WARNING in port100_send_frame_async/usb_submit_urb
13 views
Skip to first unread message
syzbot
Dec 1, 2020, 4:21:28 AM12/1/20
to eli.bi...@gmail.com, gre...@linuxfoundation.org, gusta...@kernel.org, ingr...@epigenesys.com, linux-...@vger.kernel.org, linu...@vger.kernel.org, st...@rowland.harvard.edu, syzkall...@googlegroups.com, ti...@suse.de
Hello,
syzbot found the following issue on:
HEAD commit: c84e1efa Merge tag 'asm-generic-fixes-5.10-2' of git://git..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=14a98565500000
kernel config: https://syzkaller.appspot.com/x/.config?x=7be70951fca93701
dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0
compiler: clang version 11.0.0 (https://github.com/llvm/llvm-project.git ca2dcbd030eadbf0aa9b660efe864ff08af6e18b)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17c607f1500000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dbec66...@syzkaller.appspotmail.com
usb 1-1: string descriptor 0 read error: -32
------------[ cut here ]------------
URB 000000005c26bc1e submitted while active
WARNING: CPU: 0 PID: 5 at drivers/usb/core/urb.c:378 usb_submit_urb+0xf57/0x1510 drivers/usb/core/urb.c:378
Modules linked in:
CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.10.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
RIP: 0010:usb_submit_urb+0xf57/0x1510 drivers/usb/core/urb.c:378
Code: 5c 41 5d 41 5e 41 5f 5d e9 76 5b ff ff e8 f1 e8 04 fc c6 05 25 0e 8b 07 01 48 c7 c7 a0 b7 5b 8a 4c 89 e6 31 c0 e8 89 07 d5 fb <0f> 0b e9 20 f1 ff ff e8 cd e8 04 fc eb 05 e8 c6 e8 04 fc bb a6 ff
RSP: 0018:ffffc90000ca6ec8 EFLAGS: 00010246
RAX: cf72e284cb303700 RBX: ffff888021723708 RCX: ffff888011108000
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 0000000000000cc0 R08: ffffffff815d29f2 R09: ffffed1017383ffc
R10: ffffed1017383ffc R11: 0000000000000000 R12: ffff888021723700
R13: dffffc0000000000 R14: ffff888012cfa458 R15: 1ffff1100259f489
FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000056157313d160 CR3: 000000001e22c000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
port100_send_frame_async+0x1ea/0x390 drivers/nfc/port100.c:780
port100_send_cmd_async+0x6c7/0x950 drivers/nfc/port100.c:876
port100_send_cmd_sync drivers/nfc/port100.c:916 [inline]
port100_set_command_type drivers/nfc/port100.c:987 [inline]
port100_probe+0xd4f/0x1600 drivers/nfc/port100.c:1567
usb_probe_interface+0x662/0xb40 drivers/usb/core/driver.c:396
really_probe+0x4ab/0x1380 drivers/base/dd.c:558
driver_probe_device+0x15b/0x310 drivers/base/dd.c:738
bus_for_each_drv+0x108/0x170 drivers/base/bus.c:431
__device_attach+0x2c9/0x480 drivers/base/dd.c:912
bus_probe_device+0xb8/0x1f0 drivers/base/bus.c:491
device_add+0x1612/0x19e0 drivers/base/core.c:2936
usb_set_configuration+0x1c17/0x2100 drivers/usb/core/message.c:2159
usb_generic_driver_probe+0x82/0x140 drivers/usb/core/generic.c:238
usb_probe_device+0x13a/0x260 drivers/usb/core/driver.c:293
really_probe+0x4ab/0x1380 drivers/base/dd.c:558
driver_probe_device+0x15b/0x310 drivers/base/dd.c:738
bus_for_each_drv+0x108/0x170 drivers/base/bus.c:431
__device_attach+0x2c9/0x480 drivers/base/dd.c:912
bus_probe_device+0xb8/0x1f0 drivers/base/bus.c:491
device_add+0x1612/0x19e0 drivers/base/core.c:2936
usb_new_device+0xcc3/0x1700 drivers/usb/core/hub.c:2554
hub_port_connect+0xec7/0x2540 drivers/usb/core/hub.c:5222
hub_port_connect_change+0x600/0xb00 drivers/usb/core/hub.c:5362
port_event+0xae9/0x10a0 drivers/usb/core/hub.c:5508
hub_event+0x417/0xcb0 drivers/usb/core/hub.c:5590
process_one_work+0x789/0xfc0 kernel/workqueue.c:2272
worker_thread+0xaa4/0x1460 kernel/workqueue.c:2418
kthread+0x39a/0x3c0 kernel/kthread.c:292
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: c84e1efa Merge tag 'asm-generic-fixes-5.10-2' of git://git..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=14a98565500000
kernel config: https://syzkaller.appspot.com/x/.config?x=7be70951fca93701
dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0
compiler: clang version 11.0.0 (https://github.com/llvm/llvm-project.git ca2dcbd030eadbf0aa9b660efe864ff08af6e18b)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17c607f1500000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dbec66...@syzkaller.appspotmail.com
usb 1-1: string descriptor 0 read error: -32
------------[ cut here ]------------
URB 000000005c26bc1e submitted while active
WARNING: CPU: 0 PID: 5 at drivers/usb/core/urb.c:378 usb_submit_urb+0xf57/0x1510 drivers/usb/core/urb.c:378
Modules linked in:
CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.10.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
RIP: 0010:usb_submit_urb+0xf57/0x1510 drivers/usb/core/urb.c:378
Code: 5c 41 5d 41 5e 41 5f 5d e9 76 5b ff ff e8 f1 e8 04 fc c6 05 25 0e 8b 07 01 48 c7 c7 a0 b7 5b 8a 4c 89 e6 31 c0 e8 89 07 d5 fb <0f> 0b e9 20 f1 ff ff e8 cd e8 04 fc eb 05 e8 c6 e8 04 fc bb a6 ff
RSP: 0018:ffffc90000ca6ec8 EFLAGS: 00010246
RAX: cf72e284cb303700 RBX: ffff888021723708 RCX: ffff888011108000
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: 0000000000000cc0 R08: ffffffff815d29f2 R09: ffffed1017383ffc
R10: ffffed1017383ffc R11: 0000000000000000 R12: ffff888021723700
R13: dffffc0000000000 R14: ffff888012cfa458 R15: 1ffff1100259f489
FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000056157313d160 CR3: 000000001e22c000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
port100_send_frame_async+0x1ea/0x390 drivers/nfc/port100.c:780
port100_send_cmd_async+0x6c7/0x950 drivers/nfc/port100.c:876
port100_send_cmd_sync drivers/nfc/port100.c:916 [inline]
port100_set_command_type drivers/nfc/port100.c:987 [inline]
port100_probe+0xd4f/0x1600 drivers/nfc/port100.c:1567
usb_probe_interface+0x662/0xb40 drivers/usb/core/driver.c:396
really_probe+0x4ab/0x1380 drivers/base/dd.c:558
driver_probe_device+0x15b/0x310 drivers/base/dd.c:738
bus_for_each_drv+0x108/0x170 drivers/base/bus.c:431
__device_attach+0x2c9/0x480 drivers/base/dd.c:912
bus_probe_device+0xb8/0x1f0 drivers/base/bus.c:491
device_add+0x1612/0x19e0 drivers/base/core.c:2936
usb_set_configuration+0x1c17/0x2100 drivers/usb/core/message.c:2159
usb_generic_driver_probe+0x82/0x140 drivers/usb/core/generic.c:238
usb_probe_device+0x13a/0x260 drivers/usb/core/driver.c:293
really_probe+0x4ab/0x1380 drivers/base/dd.c:558
driver_probe_device+0x15b/0x310 drivers/base/dd.c:738
bus_for_each_drv+0x108/0x170 drivers/base/bus.c:431
__device_attach+0x2c9/0x480 drivers/base/dd.c:912
bus_probe_device+0xb8/0x1f0 drivers/base/bus.c:491
device_add+0x1612/0x19e0 drivers/base/core.c:2936
usb_new_device+0xcc3/0x1700 drivers/usb/core/hub.c:2554
hub_port_connect+0xec7/0x2540 drivers/usb/core/hub.c:5222
hub_port_connect_change+0x600/0xb00 drivers/usb/core/hub.c:5362
port_event+0xae9/0x10a0 drivers/usb/core/hub.c:5508
hub_event+0x417/0xcb0 drivers/usb/core/hub.c:5590
process_one_work+0x789/0xfc0 kernel/workqueue.c:2272
worker_thread+0xaa4/0x1460 kernel/workqueue.c:2418
kthread+0x39a/0x3c0 kernel/kthread.c:292
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Hillf Danton
Dec 1, 2020, 4:47:19 AM12/1/20
to syzbot, eli.bi...@gmail.com, gre...@linuxfoundation.org, gusta...@kernel.org, ingr...@epigenesys.com, linux-...@vger.kernel.org, linu...@vger.kernel.org, st...@rowland.harvard.edu, syzkall...@googlegroups.com, ti...@suse.de
On Tue, 01 Dec 2020 01:21:27 -0800
Clear urb before putting it in use.
