| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [mptcp?] WARNING in __mptcp_move_skbs_from_subflow (2) | 0 (1) | 2025/11/21 12:11 |
syzbot |
sign-in | mailing list | source | docs |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [mptcp?] WARNING in __mptcp_move_skbs_from_subflow (2) | 0 (1) | 2025/11/21 12:11 |
| Kernel | Title | Rank 🛈 | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|---|
| linux-6.1 | WARNING in __mptcp_move_skbs_from_subflow | -1 | 1 | 681d | 681d | 0/3 | auto-obsoleted due to no activity on 2024/04/18 16:30 | |||
| linux-5.15 | WARNING in __mptcp_move_skbs_from_subflow | -1 | 1 | 671d | 671d | 0/3 | auto-obsoleted due to no activity on 2024/04/28 15:28 | |||
| linux-5.15 | WARNING in __mptcp_move_skbs_from_subflow (2) origin:lts-only | -1 | C | error | 8 | 396d | 480d | 0/3 | auto-obsoleted due to no activity on 2025/01/28 21:52 | |
| linux-6.1 | WARNING in __mptcp_move_skbs_from_subflow (2) | -1 | 14 | 395d | 465d | 0/3 | auto-obsoleted due to no activity on 2025/01/04 07:58 | |||
| upstream | WARNING in __mptcp_move_skbs_from_subflow mptcp | -1 | C | error | 90 | 406d | 494d | 28/29 | fixed on 2024/11/12 23:31 |
------------[ cut here ]------------ WARNING: CPU: 2 PID: 1143 at net/mptcp/protocol.c:718 __mptcp_move_skbs_from_subflow+0xeda/0x3360 net/mptcp/protocol.c:718 Modules linked in: CPU: 2 UID: 0 PID: 1143 Comm: kworker/u32:7 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Workqueue: krdsd rds_shutdown_worker RIP: 0010:__mptcp_move_skbs_from_subflow+0xeda/0x3360 net/mptcp/protocol.c:718 Code: 75 f6 e8 09 a8 75 f6 8b 5c 24 18 8b 6c 24 70 01 5c 24 1c 89 ee 89 df e8 74 a2 75 f6 39 dd 0f 83 d9 f3 ff ff e8 e7 a7 75 f6 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 48 8b 54 24 48 48 c1 ea 03 RSP: 0018:ffffc90000537aa0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000001508 RCX: ffffffff8b46af8c RDX: ffff888021412480 RSI: ffffffff8b46af99 RDI: 0000000000000004 RBP: 00000000000010bc R08: 0000000000000004 R09: 0000000000001508 R10: 00000000000010bc R11: 0000000000000001 R12: ffff88806b1b00e8 R13: ffffffff9afc3e80 R14: dffffc0000000000 R15: ffff88806b1b0000 FS: 0000000000000000(0000) GS:ffff888097a0d000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000c230000 CR3: 00000000663a8000 CR4: 0000000000352ef0 Call Trace: <IRQ> move_skbs_to_msk net/mptcp/protocol.c:833 [inline] __mptcp_data_ready net/mptcp/protocol.c:853 [inline] mptcp_data_ready+0x251/0x6c0 net/mptcp/protocol.c:870 subflow_state_change+0x4fb/0x800 net/mptcp/subflow.c:1870 tcp_rcv_state_process+0x453b/0x6490 net/ipv4/tcp_input.c:7073 tcp_v6_do_rcv+0x7b8/0x1dc0 net/ipv6/tcp_ipv6.c:1675 tcp_v6_rcv+0x2ab5/0x48f0 net/ipv6/tcp_ipv6.c:1922 ip6_protocol_deliver_rcu+0x188/0x1520 net/ipv6/ip6_input.c:438 ip6_input_finish+0x1e4/0x4b0 net/ipv6/ip6_input.c:489 NF_HOOK include/linux/netfilter.h:318 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ip6_input+0x105/0x2f0 net/ipv6/ip6_input.c:500 dst_input include/net/dst.h:474 [inline] ip6_rcv_finish+0x1ac/0x580 net/ipv6/ip6_input.c:79 ip_sabotage_in+0x21e/0x290 net/bridge/br_netfilter_hooks.c:990 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline] nf_hook_slow+0xbe/0x200 net/netfilter/core.c:623 nf_hook.constprop.0+0x424/0x750 include/linux/netfilter.h:273 NF_HOOK include/linux/netfilter.h:316 [inline] ipv6_rcv+0xa4/0x650 net/ipv6/ip6_input.c:311 __netif_receive_skb_one_core+0x12d/0x1e0 