syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [985] ≡ Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] ⬇ Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | KASAN: global-out-of-bounds Read in netlink_policy_dump_add_policy net | C | 6 | 1174d | 1177d | 0/26 | closed as invalid on 2021/02/08 16:39 | ||
| upstream | KASAN: global-out-of-bounds Read in netlink_policy_dump_add_policy (3) net | 2 | 526d | 526d | 0/26 | closed as invalid on 2022/12/01 14:39 |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2021/02/21 09:45 | 3h27m | bisect | linux-next | job log (1) log | |
| 2021/02/08 17:55 | 0m | bisect | linux-next | error job log (0) |
================================================================== BUG: KASAN: global-out-of-bounds in netlink_policy_dump_add_policy+0x3b6/0x440 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/policy.c:160 Read of size 1 at addr ffffffff89cc61d0 by task syz-executor181/8413 CPU: 0 PID: 8413 Comm: syz-executor181 Not tainted 5.11.0-rc6-next-20210205-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/lib/dump_stack.c:79 [inline] dump_stack+0x107/0x163 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/lib/dump_stack.c:120 print_address_description.constprop.0.cold+0x5/0x2f8 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/mm/kasan/report.c:232 __kasan_report syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/mm/kasan/report.c:399 [inline] kasan_report.cold+0x7c/0xd8 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/mm/kasan/report.c:416 netlink_policy_dump_add_policy+0x3b6/0x440 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/policy.c:160 ctrl_dumppolicy_start+0x3e1/0x760 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/genetlink.c:1181 genl_start+0x3cc/0x670 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/genetlink.c:604 __netlink_dump_start+0x584/0x900 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/af_netlink.c:2363 genl_family_rcv_msg_dumpit+0x2af/0x310 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/genetlink.c:686 genl_family_rcv_msg syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/genetlink.c:780 [inline] genl_rcv_msg+0x434/0x580 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/genetlink.c:800 netlink_rcv_skb+0x153/0x420 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/af_netlink.c:2494 genl_rcv+0x24/0x40 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/genetlink.c:811 netlink_unicast_kernel syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/af_netlink.c:1304 [inline] netlink_unicast+0x533/0x7d0 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/af_netlink.c:1330 netlink_sendmsg+0x856/0xd90 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/netlink/af_netlink.c:1919 sock_sendmsg_nosec syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/socket.c:654 [inline] sock_sendmsg+0xcf/0x120 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/socket.c:674 ____sys_sendmsg+0x6e8/0x810 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/socket.c:2350 ___sys_sendmsg+0xf3/0x170 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/socket.c:2404 __sys_sendmsg+0xe5/0x1b0 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/net/socket.c:2437 do_syscall_64+0x2d/0x70 syzkaller/managers/upstream-linux-next-kasan-gce-root/kernel/arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x43ef29 Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffc75c06108 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000400488 RCX: 000000000043ef29 RDX: 0000000000000000 RSI: 00000000200029c0 RDI: 0000000000000003 RBP: 0000000000402f10 R08: 00000000004ac018 R09: 0000000000400488 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402fa0 R13: 0000000000000000 R14: 00000000004ac018 R15: 0000000000400488 The buggy address belongs to the variable: vdpa_nl_policy+0x90/0x3a00 Memory state around the buggy address: ffffffff89cc6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffffffff89cc6100: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00 >ffffffff89cc6180: 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 ^ ffffffff89cc6200: 05 f9 f9 f9 f9 f9 f9 f9 00 00 07 f9 f9 f9 f9 f9 ffffffff89cc6280: 00 00 00 01 f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9 ==================================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2021/02/08 17:55 | linux-next | aa2b88209686 | 2ce644fc | .config | console log | report | syz | C | ci-upstream-linux-next-kasan-gce-root | KASAN: global-out-of-bounds Read in netlink_policy_dump_add_policy | ||
| 2021/02/08 17:42 | linux-next | aa2b88209686 | 2ce644fc | .config | console log | report | info | ci-upstream-linux-next-kasan-gce-root | KASAN: global-out-of-bounds Read in netlink_policy_dump_add_policy |