--- a/drivers/nfc/port100.c
+++ b/drivers/nfc/port100.c
@@ -1525,7 +1525,7 @@ static int port100_probe(struct usb_inte
}
dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
- dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
+ dev->out_urb = usb_alloc_urb(0, GFP_KERNEL | __GFP_ZERO);
if (!dev->in_urb || !dev->out_urb) {
nfc_err(&interface->dev, "Could not allocate USB URBs\n");
--- a/drivers/nfc/port100.c
+++ b/drivers/nfc/port100.c
@@ -1525,7 +1525,7 @@ static int port100_probe(struct usb_inte
}
dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
- dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
+ dev->out_urb = usb_alloc_urb(0, GFP_KERNEL | __GFP_ZERO);
if (!dev->in_urb || !dev->out_urb) {
nfc_err(&interface->dev, "Could not allocate USB URBs\n");
Greg KH
Dec 1, 2020, 4:57:55 AM12/1/20
to Hillf Danton, syzbot, eli.bi...@gmail.com, gusta...@kernel.org, ingr...@epigenesys.com, linux-...@vger.kernel.org, linu...@vger.kernel.org, st...@rowland.harvard.edu, syzkall...@googlegroups.com, ti...@suse.de
error?
Hillf Danton
Dec 1, 2020, 5:36:40 AM12/1/20
to Greg KH, syzbot, eli.bi...@gmail.com, gusta...@kernel.org, ingr...@epigenesys.com, linux-...@vger.kernel.org, linu...@vger.kernel.org, st...@rowland.harvard.edu, syzkall...@googlegroups.com, ti...@suse.de
drivers/usb/core/urb.c:377 fail.
Alan Stern
Dec 1, 2020, 9:50:55 AM12/1/20
to Greg KH, Hillf Danton, syzbot, eli.bi...@gmail.com, gusta...@kernel.org, ingr...@epigenesys.com, linux-...@vger.kernel.org, linu...@vger.kernel.org, syzkall...@googlegroups.com, ti...@suse.de
On Tue, Dec 01, 2020 at 10:59:06AM +0100, Greg KH wrote:
> On Tue, Dec 01, 2020 at 05:47:02PM +0800, Hillf Danton wrote:
> > On Tue, 01 Dec 2020 01:21:27 -0800
> > > syzbot found the following issue on:
> > >
> > > HEAD commit: c84e1efa Merge tag 'asm-generic-fixes-5.10-2' of git://git..
> > > git tree: upstream
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=14a98565500000
> > > kernel config: https://syzkaller.appspot.com/x/.config?x=7be70951fca93701
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0
> > > compiler: clang version 11.0.0 (https://github.com/llvm/llvm-project.git ca2dcbd030eadbf0aa9b660efe864ff08af6e18b)
> > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17c607f1500000
> > >
> > > IMPORTANT: if you fix the issue, please add the following tag to the commit:
> > > Reported-by: syzbot+dbec66...@syzkaller.appspotmail.com
> > >
> > > usb 1-1: string descriptor 0 read error: -32
> > > ------------[ cut here ]------------
> > > URB 000000005c26bc1e submitted while active
> On Tue, Dec 01, 2020 at 05:47:02PM +0800, Hillf Danton wrote:
> > On Tue, 01 Dec 2020 01:21:27 -0800
> > > syzbot found the following issue on:
> > >
> > > HEAD commit: c84e1efa Merge tag 'asm-generic-fixes-5.10-2' of git://git..
> > > git tree: upstream
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=14a98565500000
> > > kernel config: https://syzkaller.appspot.com/x/.config?x=7be70951fca93701
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0
> > > compiler: clang version 11.0.0 (https://github.com/llvm/llvm-project.git ca2dcbd030eadbf0aa9b660efe864ff08af6e18b)
> > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17c607f1500000
> > >
> > > IMPORTANT: if you fix the issue, please add the following tag to the commit:
> > > Reported-by: syzbot+dbec66...@syzkaller.appspotmail.com
> > >
> > > usb 1-1: string descriptor 0 read error: -32
> > > ------------[ cut here ]------------
> > > URB 000000005c26bc1e submitted while active
> > Clear urb before putting it in use.
> >
> > --- a/drivers/nfc/port100.c
> > +++ b/drivers/nfc/port100.c
> > @@ -1525,7 +1525,7 @@ static int port100_probe(struct usb_inte
> > }
> >
> > dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
> > - dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
> > + dev->out_urb = usb_alloc_urb(0, GFP_KERNEL | __GFP_ZERO);
> >
> > if (!dev->in_urb || !dev->out_urb) {
> > nfc_err(&interface->dev, "Could not allocate USB URBs\n");
>
> How does this solve a warning in the USB core about a string descriptor
> error?
Greg, you misread the bug report. The problem wasn't the string
> >
> > --- a/drivers/nfc/port100.c
> > +++ b/drivers/nfc/port100.c
> > @@ -1525,7 +1525,7 @@ static int port100_probe(struct usb_inte
> > }
> >
> > dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
> > - dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
> > + dev->out_urb = usb_alloc_urb(0, GFP_KERNEL | __GFP_ZERO);
> >
> > if (!dev->in_urb || !dev->out_urb) {
> > nfc_err(&interface->dev, "Could not allocate USB URBs\n");
>
> How does this solve a warning in the USB core about a string descriptor
> error?
descriptor read error; it was URB submitted while active.
More to the point, adding __GFP_ZERO to the usb_alloc_urb call won't fix
anything, because usb_alloc_urb calls usb_init_urb, which already does a
memset.
Alan Stern
Greg KH
Dec 1, 2020, 11:40:35 AM12/1/20
to Hillf Danton, syzbot, eli.bi...@gmail.com, gusta...@kernel.org, ingr...@epigenesys.com, linux-...@vger.kernel.org, linu...@vger.kernel.org, st...@rowland.harvard.edu, syzkall...@googlegroups.com, ti...@suse.de
not the real problem here.
But, as he also points out, this change will not do anything, nor should
it even if that flag worked. The problem is that the urb is already
under control by a host controller driver and shouldn't have been
submitted again.
thanks,
greg k-h
Alan Stern
Dec 2, 2020, 4:19:34 PM12/2/20
to syzbot, Thierry Escande, eli.bi...@gmail.com, gre...@linuxfoundation.org, gusta...@kernel.org, ingr...@epigenesys.com, linux-...@vger.kernel.org, linu...@vger.kernel.org, net...@vger.kernel.org, syzkall...@googlegroups.com, ti...@suse.de
stems from the fact that port100_send_frame_async() submits two URBs,
but port100_send_cmd_sync() only waits for one of them to complete. The
other URB may then still be active when the driver tries to reuse it.
Maybe someone who's more familiar with the port100 driver can fix the
problem.
Alan Stern
syzbot
Oct 22, 2021, 1:46:12 PM10/22/21
to core...@netfilter.org, da...@davemloft.net, edum...@google.com, eli.bi...@gmail.com, f...@strlen.de, gre...@linuxfoundation.org, gusta...@kernel.org, hda...@sina.com, ingr...@epigenesys.com, k.kozl...@gmail.com, kad...@netfilter.org, ku...@kernel.org, linux-...@vger.kernel.org, linu...@vger.kernel.org, net...@vger.kernel.org, netfilt...@vger.kernel.org, pa...@netfilter.org, st...@rowland.harvard.edu, syzkall...@googlegroups.com, thierry...@collabora.com, ti...@suse.de
syzbot suspects this issue was fixed by commit:
commit e9edc188fc76499b0b9bd60364084037f6d03773
Author: Eric Dumazet <edum...@google.com>
Date: Fri Sep 17 22:15:56 2021 +0000
netfilter: conntrack: serialize hash resizes and cleanups
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=1633b4b0b00000
start commit: c84e1efae022 Merge tag 'asm-generic-fixes-5.10-2' of git:/..
git tree: upstream
If the result looks correct, please mark the issue as fixed by replying with:
#syz fix: netfilter: conntrack: serialize hash resizes and cleanups
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
commit e9edc188fc76499b0b9bd60364084037f6d03773
Author: Eric Dumazet <edum...@google.com>
Date: Fri Sep 17 22:15:56 2021 +0000
netfilter: conntrack: serialize hash resizes and cleanups
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=1633b4b0b00000
start commit: c84e1efae022 Merge tag 'asm-generic-fixes-5.10-2' of git:/..
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=7be70951fca93701
dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17c607f1500000
dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0
If the result looks correct, please mark the issue as fixed by replying with:
#syz fix: netfilter: conntrack: serialize hash resizes and cleanups
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot
Oct 25, 2021, 8:51:11 PM10/25/21
to krzysztof...@canonical.com, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
firewalling registered
[ 9.376044][ T1] NET: Registered PF_X25 protocol family
[ 9.377112][ T1] X25: Linux Version 0.2
[ 9.400387][ T1] NET: Registered PF_NETROM protocol family
[ 9.432966][ T1] NET: Registered PF_ROSE protocol family
[ 9.434335][ T1] NET: Registered PF_AX25 protocol family
[ 9.435360][ T1] can: controller area network core
[ 9.436910][ T1] NET: Registered PF_CAN protocol family
[ 9.437853][ T1] can: raw protocol
[ 9.438540][ T1] can: broadcast manager protocol
[ 9.439608][ T1] can: netlink gateway - max_hops=1
[ 9.441094][ T1] can: SAE J1939
[ 9.441749][ T1] can: isotp protocol
[ 9.455279][ T1] Bluetooth: RFCOMM TTY layer initialized
[ 9.456480][ T1] Bluetooth: RFCOMM socket layer initialized
[ 9.457549][ T1] Bluetooth: RFCOMM ver 1.11
[ 9.458576][ T1] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[ 9.459606][ T1] Bluetooth: BNEP filters: protocol multicast
[ 9.460440][ T1] Bluetooth: BNEP socket layer initialized
[ 9.461260][ T1] Bluetooth: CMTP (CAPI Emulation) ver 1.0
[ 9.462113][ T1] Bluetooth: CMTP socket layer initialized
[ 9.462892][ T1] Bluetooth: HIDP (Human Interface Emulation) ver 1.2
[ 9.464090][ T1] Bluetooth: HIDP socket layer initialized
[ 9.469614][ T1] NET: Registered PF_RXRPC protocol family
[ 9.470582][ T1] Key type rxrpc registered
[ 9.471787][ T1] Key type rxrpc_s registered
[ 9.474348][ T1] NET: Registered PF_KCM protocol family
[ 9.475655][ T1] lec:lane_module_init: lec.c: initialized
[ 9.476723][ T1] mpoa:atm_mpoa_init: mpc.c: initialized
[ 9.477732][ T1] l2tp_core: L2TP core driver, V2.0
[ 9.478510][ T1] l2tp_ppp: PPPoL2TP kernel driver, V2.0
[ 9.479307][ T1] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
[ 9.480716][ T1] l2tp_netlink: L2TP netlink interface
[ 9.481945][ T1] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
[ 9.483075][ T1] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3)
[ 9.484695][ T1] NET: Registered PF_PHONET protocol family
[ 9.486221][ T1] 8021q: 802.1Q VLAN Support v1.8
[ 9.496812][ T1] DCCP: Activated CCID 2 (TCP-like)
[ 9.498302][ T1] DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
[ 9.501678][ T1] sctp: Hash tables configured (bind 32/56)
[ 9.504847][ T1] NET: Registered PF_RDS protocol family
[ 9.507042][ T1] Registered RDS/infiniband transport
[ 9.509051][ T1] Registered RDS/tcp transport
[ 9.510178][ T1] tipc: Activated (version 2.0.0)
[ 9.511743][ T1] NET: Registered PF_TIPC protocol family
[ 9.513474][ T1] tipc: Started in single node mode
[ 9.515486][ T1] NET: Registered PF_SMC protocol family
[ 9.517311][ T1] 9pnet: Installing 9P2000 support
[ 9.518482][ T1] NET: Registered PF_CAIF protocol family
[ 9.525613][ T1] NET: Registered PF_IEEE802154 protocol family
[ 9.527091][ T1] Key type dns_resolver registered
[ 9.527871][ T1] Key type ceph registered
[ 9.529512][ T1] libceph: loaded (mon/osd proto 15/24)
[ 9.532782][ T1] batman_adv: B.A.T.M.A.N. advanced 2021.3 (compatibility version 15) loaded
[ 9.534517][ T1] openvswitch: Open vSwitch switching datapath
[ 9.538949][ T1] NET: Registered PF_VSOCK protocol family
[ 9.540080][ T1] mpls_gso: MPLS GSO support
[ 9.548986][ T1] IPI shorthand broadcast: enabled
[ 9.549854][ T1] AVX2 version of gcm_enc/dec engaged.
[ 9.551223][ T1] AES CTR mode by8 optimization enabled
[ 9.555033][ T1] sched_clock: Marking stable (9524066454, 30799358)->(9555336717, -470905)
[ 9.557625][ T1] registered taskstats version 1
[ 9.565299][ T1] Loading compiled-in X.509 certificates
[ 9.569349][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 9.573500][ T1] zswap: loaded using pool lzo/zbud
[ 9.576236][ T1] debug_vm_pgtable: [debug_vm_pgtable ]: Validating architecture page table helpers
[ 10.571635][ T1] Key type ._fscrypt registered
[ 10.572611][ T1] Key type .fscrypt registered
[ 10.573421][ T1] Key type fscrypt-provisioning registered
[ 10.591742][ T1] kAFS: Red Hat AFS client v0.1 registering.
[ 10.593636][ T1] FS-Cache: Netfs 'afs' registered for caching
[ 10.610600][ T1] Btrfs loaded, crc32c=crc32c-intel, zoned=yes, fsverity=yes
[ 10.612647][ T1] Key type big_key registered
[ 10.618360][ T1] Key type encrypted registered
[ 10.619564][ T1] ima: No TPM chip found, activating TPM-bypass!
[ 10.620870][ T1] Loading compiled-in module X.509 certificates
[ 10.622710][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 10.624652][ T1] ima: Allocated hash algorithm: sha256
[ 10.626033][ T1] ima: No architecture policies found
[ 10.627345][ T1] evm: Initialising EVM extended attributes:
[ 10.628498][ T1] evm: security.selinux (disabled)
[ 10.629730][ T1] evm: security.SMACK64
[ 10.630625][ T1] evm: security.SMACK64EXEC
[ 10.631424][ T1] evm: security.SMACK64TRANSMUTE
[ 10.632400][ T1] evm: security.SMACK64MMAP
[ 10.633248][ T1] evm: security.apparmor (disabled)
[ 10.634108][ T1] evm: security.ima
[ 10.634742][ T1] evm: security.capability
[ 10.635641][ T1] evm: HMAC attrs: 0x1
[ 10.706991][ T1] PM: Magic number: 9:659:709
[ 10.707818][ T1] PM: hash matches drivers/base/power/main.c:1434
[ 10.709220][ T1] video4linux radio20: hash matches
[ 10.712784][ T1] printk: console [netcon0] enabled
[ 10.713772][ T1] netconsole: network logging started
[ 10.715108][ T1] gtp: GTP module loaded (pdp ctx size 104 bytes)
[ 10.719561][ T1] rdma_rxe: loaded
[ 10.720840][ T1] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 10.727180][ T1] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 10.728893][ T1] ALSA device list:
[ 10.729682][ T1] #0: Dummy 1
[ 10.730361][ T1] #1: Loopback 1
[ 10.731260][ T1] #2: Virtual MIDI Card 1
[ 10.736285][ T1] md: Waiting for all devices to be available before autodetect
[ 10.739142][ T1] md: If you don't use raid, use raid=noautodetect
[ 10.740308][ T1] md: Autodetecting RAID arrays.
[ 10.741085][ T1] md: autorun ...
[ 10.741809][ T1] md: ... autorun DONE.
[ 10.745606][ T1017] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 10.747749][ T1017] cfg80211: failed to load regulatory.db
[ 10.790564][ T1] EXT4-fs (sda1): mounted filesystem without journal. Opts: (null). Quota mode: none.
[ 10.792561][ T1] VFS: Mounted root (ext4 filesystem) readonly on device 8:1.
[ 10.838295][ T1] devtmpfs: mounted
[ 10.873263][ T1] Freeing unused kernel image (initmem) memory: 3776K
[ 10.886798][ T1] Write protecting the kernel read-only data: 165888k
[ 10.891586][ T1] Freeing unused kernel image (text/rodata gap) memory: 2012K
[ 10.894698][ T1] Freeing unused kernel image (rodata/data gap) memory: 1720K
[ 10.897739][ T1] Run /sbin/init as init process
[ 11.823232][ T1] systemd[1]: systemd 232 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
[ 11.829549][ T1] systemd[1]: Detected virtualization kvm.
[ 11.830672][ T1] systemd[1]: Detected architecture x86-64.
Welcome to [1mDebian GNU/Linux 9 (stretch) [0m!
[ 11.938977][ T1] systemd[1]: Set hostname to <syzkaller>.
[ 12.246307][ T2928] systemd-getty-g (2928) used greatest stack depth: 27152 bytes left
[ 12.262948][ T2927] systemd-system- (2927) used greatest stack depth: 26744 bytes left
[ 12.346052][ T2936] systemd-fstab-g (2936) used greatest stack depth: 25632 bytes left
[ 12.358133][ T2935] selinux-autorel (2935) used greatest stack depth: 25136 bytes left
[ 12.746822][ T1] systemd[1]: Listening on udev Control Socket.
[ [0;32m OK [0m] Listening on udev Control Socket.
[ 12.788654][ T1] systemd[1]: Listening on Journal Socket.
[ [0;32m OK [0m] Listening on Journal Socket.
[ 12.827227][ T1] systemd[1]: Listening on udev Kernel Socket.
[ [0;32m OK [0m] Listening on udev Kernel Socket.
[ 12.872484][ T1] systemd[1]: Set up automount Arbitrary Executable File Formats File System Automount Point.
[ [0;32m OK [0m] Set up automount Arbitrary Executab…rmats File System Automount Point.
[ 12.917047][ T1] systemd[1]: Reached target Swap.
[ [0;32m OK [0m] Reached target Swap.
[ 12.951251][ T1] systemd[1]: Created slice System Slice.
[ [0;32m OK [0m] Created slice System Slice.
Mounting /sys/kernel/config...
Mounting Huge Pages File System...
Starting Remount Root and Kernel File Systems...
Starting Load Kernel Modules...
[ [0;32m OK [0m] Listening on Journal Audit Socket.
[ [0;32m OK [0m] Reached target Slices.
