general protection fault in nl802154_del_llsec_key
12 views
Skip to first unread message
syzbot
Feb 19, 2021, 12:40:22 AM2/19/21
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 2c8a3fce Linux 4.14.218
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=177e3c22d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=80e596b8b0902d96
dashboard link: https://syzkaller.appspot.com/bug?extid=d2423f8d01f47f638d69
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15abc324d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=128c2922d00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+d2423f...@syzkaller.appspotmail.com
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 7998 Comm: syz-executor733 Not tainted 4.14.218-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8880ac7c0180 task.stack: ffff888095800000
RIP: 0010:nla_len syzkaller/managers/linux-4-14/kernel/./include/net/netlink.h:706 [inline]
RIP: 0010:nla_parse_nested syzkaller/managers/linux-4-14/kernel/./include/net/netlink.h:765 [inline]
RIP: 0010:nl802154_del_llsec_key+0x15a/0x2f0 syzkaller/managers/linux-4-14/kernel/net/ieee802154/nl802154.c:1615
RSP: 0018:ffff888095807698 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffff88823a100ac0 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff888095807850 RDI: ffff88823a100be8
RBP: 1ffff11012b00ed5 R08: 0000000000000001 R09: ffff888095807990
R10: ffff8880958076af R11: ffff8880ac7c0180 R12: ffff8882382b6340
R13: ffff8880ab91cfd0 R14: ffffffff886f1c70 R15: ffff8880b3b14a40
FS: 000000000073d300(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000048 CR3: 000000009eb9f000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
genl_family_rcv_msg+0x572/0xb20 syzkaller/managers/linux-4-14/kernel/net/netlink/genetlink.c:600
genl_rcv_msg+0xaf/0x140 syzkaller/managers/linux-4-14/kernel/net/netlink/genetlink.c:625
netlink_rcv_skb+0x125/0x390 syzkaller/managers/linux-4-14/kernel/net/netlink/af_netlink.c:2433
genl_rcv+0x24/0x40 syzkaller/managers/linux-4-14/kernel/net/netlink/genetlink.c:636
netlink_unicast_kernel syzkaller/managers/linux-4-14/kernel/net/netlink/af_netlink.c:1287 [inline]
netlink_unicast+0x437/0x610 syzkaller/managers/linux-4-14/kernel/net/netlink/af_netlink.c:1313
netlink_sendmsg+0x62e/0xb80 syzkaller/managers/linux-4-14/kernel/net/netlink/af_netlink.c:1878
sock_sendmsg_nosec syzkaller/managers/linux-4-14/kernel/net/socket.c:646 [inline]
sock_sendmsg+0xb5/0x100 syzkaller/managers/linux-4-14/kernel/net/socket.c:656
___sys_sendmsg+0x6c8/0x800 syzkaller/managers/linux-4-14/kernel/net/socket.c:2062
__sys_sendmsg+0xa3/0x120 syzkaller/managers/linux-4-14/kernel/net/socket.c:2096
SYSC_sendmsg syzkaller/managers/linux-4-14/kernel/net/socket.c:2107 [inline]
SyS_sendmsg+0x27/0x40 syzkaller/managers/linux-4-14/kernel/net/socket.c:2103
do_syscall_64+0x1d5/0x640 syzkaller/managers/linux-4-14/kernel/arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x43f909
RSP: 002b:00007ffebb0c1bf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043f909
RDX: 0000000020000000 RSI: 0000000020000140 RDI: 0000000000000003
RBP: 0000000000403370 R08: 000000000000000c R09: 00000000004004a0
R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000403400
R13: 0000000000000000 R14: 00000000004ad018 R15: 00000000004004a0
Code: 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 85 01 00 00 48 8b 93 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <0f> b6 0c 01 48 89 d0 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85
RIP: nla_len syzkaller/managers/linux-4-14/kernel/./include/net/netlink.h:706 [inline] RSP: ffff888095807698
RIP: nla_parse_nested syzkaller/managers/linux-4-14/kernel/./include/net/netlink.h:765 [inline] RSP: ffff888095807698
RIP: nl802154_del_llsec_key+0x15a/0x2f0 syzkaller/managers/linux-4-14/kernel/net/ieee802154/nl802154.c:1615 RSP: ffff888095807698
---[ end trace 693e1f50e6d35add ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: 2c8a3fce Linux 4.14.218
