[v6.1] WARNING in __mptcp_move_skbs_from_subflow
0 views
Skip to first unread message
syzbot
Jan 9, 2024, 1:31:24 PMJan 9
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 38fb82ecd144 Linux 6.1.71
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=17f84105e80000
kernel config: https://syzkaller.appspot.com/x/.config?x=84e74894df2c2c7c
dashboard link: https://syzkaller.appspot.com/bug?extid=0b73d603898998f64cd4
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/7fd38c7b4dfc/disk-38fb82ec.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/501ac6796207/vmlinux-38fb82ec.xz
kernel image: https://storage.googleapis.com/syzbot-assets/e387cffa26b5/Image-38fb82ec.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0b73d6...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 9293 at net/mptcp/protocol.c:703 __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703
Modules linked in:
CPU: 0 PID: 9293 Comm: syz-executor.1 Not tainted 6.1.71-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703
lr : __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703
sp : ffff800021546b80
x29: ffff800021546d00 x28: 0000000000000000 x27: ffff00012224a0b8
x26: ffff0000d420e04c x25: ffff0000d03ecd78 x24: 0000000000000000
x23: dfff800000000000 x22: ffff0000d6f9c85c x21: ffff000122249a10
x20: 00000000000081e5 x19: 0000000000007c80 x18: ffff0000cdf4b810
x17: ffff80019ebf0000 x16: ffff8000084fa820 x15: 0000000000000002
x14: 1ffff00002b040b0 x13: dfff800000000000 x12: 0000000000040000
x11: 0000000000007786 x10: ffff80002637e000 x9 : ffff800012040ca0
x8 : 0000000000007787 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80001203f870
x2 : 0000000000000001 x1 : 00000000000081e5 x0 : 0000000000007c80
Call trace:
__mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703
move_skbs_to_msk net/mptcp/protocol.c:816 [inline]
mptcp_data_ready+0x278/0x670 net/mptcp/protocol.c:861
subflow_data_ready+0x178/0x234 net/mptcp/subflow.c:1350
tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028
tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102
tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028
tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677
sk_backlog_rcv include/net/sock.h:1117 [inline]
__release_sock+0x1a8/0x408 net/core/sock.c:2926
release_sock+0x68/0x1cc net/core/sock.c:3490
__mptcp_push_pending+0x664/0xb54
mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875
inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667
sock_sendmsg_nosec net/socket.c:716 [inline]
__sock_sendmsg net/socket.c:728 [inline]
____sys_sendmsg+0x558/0x844 net/socket.c:2499
___sys_sendmsg net/socket.c:2553 [inline]
__sys_sendmmsg+0x318/0x7d8 net/socket.c:2639
__do_sys_sendmmsg net/socket.c:2668 [inline]
__se_sys_sendmmsg net/socket.c:2665 [inline]
__arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 989
hardirqs last enabled at (987): [<ffff80000897410c>] kasan_quarantine_put+0xdc/0x204 mm/kasan/quarantine.c:242
hardirqs last disabled at (989): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (978): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline]
softirqs last enabled at (978): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline]
softirqs last enabled at (978): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177
softirqs last disabled at (988): [<ffff80001203191c>] spin_lock_bh include/linux/spinlock.h:355 [inline]
softirqs last disabled at (988): [<ffff80001203191c>] mptcp_data_ready+0x258/0x670 net/mptcp/protocol.c:860
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 9293 at net/mptcp/protocol.c:706 __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706
Modules linked in:
CPU: 1 PID: 9293 Comm: syz-executor.1 Tainted: G W 6.1.71-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706
lr : __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706
sp : ffff800021546b80
x29: ffff800021546d00 x28: 0000000000000000 x27: ffff00012224a0b8
x26: ffff0000d420e04c x25: 1fffe0001a07d95e x24: 0000000000000000
x23: dfff800000000000 x22: 1fffe0001a07d963 x21: 00000000ffff7e1b
x20: ffff0000d03ecaf0 x19: 1fffe0001adf3839 x18: ffff8000215468e4
x17: ffff80001581d000 x16: ffff8000084fa820 x15: 0000000000000002
x14: 1ffff00002b040b0 x13: dfff800000000000 x12: 0000000000040000
x11: 000000000003ffff x10: ffff80002637e000 x9 : ffff8000120403f8
x8 : 0000000000040000 x7 : ffff80001203191c x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80000831ce70
x2 : ffff800021546d80 x1 : 00000000ffff7e1b x0 : 0000000000002b9b
Call trace:
__mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706
move_skbs_to_msk net/mptcp/protocol.c:816 [inline]
mptcp_data_ready+0x278/0x670 net/mptcp/protocol.c:861
subflow_data_ready+0x178/0x234 net/mptcp/subflow.c:1350
tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028
tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102
tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028
tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677
sk_backlog_rcv include/net/sock.h:1117 [inline]
__release_sock+0x1a8/0x408 net/core/sock.c:2926
release_sock+0x68/0x1cc net/core/sock.c:3490
__mptcp_push_pending+0x664/0xb54
mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875
inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667
sock_sendmsg_nosec net/socket.c:716 [inline]
__sock_sendmsg net/socket.c:728 [inline]
____sys_sendmsg+0x558/0x844 net/socket.c:2499
___sys_sendmsg net/socket.c:2553 [inline]
__sys_sendmmsg+0x318/0x7d8 net/socket.c:2639
__do_sys_sendmmsg net/socket.c:2668 [inline]
__se_sys_sendmmsg net/socket.c:2665 [inline]
__arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 1371
hardirqs last enabled at (1369): [<ffff8000081c7770>] __local_bh_enable_ip+0x230/0x470 kernel/softirq.c:401
hardirqs last disabled at (1371): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (1368): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline]
softirqs last enabled at (1368): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline]
softirqs last enabled at (1368): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177
softirqs last disabled at (1370): [<ffff80001203191c>] spin_lock_bh include/linux/spinlock.h:355 [inline]
softirqs last disabled at (1370): [<ffff80001203191c>] mptcp_data_ready+0x258/0x670 net/mptcp/protocol.c:860
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 skb_is_fully_mapped net/mptcp/subflow.c:846 [inline]
WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 get_mapping_status net/mptcp/subflow.c:1055 [inline]
WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 subflow_check_data_avail net/mptcp/subflow.c:1184 [inline]
WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287
Modules linked in:
CPU: 1 PID: 9293 Comm: syz-executor.1 Tainted: G W 6.1.71-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : skb_is_fully_mapped net/mptcp/subflow.c:846 [inline]
pc : get_mapping_status net/mptcp/subflow.c:1055 [inline]
pc : subflow_check_data_avail net/mptcp/subflow.c:1184 [inline]
pc : mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287
lr : skb_is_fully_mapped net/mptcp/subflow.c:846 [inline]
lr : get_mapping_status net/mptcp/subflow.c:1055 [inline]
lr : subflow_check_data_avail net/mptcp/subflow.c:1184 [inline]
lr : mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287
sp : ffff800021546c60
