bisecting fixing commit since 2cc3c4b3c2e9c99e90aaf19cd801ff2c160f283c building syzkaller on 424dd8e7b52828cad44ce653a5d4ac30670f5e2c testing commit 2cc3c4b3c2e9c99e90aaf19cd801ff2c160f283c compiler: gcc (GCC) 8.4.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d62f9db7726ef4ab52be94e1fce4e858b7deb237d28b2d27e3e78dcaf176b512 all runs: crashed: KASAN: use-after-free Read in free_netdev testing current HEAD 74c78b4291b4466b44a57b3b7c3b98ad02628686 testing commit 74c78b4291b4466b44a57b3b7c3b98ad02628686 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: b7a922b9ac62d35f58b1ca20894b4724cdc070b4ed39950a4e5424ddfed1b81e all runs: OK # git bisect start 74c78b4291b4466b44a57b3b7c3b98ad02628686 2cc3c4b3c2e9c99e90aaf19cd801ff2c160f283c Bisecting: 55225 revisions left to test after this (roughly 16 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [68a32ba14177d4a21c4a9a941cf1d7aea86d436f] Merge tag 'drm-next-2021-04-28' of git://anongit.freedesktop.org/drm/drm testing commit 68a32ba14177d4a21c4a9a941cf1d7aea86d436f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8545aa45c26d6a688071635c684499f569058ba0f478c0e02c91fd296c4bf15e all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good 68a32ba14177d4a21c4a9a941cf1d7aea86d436f Bisecting: 27596 revisions left to test after this (roughly 15 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [e6a70a02defd9200ed4b9fbf3714fa9622a93fa3] Merge tag 'wireless-drivers-next-2021-08-22' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next testing commit e6a70a02defd9200ed4b9fbf3714fa9622a93fa3 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: dcffdcc4051e76edd70eb13df100a41c4aeee3af96f313dc68775e7aed4de162 all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good e6a70a02defd9200ed4b9fbf3714fa9622a93fa3 Bisecting: 13808 revisions left to test after this (roughly 14 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [72b93a86856cfe9358752d8797a729ca8e9b6a5f] Merge branch 'mlxsw-rif-mac-prefixes' testing commit 72b93a86856cfe9358752d8797a729ca8e9b6a5f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c6bc54592908f1746a2d470ce2a01114cf81c904887e0eadbf1a008a8dce27a5 all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good 72b93a86856cfe9358752d8797a729ca8e9b6a5f Bisecting: 6951 revisions left to test after this (roughly 13 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [ae45d84fc36d01dcb1007f4298871eec37907904] Merge tag 'dt-5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit ae45d84fc36d01dcb1007f4298871eec37907904 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: cfb83adc2f80483d557ff9ededc3589e209cb703c8feed206b9e4a100f5d72cf all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good ae45d84fc36d01dcb1007f4298871eec37907904 Bisecting: 3482 revisions left to test after this (roughly 12 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [a0c7d4a07f2f0f7cddda690b53f2e50c50ded309] Merge tag 'for-linus-5.16-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux testing commit a0c7d4a07f2f0f7cddda690b53f2e50c50ded309 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: a2eaf45e7613e8d0903912f477d6e2bf9dbbcabdda6bb684e54287191ad32b3e all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good a0c7d4a07f2f0f7cddda690b53f2e50c50ded309 Bisecting: 1745 revisions left to test after this (roughly 11 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [61564e7b3abcb67d57b09afdb4b14b85f8bc1976] Merge tag 'block-5.16-2021-11-19' of git://git.kernel.dk/linux-block testing commit 61564e7b3abcb67d57b09afdb4b14b85f8bc1976 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d15c9c8cbf6064e5bed148af6e1edb0a5edd759714aa2150e9074ac00bf68561 