BUG: stored value of X_recv is zero at net/dccp/ccids/ccid3.c:LINE/ccid3_first_li()
6 views
Skip to first unread message
syzbot
Apr 19, 2021, 2:36:21 PM4/19/21
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 2965db2e Linux 4.19.188
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1684e32ed00000
kernel config: https://syzkaller.appspot.com/x/.config?x=66e717310a9b0f81
dashboard link: https://syzkaller.appspot.com/bug?extid=7fd4fec1cef57dc88919
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7fd4fe...@syzkaller.appspotmail.com
ccid3_first_li: No RTT estimate available, using fallback RTT
ccid3_first_li: X_recv==0
BUG: stored value of X_recv is zero at net/dccp/ccids/ccid3.c:698/ccid3_first_li()
CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.19.188-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
ccid3_first_li.cold+0x67/0x17a net/dccp/ccids/ccid3.c:698
tfrc_lh_interval_add+0x5a2/0x850 net/dccp/ccids/lib/loss_interval.c:158
tfrc_rx_handle_loss+0x353/0x1df0 net/dccp/ccids/lib/packet_history.c:341
ccid3_hc_rx_packet_recv+0x38b/0xe90 net/dccp/ccids/ccid3.c:751
ccid_hc_rx_packet_recv net/dccp/ccid.h:185 [inline]
dccp_deliver_input_to_ccids+0xe1/0x260 net/dccp/input.c:180
dccp_rcv_state_process+0x633/0x1870 net/dccp/input.c:690
dccp_v4_do_rcv+0xff/0x1a0 net/dccp/ipv4.c:685
sk_backlog_rcv include/net/sock.h:950 [inline]
__sk_receive_skb+0x350/0xbb0 net/core/sock.c:473
dccp_v4_rcv+0xed8/0x1a60 net/dccp/ipv4.c:877
ip_local_deliver_finish+0x495/0xc00 net/ipv4/ip_input.c:215
NF_HOOK include/linux/netfilter.h:289 [inline]
ip_local_deliver+0x188/0x500 net/ipv4/ip_input.c:256
dst_input include/net/dst.h:461 [inline]
ip_rcv_finish+0x1ca/0x2e0 net/ipv4/ip_input.c:414
NF_HOOK include/linux/netfilter.h:289 [inline]
ip_rcv+0xca/0x3c0 net/ipv4/ip_input.c:524
__netif_receive_skb_one_core+0x114/0x180 net/core/dev.c:4954
__netif_receive_skb+0x27/0x1c0 net/core/dev.c:5066
process_backlog+0x241/0x700 net/core/dev.c:5848
napi_poll net/core/dev.c:6272 [inline]
net_rx_action+0x4ac/0xfb0 net/core/dev.c:6338
__do_softirq+0x265/0x980 kernel/softirq.c:292
run_ksoftirqd+0x57/0x110 kernel/softirq.c:653
smpboot_thread_fn+0x655/0x9e0 kernel/smpboot.c:164
kthread+0x33f/0x460 kernel/kthread.c:259
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
ptrace attach of "/root/syz-executor.4"[19927] was attempted by "/root/syz-executor.4"[19929]
netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
overlayfs: overlapping lowerdir path
overlayfs: failed to resolve './file1': -2
9pnet: p9_fd_create_unix (20160): problem connecting socket: � q�Y �3aK: -111
EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
EXT4-fs (loop4): mounted filesystem without journal. Opts: nodiscard,grpid,grpquota,resgid=0x0000000000000000,,errors=continue
EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
EXT4-fs (loop4): mounted filesystem without journal. Opts: nodiscard,grpid,grpquota,resgid=0x0000000000000000,,errors=continue
EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
EXT4-fs (loop4): mounted filesystem without journal. Opts: nodiscard,grpid,grpquota,resgid=0x0000000000000000,,errors=continue
ieee802154 phy0 wpan0: encryption failed: -22
ieee802154 phy1 wpan1: encryption failed: -22