[ 13.226057][ T2944] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none.
Mounting POSIX Message Queue File System...
Starting Create Static Device Nodes in /dev...
Mounting /proc/sys/fs/binfmt_misc...
[ [0;32m OK [0m] Listening on /dev/initctl Compatibility Named Pipe.
[ [0;32m OK [0m] Created slice system-getty.slice.
[ [0;32m OK [0m] Created slice system-serial\x2dgetty.slice.
Mounting /sys/kernel/debug...
[ [0;32m OK [0m] Reached target Remote File Systems.
[ [0;32m OK [0m] Started Dispatch Password Requests to Console Directory Watch.
[ 13.581924][ T2949] systemd-tmpfile (2949) used greatest stack depth: 25056 bytes left
[ [0;32m OK [0m] Listening on Syslog Socket.
[ [0;32m OK [0m] Started Forward Password Requests to Wall Directory Watch.
[ [0;32m OK [0m] Reached target Paths.
[ [0;32m OK [0m] Reached target Encrypted Volumes.
[ [0;32m OK [0m] Listening on Journal Socket (/dev/log).
Starting Journal Service...
[ [0;32m OK [0m] Reached target Sockets.
[ [0;32m OK [0m] Mounted POSIX Message Queue File System.
[ [0;32m OK [0m] Mounted Huge Pages File System.
[ [0;32m OK [0m] Mounted /sys/kernel/debug.
[ [0;32m OK [0m] Mounted /sys/kernel/config.
[ [0;32m OK [0m] Mounted /proc/sys/fs/binfmt_misc.
[ [0;32m OK [0m] Started Remount Root and Kernel File Systems.
[ [0;32m OK [0m] Started Load Kernel Modules.
[ [0;32m OK [0m] Started Create Static Device Nodes in /dev.
Starting udev Kernel Device Manager...
Mounting FUSE Control File System...
Starting Apply Kernel Variables...
[ [0;32m OK [0m] Reached target Local File Systems (Pre).
Starting udev Coldplug all Devices...
Starting Load/Save Random Seed...
[ [0;32m OK [0m] Reached target Local File Systems.
Starting Mark the need to relabel after reboot...
[ [0;32m OK [0m] Mounted FUSE Control File System.
[ [0;32m OK [0m] Started Apply Kernel Variables.
[ [0;32m OK [0m] Started Load/Save Random Seed.
[ [0;32m OK [0m] Started Mark the need to relabel after reboot.
Starting Raise network interfaces...
[ [0;32m OK [0m] Started udev Kernel Device Manager.
[ 15.095038][ T2972] ================================================================================
[ 15.104791][ T2972] UBSAN: object-size-mismatch in net/unix/af_unix.c:977:14
[ 15.112114][ T2972] member access within address 00000000cc14b800 with insufficient space
[ 15.120512][ T2972] for an object of type 'struct sockaddr_un'
[ 15.126496][ T2972] CPU: 1 PID: 2972 Comm: udevadm Not tainted 5.15.0-rc5-next-20211018-syzkaller #0
[ 15.135789][ T2972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 15.145851][ T2972] Call Trace:
[ 15.149141][ T2972] <TASK>
[ 15.152083][ T2972] dump_stack_lvl+0xf6/0x136
[ 15.156719][ T2972] ubsan_type_mismatch_common+0x1de/0x390
[ 15.162628][ T2972] ? unix_autobind+0xfd/0x4d0
[ 15.167335][ T2972] __ubsan_handle_type_mismatch_v1+0x41/0x50
[ 15.173341][ T2972] unix_autobind+0x129/0x4d0
[ 15.178073][ T2972] unix_stream_connect+0x92b/0x1320
[ 15.183291][ T2972] ? smack_socket_connect+0x15a/0x2f0
[ 15.188875][ T2972] ? bpf_lsm_socket_connect+0x5/0x10
[ 15.194172][ T2972] ? security_socket_connect+0x9d/0xb0
[ 15.199654][ T2972] __x64_sys_connect+0xeb/0x140
[ 15.204524][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.210522][ T2972] ? lockdep_hardirqs_on+0x8d/0x130
[ 15.215830][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.221879][ T2972] do_syscall_64+0x3d/0xb0
[ 15.226312][ T2972] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 15.232308][ T2972] RIP: 0033:0x7f058f8e0450
[ 15.236821][ T2972] Code: 73 01 c3 48 8b 0d 58 7b 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 79 bf 20 00 00 75 10 b8 2a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 0e fa ff ff 48 89 04 24
[ 15.256644][ T2972] RSP: 002b:00007ffe54020b58 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 15.265160][ T2972] RAX: ffffffffffffffda RBX: 000055e0e796a030 RCX: 00007f058f8e0450
[ 15.273141][ T2972] RDX: 0000000000000013 RSI: 000055e0e796a048 RDI: 0000000000000003
[ 15.281821][ T2972] RBP: 00007ffe54020b70 R08: 0000000000000078 R09: 0000000000000000
[ 15.289802][ T2972] R10: 000055e0e796a080 R11: 0000000000000246 R12: 0000000000000078
[ 15.297798][ T2972] R13: 000055e0e647af7f R14: 000055e0e6491000 R15: 0000000000000000
[ 15.305898][ T2972] </TASK>
[ 15.309165][ T2972] ================================================================================
[ 15.318594][ T2972] Kernel panic - not syncing: panic_on_warn set ...
[ 15.325383][ T2972] CPU: 1 PID: 2972 Comm: udevadm Not tainted 5.15.0-rc5-next-20211018-syzkaller #0
[ 15.335111][ T2972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 15.345357][ T2972] Call Trace:
[ 15.348818][ T2972] <TASK>
[ 15.351758][ T2972] dump_stack_lvl+0xd2/0x136
[ 15.356368][ T2972] panic+0x291/0x780
[ 15.360284][ T2972] ? ubsan_type_mismatch_common+0x202/0x390
[ 15.366202][ T2972] ubsan_type_mismatch_common+0x384/0x390
[ 15.371936][ T2972] ? unix_autobind+0xfd/0x4d0
[ 15.376631][ T2972] __ubsan_handle_type_mismatch_v1+0x41/0x50
[ 15.382669][ T2972] unix_autobind+0x129/0x4d0
[ 15.387291][ T2972] unix_stream_connect+0x92b/0x1320
[ 15.392595][ T2972] ? smack_socket_connect+0x15a/0x2f0
[ 15.397990][ T2972] ? bpf_lsm_socket_connect+0x5/0x10
[ 15.403463][ T2972] ? security_socket_connect+0x9d/0xb0
[ 15.409115][ T2972] __x64_sys_connect+0xeb/0x140
[ 15.413985][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.419979][ T2972] ? lockdep_hardirqs_on+0x8d/0x130
[ 15.425204][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.431199][ T2972] do_syscall_64+0x3d/0xb0
[ 15.435899][ T2972] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 15.441807][ T2972] RIP: 0033:0x7f058f8e0450
[ 15.446233][ T2972] Code: 73 01 c3 48 8b 0d 58 7b 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 79 bf 20 00 00 75 10 b8 2a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 0e fa ff ff 48 89 04 24
[ 15.465844][ T2972] RSP: 002b:00007ffe54020b58 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 15.474281][ T2972] RAX: ffffffffffffffda RBX: 000055e0e796a030 RCX: 00007f058f8e0450
[ 15.482355][ T2972] RDX: 0000000000000013 RSI: 000055e0e796a048 RDI: 0000000000000003
[ 15.490522][ T2972] RBP: 00007ffe54020b70 R08: 0000000000000078 R09: 0000000000000000
[ 15.498508][ T2972] R10: 000055e0e796a080 R11: 0000000000000246 R12: 0000000000000078
[ 15.506617][ T2972] R13: 000055e0e647af7f R14: 000055e0e6491000 R15: 0000000000000000
[ 15.514624][ T2972] </TASK>
[ 15.518091][ T2972] Kernel Offset: disabled
[ 15.522749][ T2972] Rebooting in 86400 seconds..
