syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [570] 🐞 Fixed [66] 🐞 Invalid [207] ⬇ Missing Backports [41] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
------------[ cut here ]------------ WARNING: CPU: 0 PID: 9293 at net/mptcp/protocol.c:703 __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703 Modules linked in: CPU: 0 PID: 9293 Comm: syz-executor.1 Not tainted 6.1.71-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703 lr : __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703 sp : ffff800021546b80 x29: ffff800021546d00 x28: 0000000000000000 x27: ffff00012224a0b8 x26: ffff0000d420e04c x25: ffff0000d03ecd78 x24: 0000000000000000 x23: dfff800000000000 x22: ffff0000d6f9c85c x21: ffff000122249a10 x20: 00000000000081e5 x19: 0000000000007c80 x18: ffff0000cdf4b810 x17: ffff80019ebf0000 x16: ffff8000084fa820 x15: 0000000000000002 x14: 1ffff00002b040b0 x13: dfff800000000000 x12: 0000000000040000 x11: 0000000000007786 x10: ffff80002637e000 x9 : ffff800012040ca0 x8 : 0000000000007787 x7 : 0000000000000000 x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80001203f870 x2 : 0000000000000001 x1 : 00000000000081e5 x0 : 0000000000007c80 Call trace: __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703 move_skbs_to_msk net/mptcp/protocol.c:816 [inline] mptcp_data_ready+0x278/0x670 net/mptcp/protocol.c:861 subflow_data_ready+0x178/0x234 net/mptcp/subflow.c:1350 tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028 tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102 tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028 tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677 sk_backlog_rcv include/net/sock.h:1117 [inline] __release_sock+0x1a8/0x408 net/core/sock.c:2926 release_sock+0x68/0x1cc net/core/sock.c:3490 __mptcp_push_pending+0x664/0xb54 mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875 inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667 sock_sendmsg_nosec net/socket.c:716 [inline] __sock_sendmsg net/socket.c:728 [inline] ____sys_sendmsg+0x558/0x844 net/socket.c:2499 ___sys_sendmsg net/socket.c:2553 [inline] __sys_sendmmsg+0x318/0x7d8 net/socket.c:2639 __do_sys_sendmmsg net/socket.c:2668 [inline] __se_sys_sendmmsg net/socket.c:2665 [inline] __arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 irq event stamp: 989 hardirqs last enabled at (987): [<ffff80000897410c>] kasan_quarantine_put+0xdc/0x204 mm/kasan/quarantine.c:242 hardirqs last disabled at (989): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405 softirqs last enabled at (978): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline] softirqs last enabled at (978): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline] softirqs last enabled at (978): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177 softirqs last disabled at (988): [<ffff80001203191c>] spin_lock_bh include/linux/spinlock.h:355 [inline] softirqs last disabled at (988): [<ffff80001203191c>] mptcp_data_ready+0x258/0x670 net/mptcp/protocol.c:860 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 9293 at net/mptcp/protocol.c:706 __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706 Modules linked in: CPU: 1 PID: 9293 Comm: syz-executor.1 Tainted: G W 6.1.71-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706 lr : __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706 sp : ffff800021546b80 x29: ffff800021546d00 x28: 0000000000000000 x27: ffff00012224a0b8 x26: ffff0000d420e04c x25: 1fffe0001a07d95e x24: 0000000000000000 x23: dfff800000000000 x22: 1fffe0001a07d963 x21: 00000000ffff7e1b x20: ffff0000d03ecaf0 x19: 1fffe0001adf3839 x18: ffff8000215468e4 x17: ffff80001581d000 x16: ffff8000084fa820 x15: 0000000000000002 x14: 1ffff00002b040b0 x13: dfff800000000000 x12: 0000000000040000 x11: 000000000003ffff x10: ffff80002637e000 x9 : ffff8000120403f8 x8 : 0000000000040000 x7 : ffff80001203191c x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80000831ce70 x2 : ffff800021546d80 x1 : 00000000ffff7e1b x0 : 0000000000002b9b Call trace: __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706 move_skbs_to_msk net/mptcp/protocol.c:816 [inline] mptcp_data_ready+0x278/0x670 net/mptcp/protocol.c:861 subflow_data_ready+0x178/0x234 net/mptcp/subflow.c:1350 tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028 tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102 tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028 tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677 sk_backlog_rcv include/net/sock.h:1117 [inline] __release_sock+0x1a8/0x408 net/core/sock.c:2926 release_sock+0x68/0x1cc net/core/sock.c:3490 __mptcp_push_pending+0x664/0xb54 mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875 inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667 sock_sendmsg_nosec net/socket.c:716 [inline] __sock_sendmsg net/socket.c:728 [inline] ____sys_sendmsg+0x558/0x844 net/socket.c:2499 ___sys_sendmsg net/socket.c:2553 [inline] __sys_sendmmsg+0x318/0x7d8 net/socket.c:2639 __do_sys_sendmmsg net/socket.c:2668 [inline] __se_sys_sendmmsg net/socket.c:2665 [inline] __arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 irq event stamp: 1371 hardirqs last enabled at (1369): [<ffff8000081c7770>] __local_bh_enable_ip+0x230/0x470 kernel/softirq.c:401 hardirqs last disabled at (1371): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405 softirqs last enabled at (1368): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline] softirqs last enabled at (1368): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline] softirqs last enabled at (1368): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177 softirqs last disabled at (1370): [<ffff80001203191c>] spin_lock_bh include/linux/spinlock.h:355 [inline] softirqs last disabled at (1370): [<ffff80001203191c>] mptcp_data_ready+0x258/0x670 net/mptcp/protocol.c:860 ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 skb_is_fully_mapped net/mptcp/subflow.c:846 [inline] WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 get_mapping_status net/mptcp/subflow.c:1055 [inline] WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 subflow_check_data_avail net/mptcp/subflow.c:1184 [inline] WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287 Modules linked in: CPU: 1 PID: 9293 Comm: syz-executor.1 Tainted: G W 6.1.71-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : skb_is_fully_mapped net/mptcp/subflow.c:846 [inline] pc : get_mapping_status net/mptcp/subflow.c:1055 [inline] pc : subflow_check_data_avail net/mptcp/subflow.c:1184 [inline] pc : mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287 lr : skb_is_fully_mapped net/mptcp/subflow.c:846 [inline] lr : get_mapping_status net/mptcp/subflow.c:1055 [inline] lr : subflow_check_data_avail net/mptcp/subflow.c:1184 [inline] lr : mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287 sp : ffff800021546c60 x29: ffff800021546dc0 x28: ffff0000c96b8d70 x27: dfff800000000000 x26: ffff0000d420e000 x25: 0000000000000000 x24: 000000000000ade5 x23: 00000000ffff5280 x22: 00000000002401e8 x21: ffff0000d6f9c1b8 x20: dfff800000000000 x19: 00000000e072693d x18: ffff0000d6fc26d0 x17: ffff80019ec10000 x16: ffff8000084fa820 x15: 0000000000000002 x14: 00000000ffff8000 x13: 0000000000000003 x12: 0000000000040000 x11: 000000000003ffff x10: ffff80002637e000 x9 : ffff80001204f114 x8 : 0000000000040000 x7 : 0000000000000000 x6 : 0200000000000002 x5 : ffff0000d307a130 x4 : 0000000000000000 x3 : ffff80001205a4c4 x2 : 0000000000000000 x1 : 00000000ffff5280 x0 : 0000000000000065 Call trace: skb_is_fully_mapped net/mptcp/subflow.c:846 [inline] get_mapping_status net/mptcp/subflow.c:1055 [inline] subflow_check_data_avail net/mptcp/subflow.c:1184 [inline] mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287 subflow_data_ready+0x164/0x234 net/mptcp/subflow.c:1349 tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028 tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102 tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028 tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677 sk_backlog_rcv include/net/sock.h:1117 [inline] __release_sock+0x1a8/0x408 net/core/sock.c:2926 release_sock+0x68/0x1cc net/core/sock.c:3490 __mptcp_push_pending+0x664/0xb54 mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875 inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667 sock_sendmsg_nosec net/socket.c:716 [inline] __sock_sendmsg net/socket.c:728 [inline] ____sys_sendmsg+0x558/0x844 net/socket.c:2499 ___sys_sendmsg net/socket.c:2553 [inline] __sys_sendmmsg+0x318/0x7d8 net/socket.c:2639 __do_sys_sendmmsg net/socket.c:2668 [inline] __se_sys_sendmmsg net/socket.c:2665 [inline] __arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 irq event stamp: 2266 hardirqs last enabled at (2265): [<ffff8000081c7770>] __local_bh_enable_ip+0x230/0x470 kernel/softirq.c:401 hardirqs last disabled at (2266): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405 softirqs last enabled at (2264): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline] softirqs last enabled at (2264): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline] softirqs last enabled at (2264): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177 softirqs last disabled at (2262): [<ffff800012061714>] spin_lock_bh include/linux/spinlock.h:355 [inline] softirqs last disabled at (2262): [<ffff800012061714>] ack_update_msk net/mptcp/options.c:1028 [inline] softirqs last disabled at (2262): [<ffff800012061714>] mptcp_incoming_options+0x45c/0x1af4 net/mptcp/options.c:1177 ---[ end trace 0000000000000000 ]---
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/01/09 16:29 | linux-6.1.y | 38fb82ecd144 | 4807fb37 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-6-1-kasan-arm64 | WARNING in __mptcp_move_skbs_from_subflow |