_netlink.c:2494 [<ffffffff827624f4>] rtnetlink_rcv+0x26/0x30 net/core/rtnetlink.c:5610 [<ffffffff8296cbcc>] netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline] [<ffffffff8296cbcc>] netlink_unicast+0x40e/0x5fe net/netlink/af_netlink.c:1343 [<ffffffff8296d29c>] netlink_sendmsg+0x4e0/0x994 net/netlink/af_netlink.c:1919 [<ffffffff826d264e>] sock_sendmsg_nosec net/socket.c:705 [inline] [<ffffffff826d264e>] sock_sendmsg+0xa0/0xc4 net/socket.c:725 [<ffffffff826d7026>] __sys_sendto+0x1f2/0x2e0 net/socket.c:2040 [<ffffffff826d7152>] __do_sys_sendto net/socket.c:2052 [inline] [<ffffffff826d7152>] sys_sendto+0x3e/0x52 net/socket.c:2048 [<ffffffff80005716>] ret_from_syscall+0x0/0x2 ================================================================== Unable to handle kernel paging request at virtual address 00000000000c202d Oops [#1] Modules linked in: CPU: 0 PID: 2046 Comm: syz-executor.1 Tainted: G B 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Hardware name: riscv-virtio,qemu (DT) epc : fib6_walk_continue+0x224/0x412 net/ipv6/ip6_fib.c:2077 ra : fib6_walk_continue+0x224/0x412 net/ipv6/ip6_fib.c:2077 epc : ffffffff82d770ae ra : ffffffff82d770ae sp : ffffaf802230a890 gp : ffffffff85863ac0 tp : ffffaf800bbfb080 t0 : ffffffff86bcb657 t1 : fffff5ef0b53910c t2 : 0000000000000000 s0 : ffffaf802230a910 s1 : 00000000000c2015 a0 : 0000000000000001 a1 : 0000000000000003 a2 : 1ffff5f00177f611 a3 : ffffffff831afd3a a4 : 0000000000000000 a5 : ffffaf800bbfc080 a6 : 0000000000f00000 a7 : ffffaf805a9c8863 s2 : ffffaf802230a990 s3 : ffffffff84124c00 s4 : ffffffff84124c00 s5 : 0000000000000004 s6 : ffffaf802230a9b8 s7 : ffffffff84124cc0 s8 : ffffaf802230a9a8 s9 : ffffaf80100dfb80 s10: ffffaf80100dff00 s11: ffffaf802230a9a0 t3 : 0000000061736944 t4 : fffff5ef0b53910c t5 : fffff5ef0b53910d t6 : ffffaf802230a2d8 status: 0000000000000120 badaddr: 00000000000c202d cause: 000000000000000d [<ffffffff82d78b6e>] fib6_walk+0xf4/0x1ce net/ipv6/ip6_fib.c:2160 [<ffffffff82d78d1c>] fib6_clean_tree+0xd4/0x10e net/ipv6/ip6_fib.c:2240 [<ffffffff82d7a5fa>] __fib6_clean_all+0xd8/0x266 net/ipv6/ip6_fib.c:2256 [<ffffffff82d82326>] fib6_clean_all net/ipv6/ip6_fib.c:2267 [inline] [<ffffffff82d82326>] fib6_run_gc+0x118/0x25c net/ipv6/ip6_fib.c:2330 [<ffffffff82d8e7cc>] ndisc_netdev_event+0xce/0x3f0 net/ipv6/ndisc.c:1802 [<ffffffff800aac84>] notifier_call_chain+0xb8/0x188 kernel/notifier.c:84 [<ffffffff800aad7e>] raw_notifier_call_chain+0x2a/0x38 kernel/notifier.c:392 [<ffffffff8271d086>] call_netdevice_notifiers_info+0x9e/0x10c net/core/dev.c:1919 [<ffffffff82722c60>] call_netdevice_notifiers_extack net/core/dev.c:1931 [inline] [<ffffffff82722c60>] call_netdevice_notifiers net/core/dev.c:1945 [inline] [<ffffffff82722c60>] dev_set_mac_address+0x218/0x25a net/core/dev.c:8400 [<ffffffff82722cdc>] dev_set_mac_address_user+0x3a/0x58 net/core/dev.c:8414 [<ffffffff827687f4>] do_setlink+0xfb4/0x21c4 net/core/rtnetlink.c:2684 [<ffffffff8276a6a2>] __rtnl_newlink+0x99e/0xfa0 net/core/rtnetlink.c:3412 [<ffffffff8276ad04>] rtnl_newlink+0x60/0x8c net/core/rtnetlink.c:3527 [<ffffffff8276b46c>] rtnetlink_rcv_msg+0x338/0x9a0 net/core/rtnetlink.c:5592 [<ffffffff8296ded2>] netlink_rcv_skb+0xf8/0x2be net/netlink/af_netlink.c:2494 [<ffffffff827624f4>] rtnetlink_rcv+0x26/0x30 net/core/rtnetlink.c:5610 [<ffffffff8296cbcc>] netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline] [<ffffffff8296cbcc>] netlink_unicast+0x40e/0x5fe net/netlink/af_netlink.c:1343 [<ffffffff8296d29c>] netlink_sendmsg+0x4e0/0x994 net/netlink/af_netlink.c:1919 [<ffffffff826d264e>] sock_sendmsg_nosec net/socket.c:705 [inline] [<ffffffff826d264e>] sock_sendmsg+0xa0/0xc4 net/socket.c:725 [<ffffffff826d7026>] __sys_sendto+0x1f2/0x2e0 net/socket.c:2040 [<ffffffff826d7152>] __do_sys_sendto net/socket.c:2052 [inline] [<ffffffff826d7152>] sys_sendto+0x3e/0x52 net/socket.c:2048 [<ffffffff80005716>] ret_from_syscall+0x0/0x2 ---[ end trace 0000000000000000 ]---
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2022/12/30 19:18 | git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes | 0966d385830d | ab32d508 | .config | console log | report | info | ci-qemu2-riscv64 | KASAN: user-memory-access Read in fib6_walk_continue |