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=133f506f300000
Tested on:
commit: 27078b06 nfc: port100: fix using -ERRNO as command typ..
git tree: https://github.com/krzk/linux.git
kernel config: https://syzkaller.appspot.com/x/.config?x=dd8737caaf90141d
dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0
compiler: Debian clang version 11.0.1-2, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot tried to test the proposed patch but the build/boot failed:
firewalling registered
[ 9.376044][ T1] NET: Registered PF_X25 protocol family
[ 9.377112][ T1] X25: Linux Version 0.2
[ 9.400387][ T1] NET: Registered PF_NETROM protocol family
[ 9.432966][ T1] NET: Registered PF_ROSE protocol family
[ 9.434335][ T1] NET: Registered PF_AX25 protocol family
[ 9.435360][ T1] can: controller area network core
[ 9.436910][ T1] NET: Registered PF_CAN protocol family
[ 9.437853][ T1] can: raw protocol
[ 9.438540][ T1] can: broadcast manager protocol
[ 9.439608][ T1] can: netlink gateway - max_hops=1
[ 9.441094][ T1] can: SAE J1939
[ 9.441749][ T1] can: isotp protocol
[ 9.455279][ T1] Bluetooth: RFCOMM TTY layer initialized
[ 9.456480][ T1] Bluetooth: RFCOMM socket layer initialized
[ 9.457549][ T1] Bluetooth: RFCOMM ver 1.11
[ 9.458576][ T1] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[ 9.459606][ T1] Bluetooth: BNEP filters: protocol multicast
[ 9.460440][ T1] Bluetooth: BNEP socket layer initialized
[ 9.461260][ T1] Bluetooth: CMTP (CAPI Emulation) ver 1.0
[ 9.462113][ T1] Bluetooth: CMTP socket layer initialized
[ 9.462892][ T1] Bluetooth: HIDP (Human Interface Emulation) ver 1.2
[ 9.464090][ T1] Bluetooth: HIDP socket layer initialized
[ 9.469614][ T1] NET: Registered PF_RXRPC protocol family
[ 9.470582][ T1] Key type rxrpc registered
[ 9.471787][ T1] Key type rxrpc_s registered
[ 9.474348][ T1] NET: Registered PF_KCM protocol family
[ 9.475655][ T1] lec:lane_module_init: lec.c: initialized
[ 9.476723][ T1] mpoa:atm_mpoa_init: mpc.c: initialized
[ 9.477732][ T1] l2tp_core: L2TP core driver, V2.0
[ 9.478510][ T1] l2tp_ppp: PPPoL2TP kernel driver, V2.0
[ 9.479307][ T1] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
[ 9.480716][ T1] l2tp_netlink: L2TP netlink interface
[ 9.481945][ T1] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
[ 9.483075][ T1] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3)
[ 9.484695][ T1] NET: Registered PF_PHONET protocol family
[ 9.486221][ T1] 8021q: 802.1Q VLAN Support v1.8
[ 9.496812][ T1] DCCP: Activated CCID 2 (TCP-like)
[ 9.498302][ T1] DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
[ 9.501678][ T1] sctp: Hash tables configured (bind 32/56)
[ 9.504847][ T1] NET: Registered PF_RDS protocol family
[ 9.507042][ T1] Registered RDS/infiniband transport
[ 9.509051][ T1] Registered RDS/tcp transport
[ 9.510178][ T1] tipc: Activated (version 2.0.0)
[ 9.511743][ T1] NET: Registered PF_TIPC protocol family
[ 9.513474][ T1] tipc: Started in single node mode
[ 9.515486][ T1] NET: Registered PF_SMC protocol family
[ 9.517311][ T1] 9pnet: Installing 9P2000 support
[ 9.518482][ T1] NET: Registered PF_CAIF protocol family
[ 9.525613][ T1] NET: Registered PF_IEEE802154 protocol family
[ 9.527091][ T1] Key type dns_resolver registered
[ 9.527871][ T1] Key type ceph registered
[ 9.529512][ T1] libceph: loaded (mon/osd proto 15/24)
[ 9.532782][ T1] batman_adv: B.A.T.M.A.N. advanced 2021.3 (compatibility version 15) loaded
[ 9.534517][ T1] openvswitch: Open vSwitch switching datapath
[ 9.538949][ T1] NET: Registered PF_VSOCK protocol family
[ 9.540080][ T1] mpls_gso: MPLS GSO support
[ 9.548986][ T1] IPI shorthand broadcast: enabled
[ 9.549854][ T1] AVX2 version of gcm_enc/dec engaged.
[ 9.551223][ T1] AES CTR mode by8 optimization enabled
[ 9.555033][ T1] sched_clock: Marking stable (9524066454, 30799358)->(9555336717, -470905)
[ 9.557625][ T1] registered taskstats version 1
[ 9.565299][ T1] Loading compiled-in X.509 certificates
[ 9.569349][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 9.573500][ T1] zswap: loaded using pool lzo/zbud
[ 9.576236][ T1] debug_vm_pgtable: [debug_vm_pgtable ]: Validating architecture page table helpers
[ 10.571635][ T1] Key type ._fscrypt registered
[ 10.572611][ T1] Key type .fscrypt registered
[ 10.573421][ T1] Key type fscrypt-provisioning registered
[ 10.591742][ T1] kAFS: Red Hat AFS client v0.1 registering.
[ 10.593636][ T1] FS-Cache: Netfs 'afs' registered for caching
[ 10.610600][ T1] Btrfs loaded, crc32c=crc32c-intel, zoned=yes, fsverity=yes
[ 10.612647][ T1] Key type big_key registered
[ 10.618360][ T1] Key type encrypted registered
[ 10.619564][ T1] ima: No TPM chip found, activating TPM-bypass!
[ 10.620870][ T1] Loading compiled-in module X.509 certificates
[ 10.622710][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 10.624652][ T1] ima: Allocated hash algorithm: sha256
[ 10.626033][ T1] ima: No architecture policies found
[ 10.627345][ T1] evm: Initialising EVM extended attributes:
[ 10.628498][ T1] evm: security.selinux (disabled)
[ 10.629730][ T1] evm: security.SMACK64
[ 10.630625][ T1] evm: security.SMACK64EXEC
[ 10.631424][ T1] evm: security.SMACK64TRANSMUTE
[ 10.632400][ T1] evm: security.SMACK64MMAP
[ 10.633248][ T1] evm: security.apparmor (disabled)
[ 10.634108][ T1] evm: security.ima
[ 10.634742][ T1] evm: security.capability
[ 10.635641][ T1] evm: HMAC attrs: 0x1
[ 10.706991][ T1] PM: Magic number: 9:659:709
[ 10.707818][ T1] PM: hash matches drivers/base/power/main.c:1434
[ 10.709220][ T1] video4linux radio20: hash matches
[ 10.712784][ T1] printk: console [netcon0] enabled
[ 10.713772][ T1] netconsole: network logging started
[ 10.715108][ T1] gtp: GTP module loaded (pdp ctx size 104 bytes)
[ 10.719561][ T1] rdma_rxe: loaded
[ 10.720840][ T1] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 10.727180][ T1] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 10.728893][ T1] ALSA device list:
[ 10.729682][ T1] #0: Dummy 1
[ 10.730361][ T1] #1: Loopback 1
[ 10.731260][ T1] #2: Virtual MIDI Card 1
[ 10.736285][ T1] md: Waiting for all devices to be available before autodetect
[ 10.739142][ T1] md: If you don't use raid, use raid=noautodetect
[ 10.740308][ T1] md: Autodetecting RAID arrays.
[ 10.741085][ T1] md: autorun ...
[ 10.741809][ T1] md: ... autorun DONE.
[ 10.745606][ T1017] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 10.747749][ T1017] cfg80211: failed to load regulatory.db
[ 10.790564][ T1] EXT4-fs (sda1): mounted filesystem without journal. Opts: (null). Quota mode: none.
[ 10.792561][ T1] VFS: Mounted root (ext4 filesystem) readonly on device 8:1.
[ 10.838295][ T1] devtmpfs: mounted
[ 10.873263][ T1] Freeing unused kernel image (initmem) memory: 3776K
[ 10.886798][ T1] Write protecting the kernel read-only data: 165888k
[ 10.891586][ T1] Freeing unused kernel image (text/rodata gap) memory: 2012K
[ 10.894698][ T1] Freeing unused kernel image (rodata/data gap) memory: 1720K
[ 10.897739][ T1] Run /sbin/init as init process
[ 11.823232][ T1] systemd[1]: systemd 232 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
[ 11.829549][ T1] systemd[1]: Detected virtualization kvm.
[ 11.830672][ T1] systemd[1]: Detected architecture x86-64.
Welcome to [1mDebian GNU/Linux 9 (stretch) [0m!
[ 11.938977][ T1] systemd[1]: Set hostname to <syzkaller>.
[ 12.246307][ T2928] systemd-getty-g (2928) used greatest stack depth: 27152 bytes left
[ 12.262948][ T2927] systemd-system- (2927) used greatest stack depth: 26744 bytes left
[ 12.346052][ T2936] systemd-fstab-g (2936) used greatest stack depth: 25632 bytes left
[ 12.358133][ T2935] selinux-autorel (2935) used greatest stack depth: 25136 bytes left
[ 12.746822][ T1] systemd[1]: Listening on udev Control Socket.
[ [0;32m OK [0m] Listening on udev Control Socket.
[ 12.788654][ T1] systemd[1]: Listening on Journal Socket.
[ [0;32m OK [0m] Listening on Journal Socket.
[ 12.827227][ T1] systemd[1]: Listening on udev Kernel Socket.
[ [0;32m OK [0m] Listening on udev Kernel Socket.
[ 12.872484][ T1] systemd[1]: Set up automount Arbitrary Executable File Formats File System Automount Point.
[ [0;32m OK [0m] Set up automount Arbitrary Executab…rmats File System Automount Point.
[ 12.917047][ T1] systemd[1]: Reached target Swap.
[ [0;32m OK [0m] Reached target Swap.
[ 12.951251][ T1] systemd[1]: Created slice System Slice.
[ [0;32m OK [0m] Created slice System Slice.
Mounting /sys/kernel/config...
Mounting Huge Pages File System...
Starting Remount Root and Kernel File Systems...
Starting Load Kernel Modules...
[ [0;32m OK [0m] Listening on Journal Audit Socket.
[ [0;32m OK [0m] Reached target Slices.
[ 13.226057][ T2944] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none.
Mounting POSIX Message Queue File System...
Starting Create Static Device Nodes in /dev...
Mounting /proc/sys/fs/binfmt_misc...