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 2965db2e Linux 4.19.188
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1684e32ed00000
kernel config: https://syzkaller.appspot.com/x/.config?x=66e717310a9b0f81
dashboard link: https://syzkaller.appspot.com/bug?extid=7fd4fec1cef57dc88919
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7fd4fe...@syzkaller.appspotmail.com
ccid3_first_li: No RTT estimate available, using fallback RTT
ccid3_first_li: X_recv==0
BUG: stored value of X_recv is zero at net/dccp/ccids/ccid3.c:698/ccid3_first_li()
CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.19.188-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
ccid3_first_li.cold+0x67/0x17a net/dccp/ccids/ccid3.c:698
tfrc_lh_interval_add+0x5a2/0x850 net/dccp/ccids/lib/loss_interval.c:158
tfrc_rx_handle_loss+0x353/0x1df0 net/dccp/ccids/lib/packet_history.c:341
ccid3_hc_rx_packet_recv+0x38b/0xe90 net/dccp/ccids/ccid3.c:751
ccid_hc_rx_packet_recv net/dccp/ccid.h:185 [inline]
dccp_deliver_input_to_ccids+0xe1/0x260 net/dccp/input.c:180
dccp_rcv_state_process+0x633/0x1870 net/dccp/input.c:690
dccp_v4_do_rcv+0xff/0x1a0 net/dccp/ipv4.c:685
sk_backlog_rcv include/net/sock.h:950 [inline]
__sk_receive_skb+0x350/0xbb0 net/core/sock.c:473
dccp_v4_rcv+0xed8/0x1a60 net/dccp/ipv4.c:877
ip_local_deliver_finish+0x495/0xc00 net/ipv4/ip_input.c:215
NF_HOOK include/linux/netfilter.h:289 [inline]
ip_local_deliver+0x188/0x500 net/ipv4/ip_input.c:256
dst_input include/net/dst.h:461 [inline]
ip_rcv_finish+0x1ca/0x2e0 net/ipv4/ip_input.c:414
NF_HOOK include/linux/netfilter.h:289 [inline]
ip_rcv+0xca/0x3c0 net/ipv4/ip_input.c:524
__netif_receive_skb_one_core+0x114/0x180 net/core/dev.c:4954
__netif_receive_skb+0x27/0x1c0 net/core/dev.c:5066
process_backlog+0x241/0x700 net/core/dev.c:5848
napi_poll net/core/dev.c:6272 [inline]
net_rx_action+0x4ac/0xfb0 net/core/dev.c:6338
__do_softirq+0x265/0x980 kernel/softirq.c:292
run_ksoftirqd+0x57/0x110 kernel/softirq.c:653
smpboot_thread_fn+0x655/0x9e0 kernel/smpboot.c:164
kthread+0x33f/0x460 kernel/kthread.c:259
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
ptrace attach of "/root/syz-executor.4"[19927] was attempted by "/root/syz-executor.4"[19929]
netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
overlayfs: overlapping lowerdir path
overlayfs: failed to resolve './file1': -2
9pnet: p9_fd_create_unix (20160): problem connecting socket: � q�Y �3aK: -111
EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
EXT4-fs (loop4): mounted filesystem without journal. Opts: nodiscard,grpid,grpquota,resgid=0x0000000000000000,,errors=continue
EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
EXT4-fs (loop4): mounted filesystem without journal. Opts: nodiscard,grpid,grpquota,resgid=0x0000000000000000,,errors=continue
EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
EXT4-fs (loop4): mounted filesystem without journal. Opts: nodiscard,grpid,grpquota,resgid=0x0000000000000000,,errors=continue
ieee802154 phy0 wpan0: encryption failed: -22
ieee802154 phy1 wpan1: encryption failed: -22
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Aug 17, 2021, 2:35:26 PM8/17/21
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages