syzbot


WARNING in __dev_queue_xmit

Status: fixed on 2023/02/24 14:17
Reported-by: syzbot+5ea725c25d06fb9114c4@syzkaller.appspotmail.com
Fix commit: dc633700f00f net/af_packet: check len when min_header_len equals to 0 b12e924a2f5b net/ieee802154: don't warn zero-sized raw_sendmsg() 3a4d061c699b net/ieee802154: reject zero-sized raw_sendmsg()
First crash: 871d, last: 651d
Cause bisection: introduced by (bisect log) :
commit fd1894224407c484f652ad456e1ce423e89bb3eb
Author: Zhengchao Shao <shaozhengchao@huawei.com>
Date: Fri Jul 15 11:55:59 2022 +0000

  bpf: Don't redirect packets with invalid pkt_len

Crash: WARNING in __dev_queue_xmit (log)
Repro: C syz .config
  
Discussions (16)
Title Replies (including bot) Last reply
[PATCH 5.15 000/530] 5.15.75-rc1 review 542 (542) 2023/01/10 15:19
[PATCH 5.4 000/255] 5.4.220-rc1 review 276 (276) 2022/11/01 17:29
[PATCH 4.19 000/229] 4.19.262-rc1 review 242 (242) 2022/11/01 13:44
[PATCH 4.9 000/159] 4.9.331-rc1 review 165 (165) 2022/10/25 17:41
[PATCH 4.14 000/210] 4.14.296-rc1 review 213 (213) 2022/10/25 17:38
[PATCH 5.10 000/390] 5.10.150-rc1 review 407 (407) 2022/10/25 15:12
[PATCH 5.19 000/717] 5.19.17-rc1 review 732 (732) 2022/10/24 19:01
[PATCH 6.0 000/862] 6.0.3-rc1 review 899 (899) 2022/10/21 09:08
[PATCH] net/ieee802154: reject zero-sized raw_sendmsg() 9 (9) 2022/10/05 14:53
[PATCH net 1/2] Revert "net/ieee802154: reject zero-sized raw_sendmsg()" 4 (4) 2022/10/05 10:57
[PATCH 5.10 00/37] 5.10.141-rc1 review 45 (45) 2022/09/05 07:44
[PATCH 5.19 00/72] 5.19.7-rc1 review 83 (83) 2022/09/03 14:20
[PATCH 5.4 00/77] 5.4.212-rc1 review 83 (83) 2022/09/03 13:11
[PATCH 5.15 00/73] 5.15.65-rc1 review 81 (81) 2022/09/03 10:47
[PATCH net-next] net/af_packet: check len when min_header_len equals to 0 2 (2) 2022/07/29 11:20
[syzbot] WARNING in __dev_queue_xmit 0 (1) 2022/07/25 20:06
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in __dev_queue_xmit (3) net C error inconclusive 20 517d 540d 0/28 auto-obsoleted due to no activity on 2023/11/09 02:33
linux-5.15 WARNING in __dev_queue_xmit C 107 52d 136d 0/3 upstream: reported C repro on 2024/07/23 19:57
upstream WARNING in __dev_queue_xmit (4) net C 387 47d 93d 28/28 fixed on 2024/10/22 11:57
upstream WARNING in __dev_queue_xmit (2) net C 76 580d 651d 22/28 fixed on 2023/06/08 14:41
linux-6.1 WARNING in __dev_queue_xmit 43 52d 152d 0/3 upstream: reported on 2024/07/08 03:37