[ [0;32m OK [0m] Listening on /dev/initctl Compatibility Named Pipe.
[ [0;32m OK [0m] Created slice system-getty.slice.
[ [0;32m OK [0m] Created slice system-serial\x2dgetty.slice.
Mounting /sys/kernel/debug...
[ [0;32m OK [0m] Reached target Remote File Systems.
[ [0;32m OK [0m] Started Dispatch Password Requests to Console Directory Watch.
[ 13.581924][ T2949] systemd-tmpfile (2949) used greatest stack depth: 25056 bytes left
[ [0;32m OK [0m] Listening on Syslog Socket.
[ [0;32m OK [0m] Started Forward Password Requests to Wall Directory Watch.
[ [0;32m OK [0m] Reached target Paths.
[ [0;32m OK [0m] Reached target Encrypted Volumes.
[ [0;32m OK [0m] Listening on Journal Socket (/dev/log).
Starting Journal Service...
[ [0;32m OK [0m] Reached target Sockets.
[ [0;32m OK [0m] Mounted POSIX Message Queue File System.
[ [0;32m OK [0m] Mounted Huge Pages File System.
[ [0;32m OK [0m] Mounted /sys/kernel/debug.
[ [0;32m OK [0m] Mounted /sys/kernel/config.
[ [0;32m OK [0m] Mounted /proc/sys/fs/binfmt_misc.
[ [0;32m OK [0m] Started Remount Root and Kernel File Systems.
[ [0;32m OK [0m] Started Load Kernel Modules.
[ [0;32m OK [0m] Started Create Static Device Nodes in /dev.
Starting udev Kernel Device Manager...
Mounting FUSE Control File System...
Starting Apply Kernel Variables...
[ [0;32m OK [0m] Reached target Local File Systems (Pre).
Starting udev Coldplug all Devices...
Starting Load/Save Random Seed...
[ [0;32m OK [0m] Reached target Local File Systems.
Starting Mark the need to relabel after reboot...
[ [0;32m OK [0m] Mounted FUSE Control File System.
[ [0;32m OK [0m] Started Apply Kernel Variables.
[ [0;32m OK [0m] Started Load/Save Random Seed.
[ [0;32m OK [0m] Started Mark the need to relabel after reboot.
Starting Raise network interfaces...
[ [0;32m OK [0m] Started udev Kernel Device Manager.
[ 15.095038][ T2972] ================================================================================
[ 15.104791][ T2972] UBSAN: object-size-mismatch in net/unix/af_unix.c:977:14
[ 15.112114][ T2972] member access within address 00000000cc14b800 with insufficient space
[ 15.120512][ T2972] for an object of type 'struct sockaddr_un'
[ 15.126496][ T2972] CPU: 1 PID: 2972 Comm: udevadm Not tainted 5.15.0-rc5-next-20211018-syzkaller #0
[ 15.135789][ T2972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 15.145851][ T2972] Call Trace:
[ 15.149141][ T2972] <TASK>
[ 15.152083][ T2972] dump_stack_lvl+0xf6/0x136
[ 15.156719][ T2972] ubsan_type_mismatch_common+0x1de/0x390
[ 15.162628][ T2972] ? unix_autobind+0xfd/0x4d0
[ 15.167335][ T2972] __ubsan_handle_type_mismatch_v1+0x41/0x50
[ 15.173341][ T2972] unix_autobind+0x129/0x4d0
[ 15.178073][ T2972] unix_stream_connect+0x92b/0x1320
[ 15.183291][ T2972] ? smack_socket_connect+0x15a/0x2f0
[ 15.188875][ T2972] ? bpf_lsm_socket_connect+0x5/0x10
[ 15.194172][ T2972] ? security_socket_connect+0x9d/0xb0
[ 15.199654][ T2972] __x64_sys_connect+0xeb/0x140
[ 15.204524][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.210522][ T2972] ? lockdep_hardirqs_on+0x8d/0x130
[ 15.215830][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.221879][ T2972] do_syscall_64+0x3d/0xb0
[ 15.226312][ T2972] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 15.232308][ T2972] RIP: 0033:0x7f058f8e0450
[ 15.236821][ T2972] Code: 73 01 c3 48 8b 0d 58 7b 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 79 bf 20 00 00 75 10 b8 2a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 0e fa ff ff 48 89 04 24
[ 15.256644][ T2972] RSP: 002b:00007ffe54020b58 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 15.265160][ T2972] RAX: ffffffffffffffda RBX: 000055e0e796a030 RCX: 00007f058f8e0450
[ 15.273141][ T2972] RDX: 0000000000000013 RSI: 000055e0e796a048 RDI: 0000000000000003
[ 15.281821][ T2972] RBP: 00007ffe54020b70 R08: 0000000000000078 R09: 0000000000000000
[ 15.289802][ T2972] R10: 000055e0e796a080 R11: 0000000000000246 R12: 0000000000000078
[ 15.297798][ T2972] R13: 000055e0e647af7f R14: 000055e0e6491000 R15: 0000000000000000
[ 15.305898][ T2972] </TASK>
[ 15.309165][ T2972] ================================================================================
[ 15.318594][ T2972] Kernel panic - not syncing: panic_on_warn set ...
[ 15.325383][ T2972] CPU: 1 PID: 2972 Comm: udevadm Not tainted 5.15.0-rc5-next-20211018-syzkaller #0
[ 15.335111][ T2972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 15.345357][ T2972] Call Trace:
[ 15.348818][ T2972] <TASK>
[ 15.351758][ T2972] dump_stack_lvl+0xd2/0x136
[ 15.356368][ T2972] panic+0x291/0x780
[ 15.360284][ T2972] ? ubsan_type_mismatch_common+0x202/0x390
[ 15.366202][ T2972] ubsan_type_mismatch_common+0x384/0x390
[ 15.371936][ T2972] ? unix_autobind+0xfd/0x4d0
[ 15.376631][ T2972] __ubsan_handle_type_mismatch_v1+0x41/0x50
[ 15.382669][ T2972] unix_autobind+0x129/0x4d0
[ 15.387291][ T2972] unix_stream_connect+0x92b/0x1320
[ 15.392595][ T2972] ? smack_socket_connect+0x15a/0x2f0
[ 15.397990][ T2972] ? bpf_lsm_socket_connect+0x5/0x10
[ 15.403463][ T2972] ? security_socket_connect+0x9d/0xb0
[ 15.409115][ T2972] __x64_sys_connect+0xeb/0x140
[ 15.413985][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.419979][ T2972] ? lockdep_hardirqs_on+0x8d/0x130
[ 15.425204][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.431199][ T2972] do_syscall_64+0x3d/0xb0
[ 15.435899][ T2972] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 15.441807][ T2972] RIP: 0033:0x7f058f8e0450
[ 15.446233][ T2972] Code: 73 01 c3 48 8b 0d 58 7b 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 79 bf 20 00 00 75 10 b8 2a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 0e fa ff ff 48 89 04 24
[ 15.465844][ T2972] RSP: 002b:00007ffe54020b58 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 15.474281][ T2972] RAX: ffffffffffffffda RBX: 000055e0e796a030 RCX: 00007f058f8e0450
[ 15.482355][ T2972] RDX: 0000000000000013 RSI: 000055e0e796a048 RDI: 0000000000000003
[ 15.490522][ T2972] RBP: 00007ffe54020b70 R08: 0000000000000078 R09: 0000000000000000
[ 15.498508][ T2972] R10: 000055e0e796a080 R11: 0000000000000246 R12: 0000000000000078
[ 15.506617][ T2972] R13: 000055e0e647af7f R14: 000055e0e6491000 R15: 0000000000000000
[ 15.514624][ T2972] </TASK>
[ 15.518091][ T2972] Kernel Offset: disabled
[ 15.522749][ T2972] Rebooting in 86400 seconds..
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=133f506f300000
Tested on:
commit: 27078b06 nfc: port100: fix using -ERRNO as command typ..
git tree: https://github.com/krzk/linux.git
kernel config: https://syzkaller.appspot.com/x/.config?x=dd8737caaf90141d
dashboard link: https://syzkaller.appspot.com/bug?extid=dbec6695a6565a9c6bc0
compiler: Debian clang version 11.0.1-2, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot
Oct 25, 2021, 9:10:10 PM10/25/21
to krzysztof...@canonical.com, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
PACKET protocol family
syzbot tried to test the proposed patch but the build/boot failed:
[ 9.354334][ T1] NET: Registered PF_KEY protocol family
[ 9.356001][ T1] Bridge firewalling registered
[ 9.358019][ T1] NET: Registered PF_X25 protocol family
[ 9.359575][ T1] X25: Linux Version 0.2
[ 9.384132][ T1] NET: Registered PF_NETROM protocol family
[ 9.415614][ T1] NET: Registered PF_ROSE protocol family
[ 9.417461][ T1] NET: Registered PF_AX25 protocol family
[ 9.419262][ T1] can: controller area network core
[ 9.420862][ T1] NET: Registered PF_CAN protocol family
[ 9.421929][ T1] can: raw protocol
[ 9.422965][ T1] can: broadcast manager protocol
[ 9.424028][ T1] can: netlink gateway - max_hops=1
[ 9.426911][ T1] can: SAE J1939
[ 9.427862][ T1] can: isotp protocol
[ 9.434351][ T1] Bluetooth: RFCOMM TTY layer initialized
[ 9.436013][ T1] Bluetooth: RFCOMM socket layer initialized
[ 9.437130][ T1] Bluetooth: RFCOMM ver 1.11
[ 9.438357][ T1] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[ 9.439688][ T1] Bluetooth: BNEP filters: protocol multicast
[ 9.440709][ T1] Bluetooth: BNEP socket layer initialized
[ 9.442140][ T1] Bluetooth: CMTP (CAPI Emulation) ver 1.0
[ 9.443368][ T1] Bluetooth: CMTP socket layer initialized
[ 9.445002][ T1] Bluetooth: HIDP (Human Interface Emulation) ver 1.2
[ 9.446222][ T1] Bluetooth: HIDP socket layer initialized
[ 9.451759][ T1] NET: Registered PF_RXRPC protocol family
[ 9.453013][ T1] Key type rxrpc registered
[ 9.454062][ T1] Key type rxrpc_s registered
[ 9.456498][ T1] NET: Registered PF_KCM protocol family
[ 9.459514][ T1] lec:lane_module_init: lec.c: initialized
[ 9.460931][ T1] mpoa:atm_mpoa_init: mpc.c: initialized
[ 9.462093][ T1] l2tp_core: L2TP core driver, V2.0
[ 9.463094][ T1] l2tp_ppp: PPPoL2TP kernel driver, V2.0
[ 9.464095][ T1] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
[ 9.465672][ T1] l2tp_netlink: L2TP netlink interface
[ 9.466677][ T1] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
[ 9.468451][ T1] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3)
[ 9.471418][ T1] NET: Registered PF_PHONET protocol family
[ 9.474425][ T1] 8021q: 802.1Q VLAN Support v1.8
[ 9.485143][ T1] DCCP: Activated CCID 2 (TCP-like)
[ 9.486965][ T1] DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
[ 9.491044][ T1] sctp: Hash tables configured (bind 32/56)
[ 9.494329][ T1] NET: Registered PF_RDS protocol family
[ 9.496670][ T1] Registered RDS/infiniband transport
[ 9.499290][ T1] Registered RDS/tcp transport
[ 9.500249][ T1] tipc: Activated (version 2.0.0)
[ 9.501752][ T1] NET: Registered PF_TIPC protocol family
[ 9.503482][ T1] tipc: Started in single node mode
[ 9.505150][ T1] NET: Registered PF_SMC protocol family
[ 9.506568][ T1] 9pnet: Installing 9P2000 support
[ 9.507964][ T1] NET: Registered PF_CAIF protocol family
[ 9.514176][ T1] NET: Registered PF_IEEE802154 protocol family
[ 9.515753][ T1] Key type dns_resolver registered
[ 9.516527][ T1] Key type ceph registered
[ 9.518586][ T1] libceph: loaded (mon/osd proto 15/24)
[ 9.521977][ T1] batman_adv: B.A.T.M.A.N. advanced 2021.3 (compatibility version 15) loaded
[ 9.523422][ T1] openvswitch: Open vSwitch switching datapath
[ 9.527616][ T1] NET: Registered PF_VSOCK protocol family
[ 9.528997][ T1] mpls_gso: MPLS GSO support
[ 9.537325][ T1] IPI shorthand broadcast: enabled
[ 9.538563][ T1] AVX2 version of gcm_enc/dec engaged.
[ 9.539915][ T1] AES CTR mode by8 optimization enabled
[ 9.544277][ T1] sched_clock: Marking stable (9512435042, 31671594)->(9550947162, -6840526)
[ 9.547186][ T1] registered taskstats version 1
[ 9.555485][ T1] Loading compiled-in X.509 certificates
[ 9.560117][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 9.564931][ T1] zswap: loaded using pool lzo/zbud
[ 9.568184][ T1] debug_vm_pgtable: [debug_vm_pgtable ]: Validating architecture page table helpers
[ 10.606464][ T1] Key type ._fscrypt registered
[ 10.607626][ T1] Key type .fscrypt registered
[ 10.608814][ T1] Key type fscrypt-provisioning registered
[ 10.615189][ T1] kAFS: Red Hat AFS client v0.1 registering.
[ 10.617087][ T1] FS-Cache: Netfs 'afs' registered for caching
[ 10.632838][ T1] Btrfs loaded, crc32c=crc32c-intel, zoned=yes, fsverity=yes
[ 10.635304][ T1] Key type big_key registered
[ 10.641131][ T1] Key type encrypted registered
[ 10.642607][ T1] ima: No TPM chip found, activating TPM-bypass!
[ 10.644151][ T1] Loading compiled-in module X.509 certificates
[ 10.646937][ T1] Loaded X.509 cert 'Build time autogenerated kernel key: f850c787ad998c396ae089c083b940ff0a9abb77'
[ 10.649853][ T1] ima: Allocated hash algorithm: sha256
[ 10.651733][ T1] ima: No architecture policies found
[ 10.653408][ T1] evm: Initialising EVM extended attributes:
[ 10.655075][ T1] evm: security.selinux (disabled)
[ 10.656286][ T1] evm: security.SMACK64
[ 10.657348][ T1] evm: security.SMACK64EXEC
[ 10.658422][ T1] evm: security.SMACK64TRANSMUTE
[ 10.659906][ T1] evm: security.SMACK64MMAP
[ 10.661291][ T1] evm: security.apparmor (disabled)
[ 10.662911][ T1] evm: security.ima
[ 10.664063][ T1] evm: security.capability
[ 10.665129][ T1] evm: HMAC attrs: 0x1
[ 10.765011][ T1] PM: Magic number: 9:44:4
[ 10.766523][ T1] misc binder25: hash matches
[ 10.770887][ T1] tty ttybf: hash matches
[ 10.774999][ T1] printk: console [netcon0] enabled
[ 10.776620][ T1] netconsole: network logging started
[ 10.779130][ T1] gtp: GTP module loaded (pdp ctx size 104 bytes)
[ 10.783581][ T1] rdma_rxe: loaded
[ 10.785343][ T1] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 10.792207][ T1] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 10.795280][ T1] ALSA device list:
[ 10.796381][ T1] #0: Dummy 1
[ 10.797377][ T1] #1: Loopback 1
[ 10.798451][ T1] #2: Virtual MIDI Card 1
[ 10.804537][ T5] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 10.808653][ T5] cfg80211: failed to load regulatory.db
[ 10.810374][ T1] md: Waiting for all devices to be available before autodetect
[ 10.812324][ T1] md: If you don't use raid, use raid=noautodetect
[ 10.813640][ T1] md: Autodetecting RAID arrays.
[ 10.814958][ T1] md: autorun ...
[ 10.815772][ T1] md: ... autorun DONE.
[ 10.861158][ T1] EXT4-fs (sda1): mounted filesystem without journal. Opts: (null). Quota mode: none.
[ 10.863186][ T1] VFS: Mounted root (ext4 filesystem) readonly on device 8:1.
[ 10.902816][ T1] devtmpfs: mounted
[ 10.934724][ T1] Freeing unused kernel image (initmem) memory: 3788K
[ 10.936424][ T1] Write protecting the kernel read-only data: 165888k
[ 10.941495][ T1] Freeing unused kernel image (text/rodata gap) memory: 2012K
[ 10.944552][ T1] Freeing unused kernel image (rodata/data gap) memory: 1716K
[ 10.947415][ T1] Run /sbin/init as init process
[ 11.571899][ T2925] ext4lazyinit (2925) used greatest stack depth: 27936 bytes left
[ 12.078348][ T1] systemd[1]: systemd 232 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
[ 12.083645][ T1] systemd[1]: Detected virtualization kvm.
[ 12.084584][ T1] systemd[1]: Detected architecture x86-64.
Welcome to [1mDebian GNU/Linux 9 (stretch) [0m!
[ 12.496906][ T2928] systemd-getty-g (2928) used greatest stack depth: 27168 bytes left
[ 12.564172][ T2935] selinux-autorel (2935) used greatest stack depth: 25568 bytes left
[ 13.034707][ T1] systemd[1]: Started Forward Password Requests to Wall Directory Watch.
[ [0;32m OK [0m] Started Forward Password Requests to Wall Directory Watch.
[ 13.077932][ T1] systemd[1]: Reached target Swap.
[ [0;32m OK [0m] Reached target Swap.
[ 13.110020][ T1] systemd[1]: Listening on /dev/initctl Compatibility Named Pipe.
[ [0;32m OK [0m] Listening on /dev/initctl Compatibility Named Pipe.
[ 13.147917][ T1] systemd[1]: Reached target Remote File Systems.
[ [0;32m OK [0m] Reached target Remote File Systems.
[ 13.189499][ T1] systemd[1]: Listening on Journal Socket (/dev/log).
[ [0;32m OK [0m] Listening on Journal Socket (/dev/log).
[ 13.229293][ T1] systemd[1]: Listening on Journal Socket.
[ [0;32m OK [0m] Listening on Journal Socket.
[ [0;32m OK [0m] Listening on Syslog Socket.
[ [0;32m OK [0m] Listening on Journal Audit Socket.
[ [0;32m OK [0m] Set up automount Arbitrary Executab…rmats File System Automount Point.
[ [0;32m OK [0m] Listening on udev Control Socket.
[ [0;32m OK [0m] Listening on udev Kernel Socket.