all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good 61564e7b3abcb67d57b09afdb4b14b85f8bc1976 Bisecting: 892 revisions left to test after this (roughly 10 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [27698cd2a3c07d124fad6bfc8dd93fd1c5d46879] Merge tag 'mtd/fixes-for-5.16-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux testing commit 27698cd2a3c07d124fad6bfc8dd93fd1c5d46879 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5b060658cbfdae21d112002a766f321117091624a9d7b1829befd5fb3c91942b all runs: OK # git bisect bad 27698cd2a3c07d124fad6bfc8dd93fd1c5d46879 Bisecting: 425 revisions left to test after this (roughly 9 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [adfb743ac0267de089c878d2f81be2facdcb4fe2] Merge tag 'iomap-5.16-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux testing commit adfb743ac0267de089c878d2f81be2facdcb4fe2 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c33eccd04813283540cea4aa4821282e8617bdd27008fa8bcd89e77dfe28b98d all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good adfb743ac0267de089c878d2f81be2facdcb4fe2 Bisecting: 204 revisions left to test after this (roughly 8 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [a51e3ac43ddbad891c2b1a4f3aa52371d6939570] Merge tag 'net-5.16-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit a51e3ac43ddbad891c2b1a4f3aa52371d6939570 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 0a03eca764f8e901e09a204ff9f71fd92bdeff58aa7a0454d024fe49cde87a37 all runs: OK # git bisect bad a51e3ac43ddbad891c2b1a4f3aa52371d6939570 Bisecting: 102 revisions left to test after this (roughly 7 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [4536579b76168db26d38e4b8516d05570a412819] Merge tag 'sound-5.16-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound testing commit 4536579b76168db26d38e4b8516d05570a412819 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 408a7a72ff1d55ba2b4a19b5b29966c13677a8a6df33584211f4f7c116799aa3 all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good 4536579b76168db26d38e4b8516d05570a412819 Bisecting: 51 revisions left to test after this (roughly 6 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [76091b0fb60970f610b7ba2d886cd7fb95c5eb2e] net/mlx5: Fix use after free in mlx5_health_wait_pci_up testing commit 76091b0fb60970f610b7ba2d886cd7fb95c5eb2e compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8f37d7e1b16ec2dd9fa36fe0d57e621e67369ba8767f0b4b95a344b1c0300108 all runs: OK # git bisect bad 76091b0fb60970f610b7ba2d886cd7fb95c5eb2e Bisecting: 25 revisions left to test after this (roughly 5 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [7e938beb8321d34f040557b8915b228af125f73c] wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST testing commit 7e938beb8321d34f040557b8915b228af125f73c compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 684c68f56ec0ab84055f913007f1ff8f28a8a8b6aad8daf2155efc77faa7f5fa all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good 7e938beb8321d34f040557b8915b228af125f73c Bisecting: 12 revisions left to test after this (roughly 4 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [f4a8adbfe4841491b60c14fe610571e1422359f9] dpaa2-eth: destroy workqueue at the end of remove function testing commit f4a8adbfe4841491b60c14fe610571e1422359f9 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d1418d578b95d5a33dcd7c1bd2ed9305d67b086d51da4fc58cf4100b426049e0 all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good f4a8adbfe4841491b60c14fe610571e1422359f9 Bisecting: 6 revisions left to test after this (roughly 3 