Sample crash report:
------------[ cut here ]------------
skb_assert_len
WARNING: CPU: 0 PID: 3609 at include/linux/skbuff.h:2524 skb_assert_len include/linux/skbuff.h:2524 [inline]
WARNING: CPU: 0 PID: 3609 at include/linux/skbuff.h:2524 __dev_queue_xmit+0x241b/0x3b60 net/core/dev.c:4171
Modules linked in:
CPU: 0 PID: 3609 Comm: syz-executor215 Not tainted 6.1.0-rc2-syzkaller-00105-gb229b6ca5abb #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
RIP: 0010:skb_assert_len include/linux/skbuff.h:2524 [inline]
RIP: 0010:__dev_queue_xmit+0x241b/0x3b60 net/core/dev.c:4171
Code: 89 de e8 d8 1f 23 fa 84 db 75 21 e8 3f 23 23 fa 48 c7 c6 60 f3 f4 8a 48 c7 c7 00 c7 f4 8a c6 05 c8 f1 72 06 01 e8 91 44 f0 01 <0f> 0b e8 1e 23 23 fa 0f b6 1d b4 f1 72 06 31 ff 89 de e8 9e 1f 23
RSP: 0018:ffffc90003e2f570 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff88801ea29d40 RSI: ffffffff81621b98 RDI: fffff520007c5ea0
RBP: ffff88801bf7c97a R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000000 R11: 657373615f626b73 R12: ffff88801722e000
R13: 0000000000000000 R14: ffff88801bf7c8d0 R15: ffff88801bf7c8c0
FS:  0000555555767300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f5351695130 CR3: 00000000730b0000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 dev_queue_xmit include/linux/netdevice.h:3008 [inline]
 __bpf_tx_skb net/core/filter.c:2116 [inline]
 __bpf_redirect_no_mac net/core/filter.c:2141 [inline]
 __bpf_redirect+0x666/0xe40 net/core/filter.c:2164
 ____bpf_clone_redirect net/core/filter.c:2431 [inline]
 bpf_clone_redirect+0x2ae/0x420 net/core/filter.c:2403
 bpf_prog_48159a89cb4a9a16+0x59/0x5e
 bpf_dispatcher_nop_func include/linux/bpf.h:964 [inline]
 __bpf_prog_run include/linux/filter.h:600 [inline]
 bpf_prog_run include/linux/filter.h:607 [inline]
 bpf_test_run+0x381/0x9d0 net/bpf/test_run.c:402
 bpf_prog_test_run_skb+0xbab/0x1e60 net/bpf/test_run.c:1182
 bpf_prog_test_run kernel/bpf/syscall.c:3630 [inline]
 __sys_bpf+0x10a0/0x4cf0 kernel/bpf/syscall.c:4983
 __do_sys_bpf kernel/bpf/syscall.c:5069 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5067 [inline]
 __x64_sys_bpf+0x75/0xb0 kernel/bpf/syscall.c:5067
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f5351623b09
Code: 28 c3 e8 1a 15 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe130994e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
RAX: ffffffffffffffda RBX: 00007f5351691ed0 RCX: 00007f5351623b09
RDX: 0000000000000048 RSI: 0000000020000080 RDI: 000000000000000a
RBP: 00007ffe130994f8 R08: 00007f5351691e40 R09: 00007f5351691e40
R10: 00007ffe13098f60 R11: 0000000000000246 R12: 00007ffe13099500
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>

