bisecting fixing commit since 6ba1b005ffc388c2aeaddae20da29e4810dea298 building syzkaller on 19a8de55e59983d1ec21e544a4f35fb1ca4438a5 testing commit 6ba1b005ffc388c2aeaddae20da29e4810dea298 compiler: gcc (GCC) 8.4.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 0af5ca834473a76182e204449089a1a8b29b2b61b6c7772874cc76730c50b806 all runs: crashed: WARNING in ipvlan_unregister_nf_hook testing current HEAD 8008293888188c3923f5bd8a69370dae25ed14e5 testing commit 8008293888188c3923f5bd8a69370dae25ed14e5 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f7b9c927c9c7512922d6c8766c7b23addedef5beb22192893114c0c8a841b096 all runs: OK # git bisect start 8008293888188c3923f5bd8a69370dae25ed14e5 6ba1b005ffc388c2aeaddae20da29e4810dea298 Bisecting: 62562 revisions left to test after this (roughly 16 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [9c15db92a8e56bcde0f58064ac1adc28c0579b51] Merge tag 'iio-for-5.13a' of https://git.kernel.org/pub/scm/linux/kernel/git/jic23/iio into staging-next testing commit 9c15db92a8e56bcde0f58064ac1adc28c0579b51 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 92b33a606023ee2348a93c70b5e307908a9b3a177ba27399cf3e704473d9f42d all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good 9c15db92a8e56bcde0f58064ac1adc28c0579b51 Bisecting: 31252 revisions left to test after this (roughly 15 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [e083bbd6040f4efa5c13633fb4e460b919d69dae] Merge tag 'arm-dt-5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit e083bbd6040f4efa5c13633fb4e460b919d69dae compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: e34b7db474df58102142a11e24d3325090656cceeb4f916bce3a2e038ed47d1e all runs: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) # git bisect skip e083bbd6040f4efa5c13633fb4e460b919d69dae Bisecting: 31252 revisions left to test after this (roughly 15 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [f5e3db30135f1157d2fac83f16e0347b1e38b9c5] mt76: mt7921: return proper error value in mt7921_mac_init testing commit f5e3db30135f1157d2fac83f16e0347b1e38b9c5 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 22de7d45f90e62ac30d65446fa946976567507213d1d498bac8a8943a349318f all runs: boot failed: BUG: unable to handle kernel paging request in hgafb_open # git bisect skip f5e3db30135f1157d2fac83f16e0347b1e38b9c5 Bisecting: 31252 revisions left to test after this (roughly 15 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [4e11dbb518fe97d9a4c53bdef7f2144de20a9ed3] serial: vt8500: drop low-latency workaround testing commit 4e11dbb518fe97d9a4c53bdef7f2144de20a9ed3 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2433f0b7f5504dafa17245f02377da5ea1f90d98a4c4d48b4443c2ecf60009da all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good 4e11dbb518fe97d9a4c53bdef7f2144de20a9ed3 Bisecting: 30892 revisions left to test after this (roughly 15 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [b1412bd75abe8b1c57ecca4a85f92c8ddb4ccd39] Merge tag 'perf-tools-for-v5.14-2021-07-10' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux testing commit b1412bd75abe8b1c57ecca4a85f92c8ddb4ccd39 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b724bb24867fd1e09316875fc6a20b09ee8d1f212ea883b769df4be22424c772 all runs: boot failed: kernel panic: VFS: Unable to mount root fs on unknown-block(NUM,NUM) # git bisect skip b1412bd75abe8b1c57ecca4a85f92c8ddb4ccd39 Bisecting: 30892 revisions left to test after this (roughly 15 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [48fe205ada2d6c6bc6a08154c1b797c7c237dd2d] Merge tag 'imx-defconfig-5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into arm/defconfigs testing commit 48fe205ada2d6c6bc6a08154c1b797c7c237dd2d compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b348bd27804bab0bc694a79f65497158218ecc6553516e58f1f5655f76b244d9 all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good 48fe205ada2d6c6bc6a08154c1b797c7c237dd2d