syzbot


general protection fault in fib_dump_info

Status: fixed on 2017/10/24 06:54
Fix commit: bc3aae2bbac4 net: check and errout if res->fi is NULL when RTM_F_FIB_MATCH is set
First crash: 2636d, last: 2605d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in fib_dump_info (2) net C done 16 1507d 1510d 15/28 fixed on 2020/09/16 22:51

Sample crash report:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 1 PID: 3006 Comm: syzkaller479706 Not tainted 4.13.0-rc5+ #42
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8801d19e23c0 task.stack: ffff8801d00b8000
RIP: 0010:fib_dump_info+0x3aa/0x13b0 net/ipv4/fib_semantics.c:1316
RSP: 0018:ffff8801d00beeb0 EFLAGS: 00010206
RAX: dffffc0000000000 RBX: 00000000000000fe RCX: 0000000000000000
RDX: 0000000000000006 RSI: 0000000000000002 RDI: 0000000000000030
RBP: ffff8801d00bf108 R08: ffffed003a040149 R09: ffffed003a040149
R10: 0000000000000001 R11: ffffed003a040148 R12: ffff8801d0200a35
R13: 0000000000000099 R14: ffff8801d0200a24 R15: ffff8801d12aadc0
FS:  0000000000717880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020b9b000 CR3: 00000001cf6fb000 CR4: 00000000001406e0
Call Trace:
 inet_rtm_getroute+0xf9c/0x2d60 net/ipv4/route.c:2767
 rtnetlink_rcv_msg+0x5ea/0x840 net/core/rtnetlink.c:4217
 netlink_rcv_skb+0x216/0x440 net/netlink/af_netlink.c:2397
 rtnetlink_rcv+0x2a/0x40 net/core/rtnetlink.c:4223
 netlink_unicast_kernel net/netlink/af_netlink.c:1265 [inline]
 netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1291
 netlink_sendmsg+0xa4a/0xe60 net/netlink/af_netlink.c:1854
 sock_sendmsg_nosec net/socket.c:633 [inline]
 sock_sendmsg+0xca/0x110 net/socket.c:643
 sock_write_iter+0x31a/0x5d0 net/socket.c:898
 call_write_iter include/linux/fs.h:1743 [inline]
 do_iter_readv_writev+0x525/0x7f0 fs/read_write.c:650
 do_iter_write+0x154/0x540 fs/read_write.c:929
 vfs_writev+0x18a/0x340 fs/read_write.c:975
 do_writev+0xfc/0x2a0 fs/read_write.c:1011
 SYSC_writev fs/read_write.c:1084 [inline]
 SyS_writev+0x27/0x30 fs/read_write.c:1081
 entry_SYSCALL_64_fastpath+0x1f/0xbe
RIP: 0033:0x43fd09
RSP: 002b:00007ffd5593e4f8 EFLAGS: 00000203 ORIG_RAX: 0000000000000014
RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd09
RDX: 0000000000000001 RSI: 0000000020b93000 RDI: 0000000000000003
RBP: 0000000000000086 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000203 R12: 0000000000401670
R13: 0000000000401700 R14: 0000000000000000 R15: 0000000000000000
Code: 0f b6 b5 e4 fd ff ff 48 8b 85 f0 fd ff ff 40 88 70 17 48 8b 45 28 48 8d 78 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e ba 0f 00 00 48 8b 45 28 44 
RIP: fib_dump_info+0x3aa/0x13b0 net/ipv4/fib_semantics.c:1316 RSP: ffff8801d00beeb0
---[ end trace a8418f8a7cf5c5b9 ]---