x29: ffff800021546dc0 x28: ffff0000c96b8d70 x27: dfff800000000000
x26: ffff0000d420e000 x25: 0000000000000000 x24: 000000000000ade5
x23: 00000000ffff5280 x22: 00000000002401e8 x21: ffff0000d6f9c1b8
x20: dfff800000000000 x19: 00000000e072693d x18: ffff0000d6fc26d0
x17: ffff80019ec10000 x16: ffff8000084fa820 x15: 0000000000000002
x14: 00000000ffff8000 x13: 0000000000000003 x12: 0000000000040000
x11: 000000000003ffff x10: ffff80002637e000 x9 : ffff80001204f114
x8 : 0000000000040000 x7 : 0000000000000000 x6 : 0200000000000002
x5 : ffff0000d307a130 x4 : 0000000000000000 x3 : ffff80001205a4c4
x2 : 0000000000000000 x1 : 00000000ffff5280 x0 : 0000000000000065
Call trace:
skb_is_fully_mapped net/mptcp/subflow.c:846 [inline]
get_mapping_status net/mptcp/subflow.c:1055 [inline]
subflow_check_data_avail net/mptcp/subflow.c:1184 [inline]
mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287
subflow_data_ready+0x164/0x234 net/mptcp/subflow.c:1349
tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028
tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102
tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028
tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677
sk_backlog_rcv include/net/sock.h:1117 [inline]
__release_sock+0x1a8/0x408 net/core/sock.c:2926
release_sock+0x68/0x1cc net/core/sock.c:3490
__mptcp_push_pending+0x664/0xb54
mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875
inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667
sock_sendmsg_nosec net/socket.c:716 [inline]
__sock_sendmsg net/socket.c:728 [inline]
____sys_sendmsg+0x558/0x844 net/socket.c:2499
___sys_sendmsg net/socket.c:2553 [inline]
__sys_sendmmsg+0x318/0x7d8 net/socket.c:2639
__do_sys_sendmmsg net/socket.c:2668 [inline]
__se_sys_sendmmsg net/socket.c:2665 [inline]
__arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 2266
hardirqs last enabled at (2265): [<ffff8000081c7770>] __local_bh_enable_ip+0x230/0x470 kernel/softirq.c:401
hardirqs last disabled at (2266): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (2264): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline]
softirqs last enabled at (2264): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline]
softirqs last enabled at (2264): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177
softirqs last disabled at (2262): [<ffff800012061714>] spin_lock_bh include/linux/spinlock.h:355 [inline]
softirqs last disabled at (2262): [<ffff800012061714>] ack_update_msk net/mptcp/options.c:1028 [inline]
softirqs last disabled at (2262): [<ffff800012061714>] mptcp_incoming_options+0x45c/0x1af4 net/mptcp/options.c:1177
---[ end trace 0000000000000000 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 38fb82ecd144 Linux 6.1.71
git tree: linux-6.1.y
console output: https://syzkaller.appspot.com/x/log.txt?x=17f84105e80000
kernel config: https://syzkaller.appspot.com/x/.config?x=84e74894df2c2c7c
dashboard link: https://syzkaller.appspot.com/bug?extid=0b73d603898998f64cd4
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/7fd38c7b4dfc/disk-38fb82ec.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/501ac6796207/vmlinux-38fb82ec.xz
kernel image: https://storage.googleapis.com/syzbot-assets/e387cffa26b5/Image-38fb82ec.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0b73d6...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 9293 at net/mptcp/protocol.c:703 __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703
Modules linked in:
CPU: 0 PID: 9293 Comm: syz-executor.1 Not tainted 6.1.71-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703
lr : __mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703
sp : ffff800021546b80
x29: ffff800021546d00 x28: 0000000000000000 x27: ffff00012224a0b8