net/core/dev.c:6079 __netif_receive_skb+0x1d/0x160 net/core/dev.c:6192 netif_receive_skb_internal net/core/dev.c:6278 [inline] netif_receive_skb+0x137/0x7b0 net/core/dev.c:6337 NF_HOOK include/linux/netfilter.h:318 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] br_pass_frame_up+0x346/0x490 net/bridge/br_input.c:70 br_handle_frame_finish+0x12fe/0x1f00 net/bridge/br_input.c:222 br_nf_hook_thresh+0x307/0x410 net/bridge/br_netfilter_hooks.c:1167 br_nf_pre_routing_finish_ipv6+0x76a/0xfc0 net/bridge/br_netfilter_ipv6.c:154 NF_HOOK include/linux/netfilter.h:318 [inline] br_nf_pre_routing_ipv6+0x3cd/0x8c0 net/bridge/br_netfilter_ipv6.c:184 br_nf_pre_routing+0x860/0x15b0 net/bridge/br_netfilter_hooks.c:508 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline] nf_hook_bridge_pre net/bridge/br_input.c:291 [inline] br_handle_frame+0xb28/0x14e0 net/bridge/br_input.c:442 __netif_receive_skb_core.constprop.0+0xa25/0x4bd0 net/core/dev.c:5966 __netif_receive_skb_one_core+0xb0/0x1e0 net/core/dev.c:6077 __netif_receive_skb+0x1d/0x160 net/core/dev.c:6192 process_backlog+0x439/0x15e0 net/core/dev.c:6544 __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7594 napi_poll net/core/dev.c:7657 [inline] net_rx_action+0x97f/0xef0 net/core/dev.c:7784 handle_softirqs+0x219/0x8e0 kernel/softirq.c:622 do_softirq kernel/softirq.c:523 [inline] do_softirq+0xb2/0xf0 kernel/softirq.c:510 </IRQ> <TASK> __local_bh_enable_ip+0x100/0x120 kernel/softirq.c:450 local_bh_enable include/linux/bottom_half.h:33 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:936 [inline] __dev_queue_xmit+0xb06/0x4490 net/core/dev.c:4790 dev_queue_xmit include/linux/netdevice.h:3365 [inline] neigh_hh_output include/net/neighbour.h:531 [inline] neigh_output include/net/neighbour.h:545 [inline] ip6_finish_output2+0x1184/0x1cf0 net/ipv6/ip6_output.c:136 __ip6_finish_output+0x3cd/0x1010 net/ipv6/ip6_output.c:209 ip6_finish_output net/ipv6/ip6_output.c:220 [inline] NF_HOOK_COND include/linux/netfilter.h:307 [inline] ip6_output+0x253/0x710 net/ipv6/ip6_output.c:247 dst_output include/net/dst.h:464 [inline] NF_HOOK include/linux/netfilter.h:318 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ip6_xmit+0x1512/0x23f0 net/ipv6/ip6_output.c:371 inet6_csk_xmit+0x444/0x7f0 net/ipv6/inet6_connection_sock.c:120 __tcp_transmit_skb+0x1d67/0x44d0 net/ipv4/tcp_output.c:1628 tcp_transmit_skb net/ipv4/tcp_output.c:1646 [inline] tcp_write_xmit+0x12a9/0x86e0 net/ipv4/tcp_output.c:2999 __tcp_push_pending_frames+0xaf/0x390 net/ipv4/tcp_output.c:3182 tcp_send_fin+0x121/0x1050 net/ipv4/tcp_output.c:3800 __tcp_close+0xa46/0x1120 net/ipv4/tcp.c:3207 tcp_close+0x28/0x120 net/ipv4/tcp.c:3298 inet_release+0xed/0x200 net/ipv4/af_inet.c:437 inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487 __sock_release net/socket.c:662 [inline] sock_release+0x91/0x1d0 net/socket.c:690 rds_tcp_conn_path_shutdown+0x1f9/0x410 net/rds/tcp_connect.c:220 rds_conn_shutdown+0x28b/0xaa0 net/rds/connection.c:399 process_one_work+0x9cf/0x1b70 kernel/workqueue.c:3263 process_scheduled_works kernel/workqueue.c:3346 [inline] worker_thread+0x6c8/0xf10 kernel/workqueue.c:3427 kthread+0x3c5/0x780 kernel/kthread.c:463 ret_from_fork+0x675/0x7d0 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2025/11/21 10:31 | upstream | fd95357fd8c6 | 52ed5c96 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | WARNING in __mptcp_move_skbs_from_subflow |