Crashes (428):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/08/20 09:49 upstream 58d4e450a490 f238fbd4 .config console log report syz C ci-upstream-kasan-gce
2017/08/18 21:44 upstream 04d49f3638d0 41bbf437 .config console log report syz C ci-upstream-kasan-gce
2017/08/09 22:59 upstream bfa738cf3dfa 7e288c05 .config console log report syz C ci-upstream-kasan-gce
2017/08/09 21:33 upstream bfa738cf3dfa 7e288c05 .config console log report syz C ci-upstream-kasan-gce
2017/08/09 21:11 upstream bfa738cf3dfa 7e288c05 .config console log report syz C ci-upstream-kasan-gce
2017/08/09 20:19 upstream bfa738cf3dfa 7e288c05 .config console log report syz C ci-upstream-kasan-gce
2017/08/07 22:56 upstream aae4e7a8bc44 77a9ec9b .config console log report syz C ci-upstream-kasan-gce
2017/07/26 23:28 upstream fd2b2c57ec20 b0d23a5c .config console log report syz C ci-upstream-kasan-gce
2017/08/19 19:35 net-next-old 01d300c577c7 f238fbd4 .config console log report syz C ci-upstream-net-kasan-gce
2017/08/11 21:48 net-next-old 3b2b69efeca7 a0330c0f .config console log report syz C ci-upstream-net-kasan-gce
2017/08/19 19:51 linux-next bb70832dd42b f238fbd4 .config console log report syz C ci-upstream-next-kasan-gce
2017/08/19 19:28 linux-next bb70832dd42b f238fbd4 .config console log report syz C ci-upstream-next-kasan-gce
2017/08/12 08:45 linux-next 91dfed74eabc 360f0528 .config console log report syz C ci-upstream-next-kasan-gce
2017/08/12 04:02 linux-next 91dfed74eabc 360f0528 .config console log report syz C ci-upstream-next-kasan-gce
2017/08/19 09:16 upstream 58d4e450a490 f238fbd4 .config console log report ci-upstream-kasan-gce
2017/08/16 10:15 upstream 510c8a899caf f93be584 .config console log report ci-upstream-kasan-gce
2017/08/01 23:21 upstream bc78d646e708 864b7ea2 .config console log report ci-upstream-kasan-gce
2017/07/22 12:19 upstream 82abbea734d6 d67f590c .config console log report ci-upstream-kasan-gce
2017/07/22 12:14 upstream 82abbea734d6 d67f590c .config console log report ci-upstream-kasan-gce
2017/08/22 05:15 net-next-old 0c45d7fe12c7 f238fbd4 .config console log report ci-upstream-net-kasan-gce
2017/08/22 01:18 net-next-old 0c45d7fe12c7 f238fbd4 .config console log report ci-upstream-net-kasan-gce
2017/08/20 10:34 net-next-old 91558e76c8f1 f238fbd4 .config console log report ci-upstream-net-kasan-gce
2017/08/19 07:08 net-next-old 1547f538c145 4802b0fb .config console log report ci-upstream-net-kasan-gce
2017/08/18 06:58 net-next-old 8c37bc677af3 172189e9 .config console log report ci-upstream-net-kasan-gce
2017/08/17 08:28 net-next-old f03b488b2fb1 2dfba870 .config console log report ci-upstream-net-kasan-gce
2017/08/17 06:43 net-next-old 251564f601a2 f93be584 .config console log report ci-upstream-net-kasan-gce
2017/08/16 11:57 net-next-old 869cec99b4f7 f93be584 .config console log report ci-upstream-net-kasan-gce
2017/08/15 03:33 net-next-old cb44a8606f06 6a0246bf .config console log report ci-upstream-net-kasan-gce
2017/08/18 10:58 linux-next bb70832dd42b f238fbd4 .config console log report ci-upstream-next-kasan-gce
2017/08/18 06:15 linux-next bb70832dd42b f238fbd4 .config console log report ci-upstream-next-kasan-gce
2017/08/16 16:07 linux-next 5d51332f20b2 f93be584 .config console log report skylake-linux-next-kasan-qemu
2017/08/16 13:48 linux-next 5d51332f20b2 f93be584 .config console log report skylake-linux-next-kasan-qemu
2017/08/14 10:56 linux-next 91dfed74eabc 360f0528 .config console log report ci-upstream-next-kasan-gce
2017/08/11 22:16 linux-next 91dfed74eabc 360f0528 .config console log report ci-upstream-next-kasan-gce
* Struck through repros no longer work on HEAD.