Bisecting: 8538 revisions left to test after this (roughly 13 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [dcd68326d29b62f3039e4f4d23d3e38f24d37360] Merge tag 'devicetree-for-5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux testing commit dcd68326d29b62f3039e4f4d23d3e38f24d37360 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 278e091f33cfe8cde876302119e63d82579a9737f50d250bd5888921fcbcf9b0 all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good dcd68326d29b62f3039e4f4d23d3e38f24d37360 Bisecting: 4200 revisions left to test after this (roughly 12 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [0c5c62ddf88c34bc83b66e4ac9beb2bb0e1887d4] Merge tag 'pci-v5.16-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci testing commit 0c5c62ddf88c34bc83b66e4ac9beb2bb0e1887d4 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5af641a3f226248cba772debfd35d7b48963729e9197364f87f20b040ec71e23 all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good 0c5c62ddf88c34bc83b66e4ac9beb2bb0e1887d4 Bisecting: 2100 revisions left to test after this (roughly 11 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [162b944598344fd72800d453885979f06ca263f3] tools headers UAPI: Sync x86's asm/kvm.h with the kernel sources testing commit 162b944598344fd72800d453885979f06ca263f3 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b3e05222c64d3622c0d8c9c204817c98489423c35526c9bc4e5908dbb835176e all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good 162b944598344fd72800d453885979f06ca263f3 Bisecting: 1049 revisions left to test after this (roughly 10 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [4cd8371a234d051f9c9557fcbb1f8c523b1c0d10] nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done testing commit 4cd8371a234d051f9c9557fcbb1f8c523b1c0d10 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 4f6a763f48fa2ba0a524dc0c7b98330802187ff5112c8d7f042e451eaea812d2 all runs: OK # git bisect bad 4cd8371a234d051f9c9557fcbb1f8c523b1c0d10 Bisecting: 523 revisions left to test after this (roughly 9 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [f17fb26d4dd71b8ea05e1890d8c64d2eca27e7d5] Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux testing commit f17fb26d4dd71b8ea05e1890d8c64d2eca27e7d5 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a534d1176dbb8c98de44747285dae3054085320760978ccb3d2b1c0a13c30b5a all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good f17fb26d4dd71b8ea05e1890d8c64d2eca27e7d5 Bisecting: 261 revisions left to test after this (roughly 8 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [789b6cc2a5f9123b9c549b886fdc47c865cfe0ba] net/smc: fix wrong list_del in smc_lgr_cleanup_early testing commit 789b6cc2a5f9123b9c549b886fdc47c865cfe0ba compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f393a5214b7aa8ec30b2b3113fd7996c63e2f26d9a7e5d813f1f8cbc92266f4d all runs: OK # git bisect bad 789b6cc2a5f9123b9c549b886fdc47c865cfe0ba Bisecting: 153 revisions left to test after this (roughly 7 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [b3612ccdf2841c64ae7a8dd9e780c91240093fe6] net: dsa: microchip: implement multi-bridge support testing commit b3612ccdf2841c64ae7a8dd9e780c91240093fe6 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 636916c4881ab6978c066757b1766925481481e8d1891b5f77639b3260969326 all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good b3612ccdf2841c64ae7a8dd9e780c91240093fe6 Bisecting: 76 revisions left to test after this (roughly 6 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [189168181bb67825a14e8083d1503cfdc2891ebf] net: mpls: Remove rcu protection from nh_dev testing commit 189168181bb67825a14e8083d1503cfdc2891ebf compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 4fe3efac4f1fea703af09fe3f2e2441f4316f8d9dd6cd638b115f748dd0ff046 all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good 189168181bb67825a14e8083d1503cfdc2891ebf Bisecting: 37 revisions left to test