[ [0;32m OK [0m] Reached target Sockets.
[ [0;32m OK [0m] Created slice System Slice.
[ [0;32m OK [0m] Created slice system-getty.slice.
[ [0;32m OK [0m] Created slice system-serial\x2dgetty.slice.
[ [0;32m OK [0m] Created slice system-serial\x2dgetty.slice.
Mounting POSIX Message Queue File System...
Mounting /sys/kernel/config...
Starting Load Kernel Modules...
Starting Journal Service...
Mounting Huge Pages File System...
[ [0;32m OK [0m] Reached target Slices.
Mounting /proc/sys/fs/binfmt_misc...
Mounting /sys/kernel/debug...
Starting Remount Root and Kernel File Systems...
Starting Create Static Device Nodes in /dev...
[ [0;32m OK [0m] Started Dispatch Password Requests to Console Directory Watch.
[ [0;32m OK [0m] Reached target Paths.
[ [0;32m OK [0m] Reached target Encrypted Volumes.
[ 14.157781][ T2954] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none.
[ [0;32m OK [0m] Reached target Encrypted Volumes.
[ [0;32m OK [0m] Mounted POSIX Message Queue File System.
[ [0;32m OK [0m] Mounted Huge Pages File System.
[ [0;32m OK [0m] Mounted /sys/kernel/debug.
[ [0;32m OK [0m] Mounted /sys/kernel/config.
[ [0;32m OK [0m] Mounted /proc/sys/fs/binfmt_misc.
[ [0;32m OK [0m] Started Load Kernel Modules.
[ [0;32m OK [0m] Mounted Huge Pages File System.
[ [0;32m OK [0m] Mounted /sys/kernel/debug.
[ [0;32m OK [0m] Mounted /sys/kernel/config.
[ [0;32m OK [0m] Mounted /proc/sys/fs/binfmt_misc.
[ 14.378744][ T2953] systemd-tmpfile (2953) used greatest stack depth: 24960 bytes left
[ [0;32m OK [0m] Started Remount Root and Kernel File Systems.
[ [0;32m OK [0m] Started Create Static Device Nodes in /dev.
Starting udev Kernel Device Manager...
Starting udev Kernel Device Manager...
Starting udev Coldplug all Devices...
Starting Load/Save Random Seed...
[ [0;32m OK [0m] Reached target Local File Systems (Pre).
Starting Load/Save Random Seed...
Starting Apply Kernel Variables...
Mounting FUSE Control File System...
[ [0;32m OK [0m] Reached target Local File Systems.
Starting Mark the need to relabel after reboot...
[ [0;32m OK [0m] Mounted FUSE Control File System.
Starting Mark the need to relabel after reboot...
[ [0;32m OK [0m] Mounted FUSE Control File System.
[ [0;32m OK [0m] Started Load/Save Random Seed.
[ [0;32m OK [0m] Started Apply Kernel Variables.
[ [0;32m OK [0m] Started Mark the need to relabel after reboot.
[ [0;32m OK [0m] Started Apply Kernel Variables.
[ [0;32m OK [0m] Started Mark the need to relabel after reboot.
[ [0;32m OK [0m] Started udev Kernel Device Manager.
Starting Raise network interfaces...
[ 15.616728][ T2972] ================================================================================
[ 15.626510][ T2972] UBSAN: object-size-mismatch in net/unix/af_unix.c:977:14
[ 15.633781][ T2972] member access within address 00000000ab2f06c4 with insufficient space
[ 15.642171][ T2972] for an object of type 'struct sockaddr_un'
[ 15.648633][ T2972] CPU: 1 PID: 2972 Comm: udevadm Not tainted 5.15.0-rc6-next-20211025-syzkaller #0
[ 15.657917][ T2972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 15.667971][ T2972] Call Trace:
[ 15.671259][ T2972] <TASK>
[ 15.674192][ T2972] dump_stack_lvl+0xf6/0x136
[ 15.678810][ T2972] ubsan_type_mismatch_common+0x1de/0x390
[ 15.684540][ T2972] ? unix_autobind+0xfd/0x4d0
[ 15.689241][ T2972] __ubsan_handle_type_mismatch_v1+0x41/0x50
[ 15.695233][ T2972] unix_autobind+0x129/0x4d0
[ 15.699936][ T2972] unix_stream_connect+0x92b/0x1320
[ 15.705141][ T2972] ? smack_socket_connect+0x15a/0x2f0
[ 15.710533][ T2972] ? bpf_lsm_socket_connect+0x5/0x10
[ 15.715849][ T2972] ? security_socket_connect+0x9d/0xb0
[ 15.721333][ T2972] __x64_sys_connect+0xeb/0x140
[ 15.726210][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.732200][ T2972] ? lockdep_hardirqs_on+0x8d/0x130
[ 15.737409][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.743404][ T2972] do_syscall_64+0x3d/0xb0
[ 15.747833][ T2972] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 15.753847][ T2972] RIP: 0033:0x7fc8d2867450
[ 15.758270][ T2972] Code: 73 01 c3 48 8b 0d 58 7b 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 79 bf 20 00 00 75 10 b8 2a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 0e fa ff ff 48 89 04 24
[ 15.777970][ T2972] RSP: 002b:00007ffdc19f7b18 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 15.786391][ T2972] RAX: ffffffffffffffda RBX: 000056527d29f030 RCX: 00007fc8d2867450
[ 15.794377][ T2972] RDX: 0000000000000013 RSI: 000056527d29f048 RDI: 0000000000000003
[ 15.802359][ T2972] RBP: 00007ffdc19f7b30 R08: 0000000000000078 R09: 0000000000000000
[ 15.810336][ T2972] R10: 000056527d29f080 R11: 0000000000000246 R12: 0000000000000078
[ 15.818317][ T2972] R13: 000056527bfb8f7f R14: 000056527bfcf000 R15: 0000000000000000
[ 15.826416][ T2972] </TASK>
[ 15.829502][ T2972] ================================================================================
[ 15.838861][ T2972] Kernel panic - not syncing: panic_on_warn set ...
[ 15.845442][ T2972] CPU: 1 PID: 2972 Comm: udevadm Not tainted 5.15.0-rc6-next-20211025-syzkaller #0
[ 15.854900][ T2972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 15.864958][ T2972] Call Trace:
[ 15.868237][ T2972] <TASK>
[ 15.871173][ T2972] dump_stack_lvl+0xd2/0x136
[ 15.875783][ T2972] panic+0x291/0x780
[ 15.879689][ T2972] ? ubsan_type_mismatch_common+0x202/0x390
[ 15.885722][ T2972] ubsan_type_mismatch_common+0x384/0x390
[ 15.891447][ T2972] ? unix_autobind+0xfd/0x4d0
[ 15.896146][ T2972] __ubsan_handle_type_mismatch_v1+0x41/0x50
[ 15.902265][ T2972] unix_autobind+0x129/0x4d0
[ 15.907059][ T2972] unix_stream_connect+0x92b/0x1320
[ 15.912267][ T2972] ? smack_socket_connect+0x15a/0x2f0
[ 15.917734][ T2972] ? bpf_lsm_socket_connect+0x5/0x10
[ 15.923022][ T2972] ? security_socket_connect+0x9d/0xb0
[ 15.928500][ T2972] __x64_sys_connect+0xeb/0x140
[ 15.933370][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.939360][ T2972] ? lockdep_hardirqs_on+0x8d/0x130
[ 15.944569][ T2972] ? syscall_enter_from_user_mode+0x24/0x190
[ 15.950556][ T2972] do_syscall_64+0x3d/0xb0
[ 15.954985][ T2972] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 15.960886][ T2972] RIP: 0033:0x7fc8d2867450
[ 15.965302][ T2972] Code: 73 01 c3 48 8b 0d 58 7b 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 79 bf 20 00 00 75 10 b8 2a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 0e fa ff ff 48 89 04 24
[ 15.984915][ T2972] RSP: 002b:00007ffdc19f7b18 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 15.993344][ T2972] RAX: ffffffffffffffda RBX: 000056527d29f030 RCX: 00007fc8d2867450
[ 16.001347][ T2972] RDX: 0000000000000013 RSI: 000056527d29f048 RDI: 0000000000000003
[ 16.009324][ T2972] RBP: 00007ffdc19f7b30 R08: 0000000000000078 R09: 0000000000000000
[ 16.017425][ T2972] R10: 000056527d29f080 R11: 0000000000000246 R12: 0000000000000078
[ 16.025504][ T2972] R13: 000056527bfb8f7f R14: 000056527bfcf000 R15: 0000000000000000
[ 16.033500][ T2972] </TASK>
[ 16.037017][ T2972] Kernel Offset: disabled
[ 16.041514][ T2972] Rebooting in 86400 seconds..
Error text is too large and was truncated, full error text is at:
Tested on:
commit: 9ae1fbde Add linux-next specific files for 20211025
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
kernel config: https://syzkaller.appspot.com/x/.config?x=7d93f5a4da486e9
syzbot
Oct 2, 2022, 8:50:31 PM10/2/22
to syzkall...@googlegroups.com
Auto-closing this bug as obsolete.
No recent activity, existing reproducers are no longer triggering the issue.
No recent activity, existing reproducers are no longer triggering the issue.
Reply all
Reply to author
Forward
0 new messages