x26: ffff0000d420e04c x25: ffff0000d03ecd78 x24: 0000000000000000
x23: dfff800000000000 x22: ffff0000d6f9c85c x21: ffff000122249a10
x20: 00000000000081e5 x19: 0000000000007c80 x18: ffff0000cdf4b810
x17: ffff80019ebf0000 x16: ffff8000084fa820 x15: 0000000000000002
x14: 1ffff00002b040b0 x13: dfff800000000000 x12: 0000000000040000
x11: 0000000000007786 x10: ffff80002637e000 x9 : ffff800012040ca0
x8 : 0000000000007787 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80001203f870
x2 : 0000000000000001 x1 : 00000000000081e5 x0 : 0000000000007c80
Call trace:
__mptcp_move_skbs_from_subflow+0x224c/0x2334 net/mptcp/protocol.c:703
move_skbs_to_msk net/mptcp/protocol.c:816 [inline]
mptcp_data_ready+0x278/0x670 net/mptcp/protocol.c:861
subflow_data_ready+0x178/0x234 net/mptcp/subflow.c:1350
tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028
tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102
tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028
tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677
sk_backlog_rcv include/net/sock.h:1117 [inline]
__release_sock+0x1a8/0x408 net/core/sock.c:2926
release_sock+0x68/0x1cc net/core/sock.c:3490
__mptcp_push_pending+0x664/0xb54
mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875
inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667
sock_sendmsg_nosec net/socket.c:716 [inline]
__sock_sendmsg net/socket.c:728 [inline]
____sys_sendmsg+0x558/0x844 net/socket.c:2499
___sys_sendmsg net/socket.c:2553 [inline]
__sys_sendmmsg+0x318/0x7d8 net/socket.c:2639
__do_sys_sendmmsg net/socket.c:2668 [inline]
__se_sys_sendmmsg net/socket.c:2665 [inline]
__arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 989
hardirqs last enabled at (987): [<ffff80000897410c>] kasan_quarantine_put+0xdc/0x204 mm/kasan/quarantine.c:242
hardirqs last disabled at (989): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (978): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline]
softirqs last enabled at (978): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline]
softirqs last enabled at (978): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177
softirqs last disabled at (988): [<ffff80001203191c>] spin_lock_bh include/linux/spinlock.h:355 [inline]
softirqs last disabled at (988): [<ffff80001203191c>] mptcp_data_ready+0x258/0x670 net/mptcp/protocol.c:860
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 9293 at net/mptcp/protocol.c:706 __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706
Modules linked in:
CPU: 1 PID: 9293 Comm: syz-executor.1 Tainted: G W 6.1.71-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706
lr : __mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706
sp : ffff800021546b80
x29: ffff800021546d00 x28: 0000000000000000 x27: ffff00012224a0b8
x26: ffff0000d420e04c x25: 1fffe0001a07d95e x24: 0000000000000000
x23: dfff800000000000 x22: 1fffe0001a07d963 x21: 00000000ffff7e1b
x20: ffff0000d03ecaf0 x19: 1fffe0001adf3839 x18: ffff8000215468e4
x17: ffff80001581d000 x16: ffff8000084fa820 x15: 0000000000000002
x14: 1ffff00002b040b0 x13: dfff800000000000 x12: 0000000000040000
x11: 000000000003ffff x10: ffff80002637e000 x9 : ffff8000120403f8
x8 : 0000000000040000 x7 : ffff80001203191c x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80000831ce70
x2 : ffff800021546d80 x1 : 00000000ffff7e1b x0 : 0000000000002b9b
Call trace:
__mptcp_move_skbs_from_subflow+0x19a4/0x2334 net/mptcp/protocol.c:706
move_skbs_to_msk net/mptcp/protocol.c:816 [inline]
mptcp_data_ready+0x278/0x670 net/mptcp/protocol.c:861
subflow_data_ready+0x178/0x234 net/mptcp/subflow.c:1350
tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028
tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102
tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028
tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677
sk_backlog_rcv include/net/sock.h:1117 [inline]
__release_sock+0x1a8/0x408 net/core/sock.c:2926
release_sock+0x68/0x1cc net/core/sock.c:3490
__mptcp_push_pending+0x664/0xb54
mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875
inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667
sock_sendmsg_nosec net/socket.c:716 [inline]
__sock_sendmsg net/socket.c:728 [inline]
____sys_sendmsg+0x558/0x844 net/socket.c:2499
___sys_sendmsg net/socket.c:2553 [inline]
__sys_sendmmsg+0x318/0x7d8 net/socket.c:2639
__do_sys_sendmmsg net/socket.c:2668 [inline]
__se_sys_sendmmsg net/socket.c:2665 [inline]
__arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 1371
hardirqs last enabled at (1369): [<ffff8000081c7770>] __local_bh_enable_ip+0x230/0x470 kernel/softirq.c:401
hardirqs last disabled at (1371): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (1368): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline]
softirqs last enabled at (1368): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline]
softirqs last enabled at (1368): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177
softirqs last disabled at (1370): [<ffff80001203191c>] spin_lock_bh include/linux/spinlock.h:355 [inline]
softirqs last disabled at (1370): [<ffff80001203191c>] mptcp_data_ready+0x258/0x670 net/mptcp/protocol.c:860
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 skb_is_fully_mapped net/mptcp/subflow.c:846 [inline]
WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 get_mapping_status net/mptcp/subflow.c:1055 [inline]
WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 subflow_check_data_avail net/mptcp/subflow.c:1184 [inline]
WARNING: CPU: 1 PID: 9293 at net/mptcp/subflow.c:846 mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287
Modules linked in:
CPU: 1 PID: 9293 Comm: syz-executor.1 Tainted: G W 6.1.71-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : skb_is_fully_mapped net/mptcp/subflow.c:846 [inline]
pc : get_mapping_status net/mptcp/subflow.c:1055 [inline]
pc : subflow_check_data_avail net/mptcp/subflow.c:1184 [inline]
pc : mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287
lr : skb_is_fully_mapped net/mptcp/subflow.c:846 [inline]
lr : get_mapping_status net/mptcp/subflow.c:1055 [inline]
lr : subflow_check_data_avail net/mptcp/subflow.c:1184 [inline]
lr : mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287
sp : ffff800021546c60
x29: ffff800021546dc0 x28: ffff0000c96b8d70 x27: dfff800000000000
x26: ffff0000d420e000 x25: 0000000000000000 x24: 000000000000ade5
x23: 00000000ffff5280 x22: 00000000002401e8 x21: ffff0000d6f9c1b8
x20: dfff800000000000 x19: 00000000e072693d x18: ffff0000d6fc26d0
x17: ffff80019ec10000 x16: ffff8000084fa820 x15: 0000000000000002
x14: 00000000ffff8000 x13: 0000000000000003 x12: 0000000000040000
x11: 000000000003ffff x10: ffff80002637e000 x9 : ffff80001204f114
x8 : 0000000000040000 x7 : 0000000000000000 x6 : 0200000000000002
x5 : ffff0000d307a130 x4 : 0000000000000000 x3 : ffff80001205a4c4
x2 : 0000000000000000 x1 : 00000000ffff5280 x0 : 0000000000000065
Call trace:
skb_is_fully_mapped net/mptcp/subflow.c:846 [inline]
get_mapping_status net/mptcp/subflow.c:1055 [inline]
subflow_check_data_avail net/mptcp/subflow.c:1184 [inline]
mptcp_subflow_data_available+0x1968/0x3468 net/mptcp/subflow.c:1287
subflow_data_ready+0x164/0x234 net/mptcp/subflow.c:1349
tcp_data_ready+0x22c/0x44c net/ipv4/tcp_input.c:5028
tcp_data_queue+0x1cc8/0x53e4 net/ipv4/tcp_input.c:5102
tcp_rcv_established+0xa84/0x1fe0 net/ipv4/tcp_input.c:6028