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [4cce2ccf08fbc27ae34ce0e72db15166e7b5f6a7] net/mlx5e: Sync TIR params updates against concurrent create/modify testing commit 4cce2ccf08fbc27ae34ce0e72db15166e7b5f6a7 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8f37d7e1b16ec2dd9fa36fe0d57e621e67369ba8767f0b4b95a344b1c0300108 all runs: OK # git bisect bad 4cce2ccf08fbc27ae34ce0e72db15166e7b5f6a7 Bisecting: 2 revisions left to test after this (roughly 2 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [b0f38e15979fa8851e88e8aa371367f264e7b6e9] natsemi: xtensa: fix section mismatch warnings testing commit b0f38e15979fa8851e88e8aa371367f264e7b6e9 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8f37d7e1b16ec2dd9fa36fe0d57e621e67369ba8767f0b4b95a344b1c0300108 all runs: OK # git bisect bad b0f38e15979fa8851e88e8aa371367f264e7b6e9 Bisecting: 0 revisions left to test after this (roughly 1 step) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [f123cffdd8fe8ea6c7fded4b88516a42798797d0] net: netlink: af_netlink: Prevent empty skb by adding a check on len. testing commit f123cffdd8fe8ea6c7fded4b88516a42798797d0 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8f37d7e1b16ec2dd9fa36fe0d57e621e67369ba8767f0b4b95a344b1c0300108 all runs: OK # git bisect bad f123cffdd8fe8ea6c7fded4b88516a42798797d0 Bisecting: 0 revisions left to test after this (roughly 0 steps) warning: unable to access '/syzkaller/.config/git/ignore': Permission denied warning: unable to access '/syzkaller/.config/git/attributes': Permission denied [34d8778a943761121f391b7921f79a7adbe1feaf] MAINTAINERS: s390/net: add Alexandra and Wenjia as maintainer testing commit 34d8778a943761121f391b7921f79a7adbe1feaf compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d1418d578b95d5a33dcd7c1bd2ed9305d67b086d51da4fc58cf4100b426049e0 all runs: crashed: KASAN: use-after-free Read in free_netdev # git bisect good 34d8778a943761121f391b7921f79a7adbe1feaf f123cffdd8fe8ea6c7fded4b88516a42798797d0 is the first bad commit commit f123cffdd8fe8ea6c7fded4b88516a42798797d0 Author: Harshit Mogalapalli Date: Mon Nov 29 09:53:27 2021 -0800 net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0 and skb->data_len=0 in the randomized corruption step as shown below. skb->data[prandom_u32() % skb_headlen(skb)] ^= 1<<(prandom_u32() % 8); Crash Report: [ 343.170349] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.216110] netem: version 1.3 [ 343.235841] divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 343.236680] CPU: 3 PID: 4288 Comm: reproducer Not tainted 5.16.0-rc1+ [ 343.237569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014 [ 343.238707] RIP: 0010:netem_enqueue+0x1590/0x33c0 [sch_netem] [ 343.239499] Code: 89 85 58 ff ff ff e8 5f 5d e9 d3 48 8b b5 48 ff ff ff 8b 8d 50 ff ff ff 8b 85 58 ff ff ff 48 8b bd 70 ff ff ff 31 d2 2b 4f 74 f1 48 b8 00 00 00 00 00 fc ff df 49 01 d5 4c 89 e9 48 c1 e9 03 [ 343.241883] RSP: 0018:ffff88800bcd7368 EFLAGS: 00010246 [ 343.242589] RAX: 00000000ba7c0a9c RBX: 0000000000000001 RCX: 0000000000000000 [ 343.243542] RDX: 0000000000000000 RSI: ffff88800f8edb10 RDI: ffff88800f8eda40 [ 343.244474] RBP: ffff88800bcd7458 R08: 0000000000000000 R09: ffffffff94fb8445 [ 343.245403] R10: ffffffff94fb8336 R11: ffffffff94fb8445 R12: 0000000000000000 [ 343.246355] R13: ffff88800a5a7000 R14: ffff88800a5b5800 R15: 0000000000000020 [ 343.247291] FS: 00007fdde2bd7700(0000) GS:ffff888109780000(0000) knlGS:0000000000000000 [ 343.248350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 343.249120] CR2: 00000000200000c0 CR3: 000000000ef4c000 CR4: 00000000000006e0 [ 343.250076] Call Trace: [ 343.250423] [ 343.250713] ? memcpy+0x4d/0x60 [ 343.251162] ? netem_init+0xa0/0xa0 [sch_netem] [ 343.251795] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.252443] netem_enqueue+0xe28/0x33c0 [sch_netem] [ 343.253102] ? stack_trace_save+0x87/0xb0 [ 343.253655] ? filter_irq_stacks+0xb0/0xb0 [ 343.254220] ? netem_init+0xa0/0xa0 [sch_netem] [ 343.254837] ? __kasan_check_write+0x14/0x20 [ 343.255418] ? _raw_spin_lock+0x88/0xd6 [ 343.255953] dev_qdisc_enqueue+0x50/0x180 [ 343.256508] __dev_queue_xmit+0x1a7e/0x3090 [ 343.257083] ? netdev_core_pick_tx+0x300/0x300 [ 343.257690] ? check_kcov_mode+0x10/0x40 [ 343.258219] ? _raw_spin_unlock_irqrestore+0x29/0x40 [ 343.258899] ? __kasan_init_slab_obj+0x24/0x30 [ 343.259529] ? setup_object.isra.71+0x23/0x90 [ 343.260121] ? new_slab+0x26e/0x4b0 [ 343.260609] ? kasan_poison+0x3a/0x50 [ 343.261118] ? kasan_unpoison+0x28/0x50 [ 343.261637] ? __kasan_slab_alloc+0x71/0x90 [ 343.262214] ? memcpy+0x4d/0x60 [ 343.262674] ? write_comp_data+0x2f/0x90 [ 343.263209] ? __kasan_check_write+0x14/0x20 [ 343.263802] ? __skb_clone+0x5d6/0x840 [ 343.264329] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.264958] dev_queue_xmit+0x1c/0x20 [ 343.265470] netlink_deliver_tap+0x652/0x9c0 [ 343.266067] netlink_unicast+0x5a0/0x7f0 [ 343.266608] ? netlink_attachskb+0x860/0x860 [ 343.267183] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.267820] ? write_comp_data+0x2f/0x90 [ 343.268367] netlink_sendmsg+0x922/0xe80 [ 343.268899] ? netlink_unicast+0x7f0/0x7f0 [ 343.269472] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.270099] ? write_comp_data+0x2f/0x90 [ 343.270644] ? netlink_unicast+0x7f0/0x7f0 [ 343.271210] sock_sendmsg+0x155/0x190 [ 343.271721] ____sys_sendmsg+0x75f/0x8f0 [ 343.272262] ? kernel_sendmsg+0x60/0x60 [ 343.272788] ? write_comp_data+0x2f/0x90 [ 343.273332] ? write_comp_data+0x2f/0x90 [ 343.273869] ___sys_sendmsg+0x10f/0x190 [ 343.274405] ? sendmsg_copy_msghdr+0x80/0x80 [ 343.274984] ? slab_post_alloc_hook+0x70/0x230 [ 343.275597] ? futex_wait_setup+0x240/0x240 [ 343.276175] ? security_file_alloc+0x3e/0x170 [ 343.276779] ? write_comp_data+0x2f/0x90 [ 343.277313] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.277969] ? write_comp_data+0x2f/0x90 [ 343.278515] ? __fget_files+0x1ad/0x260 [ 343.279048] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.279685] ? write_comp_data+0x2f/0x90 [ 343.280234] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.280874] ? sockfd_lookup_light+0xd1/0x190 [ 343.281481] __sys_sendmsg+0x118/0x200 [ 343.281998] ? __sys_sendmsg_sock+0x40/0x40 [ 343.282578] ? alloc_fd+0x229/0x5e0 [ 343.283070] ? write_comp_data+0x2f/0x90 [ 343.283610] ? write_comp_data+0x2f/0x90 [ 343.284135] ? __sanitizer_cov_trace_pc+0x21/0x60 [ 343.284776] ? ktime_get_coarse_real_ts64+0xb8/0xf0 [ 343.285450] __x64_sys_sendmsg+0x7d/0xc0 [ 343.285981] ? syscall_enter_from_user_mode+0x4d/0x70 [ 343.286664] do_syscall_64+0x3a/0x80 [ 343.287158] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 343.287850] RIP: 0033:0x7fdde24cf289 [ 343.288344] Code: 01 00 48 81 c4 80 00 00 00 e9 f1 fe ff ff 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b7 db 2c 00 f7 d8 64 89 01 48 [ 343.290729] RSP: 002b:00007fdde2bd6d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 343.291730] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdde24cf289 [ 343.292673] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 343.293618] RBP: 00007fdde2bd6e20 R08: 0000000100000001 R09: 0000000000000000 [ 343.294557] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000000 [ 343.295493] R13: 0000000000021000 R14: 0000000000000000 R15: 00007fdde2bd7700 [ 343.296432] [ 343.296735] Modules linked in: sch_netem ip6_vti ip_vti ip_gre ipip sit ip_tunnel geneve macsec macvtap tap ipvlan macvlan 8021q garp mrp hsr wireguard libchacha20poly1305 chacha_x86_64 poly1305_x86_64 ip6_udp_tunnel udp_tunnel libblake2s blake2s_x86_64 libblake2s_generic curve25519_x86_64 libcurve25519_generic libchacha xfrm_interface xfrm6_tunnel tunnel4 veth netdevsim psample batman_adv nlmon dummy team bonding tls vcan ip6_gre ip6_tunnel tunnel6 gre tun ip6t_rpfilter ipt_REJECT nf_reject_ipv4 ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set ebtable_nat ebtable_broute ip6table_nat ip6table_mangle ip6table_security ip6table_raw iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 iptable_mangle iptable_security iptable_raw ebtable_filter ebtables rfkill ip6table_filter ip6_tables iptable_filter ppdev bochs drm_vram_helper drm_ttm_helper ttm drm_kms_helper cec parport_pc drm joydev floppy parport sg syscopyarea sysfillrect sysimgblt i2c_piix4 qemu_fw_cfg fb_sys_fops pcspkr [ 343.297459] ip_tables xfs virtio_net net_failover failover sd_mod sr_mod cdrom t10_pi ata_generic pata_acpi ata_piix libata virtio_pci virtio_pci_legacy_dev serio_raw virtio_pci_modern_dev dm_mirror dm_region_hash dm_log dm_mod [ 343.311074] Dumping ftrace buffer: [ 343.311532] (ftrace buffer empty) [ 343.312040] ---[ end trace a2e3db5a6ae05099 ]--- [ 343.312691] RIP: 0010:netem_enqueue+0x1590/0x33c0 [sch_netem] [ 343.313481] Code: 89 85 58 ff ff ff e8 5f 5d e9 d3 48 8b b5 48 ff ff ff 8b 8d 50 ff ff ff 8b 85 58 ff ff ff 48 8b bd 70 ff ff ff 31 d2 2b 4f 74 f1 48 b8 00 00 00 00 00 fc ff df 49 01 d5 4c 89 e9 48 c1 e9 03 [ 343.315893] RSP: 0018:ffff88800bcd7368 EFLAGS: 00010246 [ 343.316622] RAX: 00000000ba7c0a9c RBX: 0000000000000001 RCX: 0000000000000000 [ 343.317585] RDX: 0000000000000000 warning: unable to access '/syzkaller/.config/git/attributes': Permission denied RSI: ffff88800f8edb10 RDI: ffff88800f8eda40 [ 343.318549] RBP: ffff88800bcd7458 R08: 0000000000000000 R09: ffffffff94fb8445 [ 343.319503] R10: ffffffff94fb8336 R11: ffffffff94fb8445 R12: 0000000000000000 [ 343.320455] R13: ffff88800a5a7000 R14: ffff88800a5b5800 R15: 0000000000000020 [ 343.321414] FS: 00007fdde2bd7700(0000) GS:ffff888109780000(0000) knlGS:0000000000000000 [ 343.322489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 343.323283] CR2: 00000000200000c0 CR3: 000000000ef4c000 CR4: 00000000000006e0 [ 343.324264] Kernel panic - not syncing: Fatal exception in interrupt [ 343.333717] Dumping ftrace buffer: [ 343.334175] (ftrace buffer empty) [ 343.334653] Kernel Offset: 0x13600000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 343.336027] Rebooting in 86400 seconds.. Reported-by: syzkaller Signed-off-by: Harshit Mogalapalli Link: https://lore.kernel.org/r/20211129175328.55339-1-harshit.m.mogalapalli@oracle.com Signed-off-by: Jakub Kicinski net/netlink/af_netlink.c | 5 +++++ 1 file changed, 5 insertions(+) culprit signature: 8f37d7e1b16ec2dd9fa36fe0d57e621e67369ba8767f0b4b95a344b1c0300108 parent signature: d1418d578b95d5a33dcd7c1bd2ed9305d67b086d51da4fc58cf4100b426049e0 revisions tested: 19, total time: 3h43m23.679909335s (build: 1h51m4.280431222s, test: 1h49m41.157541061s) first good commit: f123cffdd8fe8ea6c7fded4b88516a42798797d0 net: netlink: af_netlink: Prevent empty skb by adding a check on len. recipients (to): ["davem@davemloft.net" "harshit.m.mogalapalli@oracle.com" "kuba@kernel.org" "kuba@kernel.org" "netdev@vger.kernel.org"] recipients (cc): ["dsahern@kernel.org" "edumazet@google.com" "fw@strlen.de" "linux-kernel@vger.kernel.org" "marcelo.leitner@gmail.com" "yajun.deng@linux.dev"]