after this (roughly 5 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [163000dbc772c1eae9bdfe7c8fe30155db1efd74] net: dsa: mv88e6xxx: Fix inband AN for 2500base-x on 88E6393X family testing commit 163000dbc772c1eae9bdfe7c8fe30155db1efd74 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a8f500843c4b63705876eb8df92d9ad24fc3749d48b83302951af37c22a04277 all runs: OK # git bisect bad 163000dbc772c1eae9bdfe7c8fe30155db1efd74 Bisecting: 19 revisions left to test after this (roughly 4 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [20ae1d6aa159eb91a9bf09ff92ccaa94dbea92c2] wireguard: device: reset peer src endpoint when netns exits testing commit 20ae1d6aa159eb91a9bf09ff92ccaa94dbea92c2 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: fdd58f14291bbdc8a2d1c39a437f579e49331a3f4ec18b50c08444e38bca0ed7 all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good 20ae1d6aa159eb91a9bf09ff92ccaa94dbea92c2 Bisecting: 9 revisions left to test after this (roughly 3 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [b83f5ac7d922e69a109261f5f940eebbd4e514c4] net: marvell: mvpp2: Fix the computation of shared CPUs testing commit b83f5ac7d922e69a109261f5f940eebbd4e514c4 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3d3318b72ce6760835a11e1e9596e164f9523f4d914fb0f992a5ea6bfa0ba4c2 all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good b83f5ac7d922e69a109261f5f940eebbd4e514c4 Bisecting: 4 revisions left to test after this (roughly 2 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [b0f38e15979fa8851e88e8aa371367f264e7b6e9] natsemi: xtensa: fix section mismatch warnings testing commit b0f38e15979fa8851e88e8aa371367f264e7b6e9 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a8f500843c4b63705876eb8df92d9ad24fc3749d48b83302951af37c22a04277 all runs: OK # git bisect bad b0f38e15979fa8851e88e8aa371367f264e7b6e9 Bisecting: 1 revision left to test after this (roughly 1 step) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [34d8778a943761121f391b7921f79a7adbe1feaf] MAINTAINERS: s390/net: add Alexandra and Wenjia as maintainer testing commit 34d8778a943761121f391b7921f79a7adbe1feaf compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3d3318b72ce6760835a11e1e9596e164f9523f4d914fb0f992a5ea6bfa0ba4c2 all runs: crashed: WARNING in ipvlan_unregister_nf_hook # git bisect good 34d8778a943761121f391b7921f79a7adbe1feaf Bisecting: 0 revisions left to test after this (roughly 0 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [f123cffdd8fe8ea6c7fded4b88516a42798797d0] net: netlink: af_netlink: Prevent empty skb by adding a check on len. testing commit f123cffdd8fe8ea6c7fded4b88516a42798797d0 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a8f500843c4b63705876eb8df92d9ad24fc3749d48b83302951af37c22a04277 all runs: OK # git bisect bad f123cffdd8fe8ea6c7fded4b88516a42798797d0 f123cffdd8fe8ea6c7fded4b88516a42798797d0 is the first bad commit commit f123cffdd8fe8ea6c7fded4b88516a42798797d0 Author: Harshit Mogalapalli Date: Mon Nov 29 09:53:27 2021 -0800 net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0 and skb->data_len=0 in the randomized corruption step as shown below. skb->data[prandom_u32() % skb_headlen(skb)] ^= 1<<(prandom_u32() % 8); Crash Report: [ 343.170349] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.216110] netem: version 1.3 [ 343.235841] divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 343.236680] CPU: 3 PID: 4288 Comm: reproducer Not tainted 5.16.0-rc1+ [ 343.237569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014 [ 343.238707] RIP: 0010:netem_enqueue+0x1590/0x33c0 [sch_netem] [ 343.239499] Code: 89 85 58 ff ff ff e8 5f 5d e9 d3 48 8b b5 48 ff ff ff 8b 8d 50 ff ff ff 8b 85 58 ff ff ff 48 8b bd 70 ff ff ff 31 d2 2b 4f 74 f1 48 b8 00 00 00 00 00 fc ff df 49 01 d5 4c 89 e9 48 c1 e9 03 [ 343.241883] RSP: 0018:ffff88800bcd7368 EFLAGS: 00010246 [ 343.242589] RAX: 00000000ba7c0a9c RBX: 0000000000000001 RCX: 0000000000000000 [ 343.243542] RDX: 0000000000000000 RSI: ffff88800f8edb10 RDI: ffff88800f8eda40 [ 343.244474] RBP: ffff88800bcd7458 R08: 0000000000000000 R09: ffffffff94fb8445 [ 343.245403] R10: ffffffff94fb8336 R11: ffffffff94fb8445 R12: 0000000000000000 [ 343.246355] R13: ffff88800a5a7000 R14: ffff88800a5b5800 R15: 0000000000000020 [ 343.247291] FS: 00007fdde2bd7700(0000) GS:ffff888109780000(0000) knlGS:0000000000000000 [ 343.248350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 343.249120] CR2: 00000000200000c0 CR3: 000000000ef4c000 CR4: 00000000000006e0 [ 343.250076] Call Trace: [ 343.250423] [ 343.250713] ? memcpy+0x4d/0x60 [ 343.251162] ? netem_init+0xa0/0xa0 [sch_netem] [ 343.251795] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.252443] netem_enqueue+0xe28/0x33c0 [sch_netem] [ 343.253102] ? stack_trace_save+0x87/0xb0 [ 343.253655] ? filter_irq_stacks+0xb0/0xb0 [ 343.254220] ? netem_init+0xa0/0xa0 [sch_netem] [ 343.254837] ? __kasan_check_write+0x14/0x20 [ 343.255418] ? _raw_spin_lock+0x88/0xd6 [ 343.255953] dev_qdisc_enqueue+0x50/0x180 [ 343.256508] __dev_queue_xmit+0x1a7e/0x3090 [ 343.257083] ? netdev_core_pick_tx+0x300/0x300 [ 343.257690] ? check_kcov_mode+0x10/0x40 [ 343.258219] ? _raw_spin_unlock_irqrestore+0x29/0x40 [ 343.258899] ? __kasan_init_slab_obj+0x24/0x30 [ 343.259529] ? setup_object.isra.71+0x23/0x90 [ 343.260121] ? new_slab+0x26e/0x4b0 [ 343.260609] ? kasan_poison+0x3a/0x50 [ 343.261118] ? kasan_unpoison+0x28/0x50 [ 343.261637] ? __kasan_slab_alloc+0x71/0x90 [ 343.262214] ? memcpy+0x4d/0x60 [ 343.262674] ? write_comp_data+0x2f/0x90 [ 343.263209] ? __kasan_check_write+0x14/0x20 [ 343.263802] ? __skb_clone+0x5d6/0x840 [ 343.264329] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.264958] dev_queue_xmit+0x1c/0x20 [ 343.265470] netlink_deliver_tap+0x652/0x9c0 [ 343.266067] netlink_unicast+0x5a0/0x7f0 [ 343.266608] ? netlink_attachskb+0x860/0x860 [ 343.267183] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.267820] ? write_comp_data+0x2f/0x90 [ 343.268367] netlink_sendmsg+0x922/0xe80 [ 343.268899] ? netlink_unicast+0x7f0/0x7f0 [ 343.269472] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.270099] ? write_comp_data+0x2f/0x90 [ 343.270644] ? netlink_unicast+0x7f0/0x7f0 [ 343.271210] sock_sendmsg+0x155/0x190 [ 343.271721] ____sys_sendmsg+0x75f/0x8f0 [ 343.272262] ? kernel_sendmsg+0x60/0x60 [ 343.272788] ? write_comp_data+0x2f/0x90 [ 343.273332] ? write_comp_data+0x2f/0x90 [ 343.273869] ___sys_sendmsg+0x10f/0x190 [ 343.274405] ? sendmsg_copy_msghdr+0x80/0x80 [ 343.274984] ? slab_post_alloc_hook+0x70/0x230 [ 343.275597] ? futex_wait_setup+0x240/0x240 [ 343.276175] ? security_file_alloc+0x3e/0x170 [ 343.276779] ? write_comp_data+0x2f/0x90 [ 343.277313] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.277969] ? write_comp_data+0x2f/0x90 [ 343.278515] ? __fget_files+0x1ad/0x260 [ 343.279048] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.279685] ? write_comp_data+0x2f/0x90 [ 343.280234] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.280874] ? sockfd_lookup_light+0xd1/0x190 [ 343.281481] __sys_sendmsg+0x118/0x200 [ 343.281998] ? __sys_sendmsg_sock+0x40/0x40 [ 343.282578] ? alloc_fd+0x229/0x5e0 [ 343.283070] ? write_comp_data+0x2f/0x90 [ 343.283610] ? write_comp_data+0x2f/0x90 [ 343.284135] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.284776] ? ktime_get_coarse_real_ts64+0xb8/0xf0 [ 343.285450] __x64_sys_sendmsg+0x7d/0xc0 [ 343.285981] ? syscall_enter_from_user_mode+0x4d/0x70 [ 343.286664] do_syscall_64+0x3a/0x80 [ 343.287158] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 343.287850] RIP: 0033:0x7fdde24cf289 [ 343.288344] Code: 01 00 48 81 c4 80 00 00 00 e9 f1 fe ff ff 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b7 db 2c 00 f7 d8 64 89 01 48 [ 343.290729] RSP: 002b:00007fdde2bd6d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 343.291730] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdde24cf289 [ 343.292673] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 343.293618] RBP: 00007fdde2bd6e20 R08: 0000000100000001 R09: 0000000000000000 [ 343.294557] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000000 [ 343.295493] R13: 0000000000021000 R14: 0000000000000000 R15: 00007fdde2bd7700 [ 343.296432] [ 343.296735] Modules linked in: sch_netem ip6_vti ip_vti ip_gre ipip sit ip_tunnel geneve macsec macvtap tap ipvlan macvlan 8021q garp mrp hsr wireguard libchacha20poly1305 chacha_x86_64 poly1305_x86_64 ip6_udp_tunnel udp_tunnel libblake2s blake2s_x86_64 libblake2s_generic curve25519_x86_64 libcurve25519_generic libchacha xfrm_interface xfrm6_tunnel tunnel4 veth netdevsim psample batman_adv nlmon dummy team bonding tls vcan ip6_gre ip6_tunnel tunnel6 gre tun ip6t_rpfilter ipt_REJECT nf_reject_ipv4 ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set ebtable_nat ebtable_broute ip6table_nat ip6table_mangle ip6table_security ip6table_raw iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 iptable_mangle iptable_security iptable_raw ebtable_filter ebtables rfkill ip6table_filter ip6_tables iptable_filter ppdev bochs drm_vram_helper drm_ttm_helper ttm drm_kms_helper cec parport_pc drm joydev floppy parport sg syscopyarea sysfillrect sysimgblt i2c_piix4 qemu_fw_cfg fb_sys_fops pcspkr [ 343.297459] ip_tables xfs virtio_net net_failover failover sd_mod sr_mod cdrom t10_pi ata_generic pata_acpi ata_piix libata virtio_pci virtio_pci_legacy_dev serio_raw virtio_pci_modern_dev dm_mirror dm_region_hash dm_log dm_mod [ 343.311074] Dumping ftrace buffer: [ 343.311532] (ftrace buffer empty) [ 343.312040] ---[ end trace a2e3db5a6ae05099 ]--- [ 343.312691] RIP: 0010:netem_enqueue+0x1590/0x33c0 [sch_netem] [ 343.313481] Code: 89 85 58 ff ff ff e8 5f 5d e9 d3 48 8b b5 48 ff ff ff 8b 8d 50 ff ff ff 8b 85 58 ff ff ff 48 8b bd 70 ff ff ff 31 d2 2b 4f 74 f1 48 b8 00 00 00 00 00 fc ff df 49 01 d5 4c 89 e9 48 c1 e9 03 [ 343.315893] RSP: 0018:ffff88800bcd7368 EFLAGS: 00010246 [ 343.316622] RAX: 00000000ba7c0a9c RBX: 0000000000000001 RCX: 0000000000000000 [ 343.317585] RDX: 0000000000000000 warning: unable to access '/syzkaller/.config/git/attributes': Permission denied RSI: ffff88800f8edb10 RDI: ffff88800f8eda40 [ 343.318549] RBP: ffff88800bcd7458 R08: 0000000000000000 R09: ffffffff94fb8445 [ 343.319503] R10: ffffffff94fb8336 R11: ffffffff94fb8445 R12: 0000000000000000 [ 343.320455] R13: ffff88800a5a7000 R14: ffff88800a5b5800 R15: 0000000000000020 [ 343.321414] FS: 00007fdde2bd7700(0000) GS:ffff888109780000(0000) knlGS:0000000000000000 [ 343.322489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 343.323283] CR2: 00000000200000c0 CR3: 000000000ef4c000 CR4: 00000000000006e0 [ 343.324264] Kernel panic - not syncing: Fatal exception in interrupt [ 343.333717] Dumping ftrace buffer: [ 343.334175] (ftrace buffer empty) [ 343.334653] Kernel Offset: 0x13600000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 343.336027] Rebooting in 86400 seconds.. Reported-by: syzkaller Signed-off-by: Harshit Mogalapalli Link: https://lore.kernel.org/r/20211129175328.55339-1-harshit.m.mogalapalli@oracle.com Signed-off-by: Jakub Kicinski net/netlink/af_netlink.c | 5 +++++ 1 file changed, 5 insertions(+) culprit signature: a8f500843c4b63705876eb8df92d9ad24fc3749d48b83302951af37c22a04277 parent signature: 3d3318b72ce6760835a11e1e9596e164f9523f4d914fb0f992a5ea6bfa0ba4c2 revisions tested: 22, total time: 4h13m39.688058704s (build: 2h10m45.024090488s, test: 1h59m39.758664269s) first good commit: f123cffdd8fe8ea6c7fded4b88516a42798797d0 net: netlink: af_netlink: Prevent empty skb by adding a check on len. recipients (to): ["davem@davemloft.net" "harshit.m.mogalapalli@oracle.com" "kuba@kernel.org" "kuba@kernel.org" "netdev@vger.kernel.org"] recipients (cc): ["dsahern@kernel.org" "edumazet@google.com" "fw@strlen.de" "linux-kernel@vger.kernel.org" "marcelo.leitner@gmail.com" "yajun.deng@linux.dev"]