tcp_v4_do_rcv+0x390/0xb08 net/ipv4/tcp_ipv4.c:1677
sk_backlog_rcv include/net/sock.h:1117 [inline]
__release_sock+0x1a8/0x408 net/core/sock.c:2926
release_sock+0x68/0x1cc net/core/sock.c:3490
__mptcp_push_pending+0x664/0xb54
mptcp_sendmsg+0xc0c/0x13bc net/mptcp/protocol.c:1875
inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:667
sock_sendmsg_nosec net/socket.c:716 [inline]
__sock_sendmsg net/socket.c:728 [inline]
____sys_sendmsg+0x558/0x844 net/socket.c:2499
___sys_sendmsg net/socket.c:2553 [inline]
__sys_sendmmsg+0x318/0x7d8 net/socket.c:2639
__do_sys_sendmmsg net/socket.c:2668 [inline]
__se_sys_sendmmsg net/socket.c:2665 [inline]
__arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2665
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 2266
hardirqs last enabled at (2265): [<ffff8000081c7770>] __local_bh_enable_ip+0x230/0x470 kernel/softirq.c:401
hardirqs last disabled at (2266): [<ffff800012141304>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (2264): [<ffff800012061910>] spin_unlock_bh include/linux/spinlock.h:395 [inline]
softirqs last enabled at (2264): [<ffff800012061910>] ack_update_msk net/mptcp/options.c:1054 [inline]
softirqs last enabled at (2264): [<ffff800012061910>] mptcp_incoming_options+0x658/0x1af4 net/mptcp/options.c:1177
softirqs last disabled at (2262): [<ffff800012061714>] spin_lock_bh include/linux/spinlock.h:355 [inline]
softirqs last disabled at (2262): [<ffff800012061714>] ack_update_msk net/mptcp/options.c:1028 [inline]
softirqs last disabled at (2262): [<ffff800012061714>] mptcp_incoming_options+0x45c/0x1af4 net/mptcp/options.c:1177
---[ end trace 0000000000000000 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Jan 19, 2024, 10:28:22 AMJan 19
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: ddcaf4999061 Linux 5.15.147
syzbot found the following issue on:
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=10c99ec7e80000
kernel config: https://syzkaller.appspot.com/x/.config?x=ab92786ed9f7c373
dashboard link: https://syzkaller.appspot.com/bug?extid=51607525eb758b5715e5
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/9f538e3b5b6b/disk-ddcaf499.raw.xz
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
vmlinux: https://storage.googleapis.com/syzbot-assets/aff958e6c838/vmlinux-ddcaf499.xz
kernel image: https://storage.googleapis.com/syzbot-assets/b812c40b66fa/Image-ddcaf499.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 17559 at net/mptcp/protocol.c:627 __mptcp_move_skbs_from_subflow+0x2b88/0x2c78 net/mptcp/protocol.c:627
Modules linked in:
CPU: 1 PID: 17559 Comm: syz-executor.2 Not tainted 5.15.147-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __mptcp_move_skbs_from_subflow+0x2b88/0x2c78 net/mptcp/protocol.c:627
lr : __mptcp_move_skbs_from_subflow+0x2b88/0x2c78 net/mptcp/protocol.c:627
sp : ffff80001eb956c0
x29: ffff80001eb95840 x28: 0000000000020000 x27: ffff0000fe1493d0
x26: 00000000000004d4 x25: dfff800000000000 x24: 0000000000000000
x23: 0000000000000000 x22: ffff0000fe148d88 x21: ffff0000ff91744c
x20: ffff0001034e9780 x19: 00000000000000b8 x18: 0000000000000102
x17: 0000000000000000 x16: ffff8000084c18ac x15: 0000000000000004
x14: 1ffff0000292406a x13: dfff800000000000 x12: 0000000000000001
x11: 0000000000000303 x10: 0000000000000000 x9 : ffff0000c65cb680
x8 : ffff800011929864 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800011927bd0
x2 : 0000000000000001 x1 : 00000000000004d4 x0 : 00000000000000b8
Call trace:
__mptcp_move_skbs_from_subflow+0x2b88/0x2c78 net/mptcp/protocol.c:627
move_skbs_to_msk net/mptcp/protocol.c:699 [inline]
mptcp_data_ready+0x274/0x5f8 net/mptcp/protocol.c:744