Crashes (16774):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/11/02 23:32 upstream b229b6ca5abb 08977f5d .config strace log report syz C ci-upstream-kasan-gce-root WARNING in __dev_queue_xmit
2022/08/21 09:11 upstream 15b3f48a4339 26a13b38 .config strace log report syz C ci-upstream-kasan-gce-root WARNING in __dev_queue_xmit
2022/10/24 03:57 bpf bed54aeb6ac1 23bf86af .config strace log report syz C ci-upstream-bpf-kasan-gce WARNING in __dev_queue_xmit
2022/10/24 02:55 net-old 0bda03623e6b 23bf86af .config strace log report syz C ci-upstream-net-this-kasan-gce WARNING in __dev_queue_xmit
2023/01/22 00:37 net-next-old a7b87d2a31dc 559a440a .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in __dev_queue_xmit
2022/10/24 02:53 net-next-old 3bd5549bd479 23bf86af .config strace log report syz C ci-upstream-net-kasan-gce WARNING in __dev_queue_xmit
2022/10/24 02:46 bpf-next 79d878f7ad8e 23bf86af .config strace log report syz C ci-upstream-bpf-next-kasan-gce WARNING in __dev_queue_xmit
2022/07/20 07:19 bpf-next b77ffb30cfc5 775344bc .config strace log report syz C ci-upstream-bpf-next-kasan-gce WARNING in __dev_queue_xmit
2022/08/08 13:16 linux-next ca688bff68bc 88e3a122 .config strace log report syz C ci-upstream-linux-next-kasan-gce-root WARNING in __dev_queue_xmit
2023/02/23 09:21 upstream d8ca6dbb8de7 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in __dev_queue_xmit
2023/02/23 07:29 upstream d8ca6dbb8de7 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in __dev_queue_xmit
2023/02/23 01:55 upstream d8ca6dbb8de7 409945bc .config console log report info ci-upstream-kasan-gce WARNING in __dev_queue_xmit
2023/02/22 19:07 upstream 5b7c4cabbb65 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING in __dev_queue_xmit
2023/01/14 20:01 upstream 97ec4d559d93 a63719e7 .config console log report info ci-qemu-upstream WARNING in __dev_queue_xmit
2022/12/26 15:19 upstream 1b929c02afd3 9da18ae8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in __dev_queue_xmit
2022/11/26 14:51 upstream 0b1dcc2cf55a 74a66371 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in __dev_queue_xmit
2023/02/22 21:04 upstream 5b7c4cabbb65 9f1e2cb3 .config console log report info ci-qemu-upstream-386 WARNING in __dev_queue_xmit
2023/01/28 20:11 upstream 5af6ce704936 9dfcf09c .config console log report info ci-upstream-kasan-gce-386 WARNING in __dev_queue_xmit
2023/02/23 21:54 net-old fd2a55e74a99 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in __dev_queue_xmit
2023/02/22 20:56 net-old 5b7c4cabbb65 409945bc .config console log report info ci-upstream-net-this-kasan-gce WARNING in __dev_queue_xmit
2023/02/21 03:10 net-old e40b801b3603 4f5f5209 .config console log report info ci-upstream-net-this-kasan-gce WARNING in __dev_queue_xmit
2022/12/14 01:37 bpf 01de1123322e e660de91 .config console log report info ci-upstream-bpf-kasan-gce WARNING in __dev_queue_xmit
2023/02/24 12:19 net-next-old 5b7c4cabbb65 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in __dev_queue_xmit
2023/02/19 06:13 net-next-old 675f176b4dcc bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in __dev_queue_xmit
2023/02/18 04:33 net-next-old 675f176b4dcc 3e7039f4 .config console log report info ci-upstream-net-kasan-gce WARNING in __dev_queue_xmit
2023/02/16 20:22 net-next-old 10d13421a6ae 7338e3c4 .config console log report info ci-upstream-net-kasan-gce WARNING in __dev_queue_xmit
2023/02/14 15:47 net-next-old 991cbd4f34b1 1d6b4af7 .config console log report info ci-upstream-net-kasan-gce WARNING in __dev_queue_xmit
2022/11/10 12:18 bpf-next c7028aa2fb03 b2488a87 .config console log report info ci-upstream-bpf-next-kasan-gce WARNING in __dev_queue_xmit
2022/07/20 00:50 bpf-next b77ffb30cfc5 775344bc .config console log report info ci-upstream-bpf-next-kasan-gce WARNING in __dev_queue_xmit
2022/12/27 22:40 linux-next c76083fac3ba 44712fbc .config console log report info ci-upstream-linux-next-kasan-gce-root WARNING in __dev_queue_xmit
2023/02/23 06:27 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/23 04:55 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/23 03:14 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/22 14:35 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/22 12:14 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/22 11:01 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 42a4d508 .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/22 09:52 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 42a4d508 .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/21 23:00 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 42a4d508 .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/21 10:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f f949448d .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/21 09:44 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f f949448d .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/20 22:26 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 4f5f5209 .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/20 20:06 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a9b06ec42c0f 4f5f5209 .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/20 15:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 4f5f5209 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/19 12:49 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/19 01:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/18 19:31 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/18 18:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/18 07:07 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 d02e9a70 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/18 05:52 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 d02e9a70 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/17 16:28 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 3e7039f4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/17 14:03 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 3e7039f4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/17 13:29 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 3e7039f4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/17 00:53 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 851bc19a .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/16 23:02 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 851bc19a .config console log report info ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/16 13:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 7338e3c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/16 10:25 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 7338e3c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/16 06:47 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 6be0f1f5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/16 05:05 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 6be0f1f5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/15 22:23 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 6be0f1f5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/15 18:14 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 6be0f1f5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/15 12:31 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 6be0f1f5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/15 10:58 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 6be0f1f5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/15 05:59 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 1d6b4af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/15 04:04 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 1d6b4af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/14 13:54 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 1d6b4af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/14 11:34 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 1d6b4af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
2023/02/14 07:34 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 93ae7e0a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in __dev_queue_xmit
* Struck through repros no longer work on HEAD.