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=177e3c22d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=80e596b8b0902d96
dashboard link: https://syzkaller.appspot.com/bug?extid=d2423f8d01f47f638d69
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15abc324d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=128c2922d00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+d2423f...@syzkaller.appspotmail.com
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 7998 Comm: syz-executor733 Not tainted 4.14.218-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8880ac7c0180 task.stack: ffff888095800000
RIP: 0010:nla_len syzkaller/managers/linux-4-14/kernel/./include/net/netlink.h:706 [inline]
RIP: 0010:nla_parse_nested syzkaller/managers/linux-4-14/kernel/./include/net/netlink.h:765 [inline]
RIP: 0010:nl802154_del_llsec_key+0x15a/0x2f0 syzkaller/managers/linux-4-14/kernel/net/ieee802154/nl802154.c:1615
RSP: 0018:ffff888095807698 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffff88823a100ac0 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff888095807850 RDI: ffff88823a100be8
RBP: 1ffff11012b00ed5 R08: 0000000000000001 R09: ffff888095807990
R10: ffff8880958076af R11: ffff8880ac7c0180 R12: ffff8882382b6340
R13: ffff8880ab91cfd0 R14: ffffffff886f1c70 R15: ffff8880b3b14a40
FS: 000000000073d300(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000048 CR3: 000000009eb9f000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
genl_family_rcv_msg+0x572/0xb20 syzkaller/managers/linux-4-14/kernel/net/netlink/genetlink.c:600
genl_rcv_msg+0xaf/0x140 syzkaller/managers/linux-4-14/kernel/net/netlink/genetlink.c:625
netlink_rcv_skb+0x125/0x390 syzkaller/managers/linux-4-14/kernel/net/netlink/af_netlink.c:2433
genl_rcv+0x24/0x40 syzkaller/managers/linux-4-14/kernel/net/netlink/genetlink.c:636
netlink_unicast_kernel syzkaller/managers/linux-4-14/kernel/net/netlink/af_netlink.c:1287 [inline]
netlink_unicast+0x437/0x610 syzkaller/managers/linux-4-14/kernel/net/netlink/af_netlink.c:1313
netlink_sendmsg+0x62e/0xb80 syzkaller/managers/linux-4-14/kernel/net/netlink/af_netlink.c:1878
sock_sendmsg_nosec syzkaller/managers/linux-4-14/kernel/net/socket.c:646 [inline]
sock_sendmsg+0xb5/0x100 syzkaller/managers/linux-4-14/kernel/net/socket.c:656
___sys_sendmsg+0x6c8/0x800 syzkaller/managers/linux-4-14/kernel/net/socket.c:2062
__sys_sendmsg+0xa3/0x120 syzkaller/managers/linux-4-14/kernel/net/socket.c:2096
SYSC_sendmsg syzkaller/managers/linux-4-14/kernel/net/socket.c:2107 [inline]
SyS_sendmsg+0x27/0x40 syzkaller/managers/linux-4-14/kernel/net/socket.c:2103
do_syscall_64+0x1d5/0x640 syzkaller/managers/linux-4-14/kernel/arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x43f909
RSP: 002b:00007ffebb0c1bf8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043f909
RDX: 0000000020000000 RSI: 0000000020000140 RDI: 0000000000000003
RBP: 0000000000403370 R08: 000000000000000c R09: 00000000004004a0
R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000403400
R13: 0000000000000000 R14: 00000000004ad018 R15: 00000000004004a0
Code: 00 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 85 01 00 00 48 8b 93 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <0f> b6 0c 01 48 89 d0 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85
RIP: nla_len syzkaller/managers/linux-4-14/kernel/./include/net/netlink.h:706 [inline] RSP: ffff888095807698
RIP: nla_parse_nested syzkaller/managers/linux-4-14/kernel/./include/net/netlink.h:765 [inline] RSP: ffff888095807698
RIP: nl802154_del_llsec_key+0x15a/0x2f0 syzkaller/managers/linux-4-14/kernel/net/ieee802154/nl802154.c:1615 RSP: ffff888095807698
---[ end trace 693e1f50e6d35add ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Feb 20, 2021, 4:24:19 AM2/20/21
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 255b58a2 Linux 4.19.176
syzbot found the following issue on:
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=17417e5ad00000
kernel config: https://syzkaller.appspot.com/x/.config?x=b270830ae46c1d6f
