From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751202AbdKHIA0 (ORCPT <rfc822;w@1wt.eu>);
        Wed, 8 Nov 2017 03:00:26 -0500
Received: from mail-it0-f66.google.com ([209.85.214.66]:50322 "EHLO
        mail-it0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750817AbdKHIAX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 8 Nov 2017 03:00:23 -0500
X-Google-Smtp-Source: ABhQp+Q+o4rc257jDSuyZcQWMUjoLq9m9WSv+nACmLUriztg5RJ6VDhe9s8Z3KvAb2m8sUllWoNjBuSe3k90VTxrC6M=
MIME-Version: 1.0
In-Reply-To: <CACT4Y+a_0grrUjrovW=0=0UPkH3pE_HpncDc3uBzwR_YtDURPA@mail.gmail.com>
References: <001a114a958ce46160055c4c4f66@google.com> <CACT4Y+b9+1AAJk5Jxddae5okBXo9oaKu0m8gzbgyEnzGByY1hg@mail.gmail.com>
 <20171108074742.GA28177@gondor.apana.org.au> <CACT4Y+a_0grrUjrovW=0=0UPkH3pE_HpncDc3uBzwR_YtDURPA@mail.gmail.com>
From: Dmitry Vyukov <dvyukov@google.com>
Date: Wed, 8 Nov 2017 09:00:02 +0100
Message-ID: <CACT4Y+Y_WVv=SR+2DKn2iOQKAyxRtO-Lhx1_N66jtW4ycSQ-_g@mail.gmail.com>
Subject: Re: kernel BUG at net/key/af_key.c:LINE!
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: syzbot 
        <bot+413384116f7f7dab7903d54c53fc4af6a4441965@syzkaller.appspotmail.com>,
        David Miller <davem@davemloft.net>,
        LKML <linux-kernel@vger.kernel.org>, netdev <netdev@vger.kernel.org>,
        Steffen Klassert <steffen.klassert@secunet.com>,
        syzkaller-bugs@googlegroups.com
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Nov 8, 2017 at 8:59 AM, Dmitry Vyukov <dvyukov@google.com> wrote:
> On Wed, Nov 8, 2017 at 8:47 AM, Herbert Xu <herbert@gondor.apana.org.au> wrote:
>> On Tue, Oct 24, 2017 at 05:10:06PM +0200, Dmitry Vyukov wrote:
>>> On Tue, Oct 24, 2017 at 5:08 PM, syzbot
>>> <bot+413384116f7f7dab7903d54c53fc4af6a4441965@syzkaller.appspotmail.com>
>>> wrote:
>>> > Hello,
>>> >
>>> > syzkaller hit the following crash on
>>> > 02a2b05395dde2f49e7777b67b51a5fbc6606943
>>> > git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master
>>> > compiler: gcc (GCC) 7.1.1 20170620
>>> > .config is attached
>>> > Raw console output is attached.
>>> > C reproducer is attached
>>> > syzkaller reproducer is attached. See https://goo.gl/kgGztJ
>>> > for information about syzkaller reproducers
>>>
>>> This also happened on more recent commits, including net-next
>>> 833e0e2f24fd0525090878f71e129a8a4cb8bf78 (Oct 10) with similar
>>> signature:
>>
>> Unfortunately I cannot reproduce the crash with your reproducer.
>> Does it always crash for you?
>>
>>> ------------[ cut here ]------------
>>> kernel BUG at net/key/af_key.c:2068!
>>> invalid opcode: 0000 [#1] SMP KASAN
>>> Dumping ftrace buffer:
>>>    (ftrace buffer empty)
>>> Modules linked in:
>>> CPU: 1 PID: 11011 Comm: syz-executor1 Not tainted 4.14.0-rc4+ #80
>>> Hardware name: Google Google Compute Engine/Google Compute Engine,
>>> BIOS Google 01/01/2011
>>> task: ffff8801d4ecc1c0 task.stack: ffff8801c13f8000
>>> RIP: 0010:pfkey_xfrm_policy2msg+0x209c/0x22b0 net/key/af_key.c:2068
>>
>> This shows that you have a xfrm policy that has a bogus family
>> field in your policy database.  But it gives no clue as to how
>> it got there.
>
> Just triggered it within a second.
> Are you using the provided config?
> Also the repro needs to be compiled with -m32 (but it does not compile
> without it due to missing __NR_mmap2, so I guess you passed -m32).


That was on linux-next:

commit 8b82a8a7ab53ee1a065ac69c835737a701f46b2e (HEAD, tag:
next-20171107, linux-next/master)
Author: Stephen Rothwell
Date:   Tue Nov 7 16:18:10 2017 +1100
    Add linux-next specific files for 20171107