dashboard link: https://syzkaller.appspot.com/bug?extid=418d685287b7c21c6daa
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:nla_len include/net/netlink.h:706 [inline]
RIP: 0010:nla_parse_nested include/net/netlink.h:765 [inline]
RIP: 0010:nl802154_del_llsec_key+0x16d/0x340 net/ieee802154/nl802154.c:1615
Code: 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 01 00 00 48 8b 93 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <0f> b6 0c 01 48 89 d0 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85 13
RSP: 0018:ffff888092a775e0 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffff8880b2bb0540 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff87c52f57 RDI: ffff8880b2bb0668
RBP: 1ffff1101254eebe R08: 0000000000000001 R09: ffff888092a77920
R10: 0000000000000005 R11: 0000000000000000 R12: ffff88823871aac0
R13: ffff8880ab701150 R14: ffff8880b2bb0540 R15: ffffffff89cf57c0
FS: 00007fc6b39b5700(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000022b9708 CR3: 00000000a485b000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
genl_family_rcv_msg+0x642/0xc40 net/netlink/genetlink.c:602
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
genl_rcv_msg+0xbf/0x160 net/netlink/genetlink.c:627
netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
genl_rcv+0x24/0x40 net/netlink/genetlink.c:638
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x6bb/0xc40 net/netlink/af_netlink.c:1909
sock_sendmsg_nosec net/socket.c:622 [inline]
sock_sendmsg+0xc3/0x120 net/socket.c:632
___sys_sendmsg+0x7bb/0x8e0 net/socket.c:2115
__sys_sendmsg net/socket.c:2153 [inline]
__do_sys_sendmsg net/socket.c:2162 [inline]
__se_sys_sendmsg net/socket.c:2160 [inline]
__x64_sys_sendmsg+0x132/0x220 net/socket.c:2160
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x466019
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fc6b39b5188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466019
RDX: 0000000000000810 RSI: 00000000200005c0 RDI: 0000000000000004
RBP: 00000000004bd067 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007ffc69787c4f R14: 00007fc6b39b5300 R15: 0000000000022000
Modules linked in:
---[ end trace c366f8b1241e33eb ]---
RIP: 0010:nla_len include/net/netlink.h:706 [inline]
RIP: 0010:nla_parse_nested include/net/netlink.h:765 [inline]
RIP: 0010:nl802154_del_llsec_key+0x16d/0x340 net/ieee802154/nl802154.c:1615
Code: 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 01 00 00 48 8b 93 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <0f> b6 0c 01 48 89 d0 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85 13
RSP: 0018:ffff888092a775e0 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffff8880b2bb0540 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff87c52f57 RDI: ffff8880b2bb0668
RBP: 1ffff1101254eebe R08: 0000000000000001 R09: ffff888092a77920
R10: 0000000000000005 R11: 0000000000000000 R12: ffff88823871aac0
R13: ffff8880ab701150 R14: ffff8880b2bb0540 R15: ffffffff89cf57c0
FS: 00007fc6b39b5700(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000022b9708 CR3: 00000000a485b000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
syzbot
Feb 20, 2021, 4:39:16 AM2/20/21
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 255b58a2 Linux 4.19.176
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=142c1ab8d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=122761f2d00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+418d68...@syzkaller.appspotmail.com
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 8078 Comm: syz-executor852 Not tainted 4.19.176-syzkaller #0
RAX: dffffc0000000000 RBX: ffff8880b25fba80 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff87c52f57 RDI: ffff8880b25fbba8
RBP: 1ffff11011ec1ebe R08: 0000000000000001 R09: ffff88808f60f920
R10: 0000000000000005 R11: 0000000000000001 R12: ffff8880abba4e80
R13: ffff8880ab5a5010 R14: ffff8880b25fba80 R15: ffffffff89cf57c0
FS: 0000000001102300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe7dcca318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043fa69
RDX: 0000000000000810 RSI: 00000000200005c0 RDI: 0000000000000003
RBP: 00000000004034d0 R08: 0000000000000008 R09: 00000000004004a0
R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000403560
---[ end trace 6d894b5f9929c691 ]---
RAX: dffffc0000000000 RBX: ffff8880b25fba80 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff87c52f57 RDI: ffff8880b25fbba8
RBP: 1ffff11011ec1ebe R08: 0000000000000001 R09: ffff88808f60f920
R10: 0000000000000005 R11: 0000000000000001 R12: ffff8880abba4e80
R13: ffff8880ab5a5010 R14: ffff8880b25fba80 R15: ffffffff89cf57c0
FS: 0000000001102300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
HEAD commit: 255b58a2 Linux 4.19.176
git tree: linux-4.19.y
kernel config: https://syzkaller.appspot.com/x/.config?x=b270830ae46c1d6f
dashboard link: https://syzkaller.appspot.com/bug?extid=418d685287b7c21c6daa
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10b2cfacd00000
dashboard link: https://syzkaller.appspot.com/bug?extid=418d685287b7c21c6daa
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=122761f2d00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+418d68...@syzkaller.appspotmail.com
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:nla_len include/net/netlink.h:706 [inline]
RIP: 0010:nla_parse_nested include/net/netlink.h:765 [inline]
RIP: 0010:nl802154_del_llsec_key+0x16d/0x340 net/ieee802154/nl802154.c:1615
Code: 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 01 00 00 48 8b 93 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <0f> b6 0c 01 48 89 d0 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85 13
RSP: 0018:ffff88808f60f5e0 EFLAGS: 00010246
RIP: 0010:nla_len include/net/netlink.h:706 [inline]
RIP: 0010:nla_parse_nested include/net/netlink.h:765 [inline]
RIP: 0010:nl802154_del_llsec_key+0x16d/0x340 net/ieee802154/nl802154.c:1615
Code: 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 01 00 00 48 8b 93 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <0f> b6 0c 01 48 89 d0 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85 13
RAX: dffffc0000000000 RBX: ffff8880b25fba80 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff87c52f57 RDI: ffff8880b25fbba8
RBP: 1ffff11011ec1ebe R08: 0000000000000001 R09: ffff88808f60f920
R10: 0000000000000005 R11: 0000000000000001 R12: ffff8880abba4e80
R13: ffff8880ab5a5010 R14: ffff8880b25fba80 R15: ffffffff89cf57c0
FS: 0000000001102300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000148 CR3: 00000000b3ffc000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
genl_family_rcv_msg+0x642/0xc40 net/netlink/genetlink.c:602
genl_rcv_msg+0xbf/0x160 net/netlink/genetlink.c:627
netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
genl_rcv+0x24/0x40 net/netlink/genetlink.c:638
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x6bb/0xc40 net/netlink/af_netlink.c:1909
sock_sendmsg_nosec net/socket.c:622 [inline]
sock_sendmsg+0xc3/0x120 net/socket.c:632
___sys_sendmsg+0x7bb/0x8e0 net/socket.c:2115
__sys_sendmsg net/socket.c:2153 [inline]
__do_sys_sendmsg net/socket.c:2162 [inline]
__se_sys_sendmsg net/socket.c:2160 [inline]
__x64_sys_sendmsg+0x132/0x220 net/socket.c:2160
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x43fa69
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
genl_family_rcv_msg+0x642/0xc40 net/netlink/genetlink.c:602
genl_rcv_msg+0xbf/0x160 net/netlink/genetlink.c:627
netlink_rcv_skb+0x160/0x440 net/netlink/af_netlink.c:2455
genl_rcv+0x24/0x40 net/netlink/genetlink.c:638
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x4d5/0x690 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x6bb/0xc40 net/netlink/af_netlink.c:1909
sock_sendmsg_nosec net/socket.c:622 [inline]
sock_sendmsg+0xc3/0x120 net/socket.c:632
___sys_sendmsg+0x7bb/0x8e0 net/socket.c:2115
__sys_sendmsg net/socket.c:2153 [inline]
__do_sys_sendmsg net/socket.c:2162 [inline]
__se_sys_sendmsg net/socket.c:2160 [inline]
__x64_sys_sendmsg+0x132/0x220 net/socket.c:2160
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe7dcca318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043fa69
RDX: 0000000000000810 RSI: 00000000200005c0 RDI: 0000000000000003
RBP: 00000000004034d0 R08: 0000000000000008 R09: 00000000004004a0
R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000403560
R13: 0000000000000000 R14: 00000000004ad018 R15: 00000000004004a0
Modules linked in:
---[ end trace 6d894b5f9929c691 ]---
RIP: 0010:nla_len include/net/netlink.h:706 [inline]
RIP: 0010:nla_parse_nested include/net/netlink.h:765 [inline]
RIP: 0010:nl802154_del_llsec_key+0x16d/0x340 net/ieee802154/nl802154.c:1615
Code: 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 01 00 00 48 8b 93 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <0f> b6 0c 01 48 89 d0 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85 13
RSP: 0018:ffff88808f60f5e0 EFLAGS: 00010246
RIP: 0010:nla_parse_nested include/net/netlink.h:765 [inline]
RIP: 0010:nl802154_del_llsec_key+0x16d/0x340 net/ieee802154/nl802154.c:1615
Code: 00 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 01 00 00 48 8b 93 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 d1 48 c1 e9 03 <0f> b6 0c 01 48 89 d0 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85 13
RAX: dffffc0000000000 RBX: ffff8880b25fba80 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff87c52f57 RDI: ffff8880b25fbba8
RBP: 1ffff11011ec1ebe R08: 0000000000000001 R09: ffff88808f60f920
R10: 0000000000000005 R11: 0000000000000001 R12: ffff8880abba4e80
R13: ffff8880ab5a5010 R14: ffff8880b25fba80 R15: ffffffff89cf57c0
FS: 0000000001102300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000148 CR3: 00000000b3ffc000 CR4: 00000000001406f0
syzbot
May 14, 2021, 2:34:07 AM5/14/21
to syzkaller...@googlegroups.com
syzbot suspects this issue was fixed by commit:
commit 79ba55c0e7a7990537d36a470e3a2f0968408b7e
Author: Alexander Aring <aahr...@redhat.com>
Date: Sun Feb 21 17:43:18 2021 +0000
net: ieee802154: fix nl802154 del llsec key
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=131cf41dd00000
start commit: 255b58a2 Linux 4.19.176
git tree: linux-4.19.y
#syz fix: net: ieee802154: fix nl802154 del llsec key
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
commit 79ba55c0e7a7990537d36a470e3a2f0968408b7e
Author: Alexander Aring <aahr...@redhat.com>
Date: Sun Feb 21 17:43:18 2021 +0000
net: ieee802154: fix nl802154 del llsec key
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=131cf41dd00000
start commit: 255b58a2 Linux 4.19.176
git tree: linux-4.19.y
kernel config: https://syzkaller.appspot.com/x/.config?x=b270830ae46c1d6f
dashboard link: https://syzkaller.appspot.com/bug?extid=418d685287b7c21c6daa
dashboard link: https://syzkaller.appspot.com/bug?extid=418d685287b7c21c6daa
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10b2cfacd00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=122761f2d00000
If the result looks correct, please mark the issue as fixed by replying with:
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=122761f2d00000
#syz fix: net: ieee802154: fix nl802154 del llsec key
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot
May 16, 2021, 5:46:05 AM5/16/21
to syzkaller...@googlegroups.com
syzbot suspects this issue was fixed by commit:
commit 1804bf103e735f49f650e27c3ec1ec30654b72a1
Author: Alexander Aring <aahr...@redhat.com>
Date: Sun Feb 21 17:43:18 2021 +0000
net: ieee802154: fix nl802154 del llsec key
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=14167779d00000
Date: Sun Feb 21 17:43:18 2021 +0000
net: ieee802154: fix nl802154 del llsec key
start commit: 29c52025 Linux 4.14.221
git tree: linux-4.14.y
kernel config: https://syzkaller.appspot.com/x/.config?x=83f668f81cfc5600
dashboard link: https://syzkaller.appspot.com/bug?extid=d2423f8d01f47f638d69
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14e7eb88d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10ac66b0d00000
Reply all
Reply to author
Forward
0 new messages