subflow_data_ready+0x198/0x280 net/mptcp/subflow.c:1351
tcp_data_ready+0x22c/0x454 net/ipv4/tcp_input.c:5018
tcp_data_queue+0x1c14/0x5288 net/ipv4/tcp_input.c:5088
tcp_rcv_established+0xa58/0x1f40 net/ipv4/tcp_input.c:5987
tcp_v4_do_rcv+0x340/0xc70 net/ipv4/tcp_ipv4.c:1727
tcp_v4_rcv+0x1fd8/0x2770 net/ipv4/tcp_ipv4.c:2130
ip_protocol_deliver_rcu+0x36c/0x770 net/ipv4/ip_input.c:204
ip_local_deliver_finish+0x1b8/0x30c net/ipv4/ip_input.c:231
NF_HOOK+0x324/0x3d0 include/linux/netfilter.h:302
ip_local_deliver+0x11c/0x190 net/ipv4/ip_input.c:252
dst_input include/net/dst.h:453 [inline]
ip_rcv_finish+0x22c/0x264 net/ipv4/ip_input.c:447
NF_HOOK+0x324/0x3d0 include/linux/netfilter.h:302
ip_rcv+0x78/0x98 net/ipv4/ip_input.c:566
__netif_receive_skb_one_core net/core/dev.c:5485 [inline]
__netif_receive_skb+0x18c/0x400 net/core/dev.c:5599
process_backlog+0x3ec/0x7e0 net/core/dev.c:6476
__napi_poll+0xb4/0x624 net/core/dev.c:7035
napi_poll net/core/dev.c:7102 [inline]
net_rx_action+0x500/0xc10 net/core/dev.c:7189
__do_softirq+0x344/0xdb0 kernel/softirq.c:558
do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
do_softirq+0xf8/0x1ac kernel/softirq.c:459
__local_bh_enable_ip+0x298/0x470 kernel/softirq.c:383
local_bh_enable+0x28/0x1d0 include/linux/bottom_half.h:32
rcu_read_unlock_bh include/linux/rcupdate.h:766 [inline]
ip_finish_output2+0xe78/0x131c net/ipv4/ip_output.c:229
__ip_finish_output+0x1b0/0x458
ip_finish_output+0x40/0x218 net/ipv4/ip_output.c:316
NF_HOOK_COND include/linux/netfilter.h:291 [inline]
ip_output+0x330/0x49c net/ipv4/ip_output.c:430
dst_output include/net/dst.h:443 [inline]
ip_local_out net/ipv4/ip_output.c:126 [inline]
__ip_queue_xmit+0xe70/0x1930 net/ipv4/ip_output.c:532
ip_queue_xmit+0x5c/0x78 net/ipv4/ip_output.c:546
__tcp_transmit_skb+0x1944/0x31e8 net/ipv4/tcp_output.c:1402
tcp_transmit_skb net/ipv4/tcp_output.c:1420 [inline]
tcp_mtu_probe net/ipv4/tcp_output.c:2454 [inline]
tcp_write_xmit+0x46f8/0x4dc0 net/ipv4/tcp_output.c:2630
__tcp_push_pending_frames+0x98/0x228 net/ipv4/tcp_output.c:2890
tcp_push_pending_frames include/net/tcp.h:1915 [inline]
tcp_data_snd_check net/ipv4/tcp_input.c:5493 [inline]
tcp_rcv_established+0xab4/0x1f40 net/ipv4/tcp_input.c:5989
tcp_v4_do_rcv+0x340/0xc70 net/ipv4/tcp_ipv4.c:1727
sk_backlog_rcv include/net/sock.h:1059 [inline]
__release_sock+0x1a8/0x408 net/core/sock.c:2713
release_sock+0x68/0x270 net/core/sock.c:3254
__mptcp_push_pending+0x5f4/0x85c
mptcp_sendmsg+0xc74/0x1a1c net/mptcp/protocol.c:1780
inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:657
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
____sys_sendmsg+0x584/0x870 net/socket.c:2431
___sys_sendmsg+0x214/0x294 net/socket.c:2485
__sys_sendmmsg+0x23c/0x648 net/socket.c:2571
__do_sys_sendmmsg net/socket.c:2600 [inline]
__se_sys_sendmmsg net/socket.c:2597 [inline]
__arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2597
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 5741
hardirqs last enabled at (5740): [<ffff8000088cb550>] kasan_quarantine_put+0xdc/0x204 mm/kasan/quarantine.c:231
hardirqs last disabled at (5741): [<ffff80001197e028>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:396
softirqs last enabled at (5716): [<ffff8000105430d4>] local_bh_enable+0x10/0x1d0 include/linux/bottom_half.h:31
softirqs last disabled at (5717): [<ffff8000081b5054>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (5717): [<ffff8000081b5054>] do_softirq+0xf8/0x1ac kernel/softirq.c:459
---[ end trace 49ba9982022219fe ]---
------------[ cut here ]------------
WARNING: CPU: 1 PID: 17559 at net/mptcp/protocol.c:630 __mptcp_move_skbs_from_subflow+0x1ea0/0x2c78 net/mptcp/protocol.c:630
Modules linked in:
CPU: 1 PID: 17559 Comm: syz-executor.2 Tainted: G W 5.15.147-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __mptcp_move_skbs_from_subflow+0x1ea0/0x2c78 net/mptcp/protocol.c:630
lr : __mptcp_move_skbs_from_subflow+0x1ea0/0x2c78 net/mptcp/protocol.c:630
sp : ffff80001eb956c0
x29: ffff80001eb95840 x28: 1fffe000191b202d x27: 00000000fffffb2c
x26: 0000000000000fec x25: dfff800000000000 x24: 0000000000000000
x23: 0000000000000000 x22: 00000000000000b8 x21: 000000006fad935c
x20: ffff0000c8d90140 x19: ffff0000ff916dc0 x18: 0000000000000102
x17: 0000000000000000 x16: ffff8000084c18ac x15: 0000000000000001
x14: 1ffff0000292406a x13: dfff800000000000 x12: ffff700003d72af8
x11: 0000000000000303 x10: 0000000000000000 x9 : ffff0000c65cb680
x8 : ffff800011928b7c x7 : ffff80001191c688 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000083025dc
x2 : ffff80001eb958c0 x1 : 00000000fffffb2c x0 : 0000000000000b18
Call trace:
__mptcp_move_skbs_from_subflow+0x1ea0/0x2c78 net/mptcp/protocol.c:630
move_skbs_to_msk net/mptcp/protocol.c:699 [inline]
mptcp_data_ready+0x274/0x5f8 net/mptcp/protocol.c:744
subflow_data_ready+0x198/0x280 net/mptcp/subflow.c:1351
tcp_data_ready+0x22c/0x454 net/ipv4/tcp_input.c:5018
tcp_data_queue+0x1c14/0x5288 net/ipv4/tcp_input.c:5088
tcp_rcv_established+0xa58/0x1f40 net/ipv4/tcp_input.c:5987
tcp_v4_do_rcv+0x340/0xc70 net/ipv4/tcp_ipv4.c:1727
tcp_v4_rcv+0x1fd8/0x2770 net/ipv4/tcp_ipv4.c:2130
ip_protocol_deliver_rcu+0x36c/0x770 net/ipv4/ip_input.c:204
ip_local_deliver_finish+0x1b8/0x30c net/ipv4/ip_input.c:231
NF_HOOK+0x324/0x3d0 include/linux/netfilter.h:302
ip_local_deliver+0x11c/0x190 net/ipv4/ip_input.c:252
dst_input include/net/dst.h:453 [inline]
ip_rcv_finish+0x22c/0x264 net/ipv4/ip_input.c:447
NF_HOOK+0x324/0x3d0 include/linux/netfilter.h:302
ip_rcv+0x78/0x98 net/ipv4/ip_input.c:566
__netif_receive_skb_one_core net/core/dev.c:5485 [inline]
__netif_receive_skb+0x18c/0x400 net/core/dev.c:5599
process_backlog+0x3ec/0x7e0 net/core/dev.c:6476
__napi_poll+0xb4/0x624 net/core/dev.c:7035
napi_poll net/core/dev.c:7102 [inline]
net_rx_action+0x500/0xc10 net/core/dev.c:7189
__do_softirq+0x344/0xdb0 kernel/softirq.c:558
do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
do_softirq+0xf8/0x1ac kernel/softirq.c:459
__local_bh_enable_ip+0x298/0x470 kernel/softirq.c:383
local_bh_enable+0x28/0x1d0 include/linux/bottom_half.h:32
rcu_read_unlock_bh include/linux/rcupdate.h:766 [inline]
ip_finish_output2+0xe78/0x131c net/ipv4/ip_output.c:229
__ip_finish_output+0x1b0/0x458
ip_finish_output+0x40/0x218 net/ipv4/ip_output.c:316
NF_HOOK_COND include/linux/netfilter.h:291 [inline]
ip_output+0x330/0x49c net/ipv4/ip_output.c:430
dst_output include/net/dst.h:443 [inline]
ip_local_out net/ipv4/ip_output.c:126 [inline]
__ip_queue_xmit+0xe70/0x1930 net/ipv4/ip_output.c:532
ip_queue_xmit+0x5c/0x78 net/ipv4/ip_output.c:546
__tcp_transmit_skb+0x1944/0x31e8 net/ipv4/tcp_output.c:1402
tcp_transmit_skb net/ipv4/tcp_output.c:1420 [inline]
tcp_write_xmit+0x12bc/0x4dc0 net/ipv4/tcp_output.c:2705
__tcp_push_pending_frames+0x98/0x228 net/ipv4/tcp_output.c:2890
tcp_push_pending_frames include/net/tcp.h:1915 [inline]
tcp_data_snd_check net/ipv4/tcp_input.c:5493 [inline]
tcp_rcv_established+0xab4/0x1f40 net/ipv4/tcp_input.c:5989
tcp_v4_do_rcv+0x340/0xc70 net/ipv4/tcp_ipv4.c:1727
sk_backlog_rcv include/net/sock.h:1059 [inline]
__release_sock+0x1a8/0x408 net/core/sock.c:2713
release_sock+0x68/0x270 net/core/sock.c:3254
__mptcp_push_pending+0x5f4/0x85c
mptcp_sendmsg+0xc74/0x1a1c net/mptcp/protocol.c:1780
inet6_sendmsg+0xb4/0xd8 net/ipv6/af_inet6.c:657
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
____sys_sendmsg+0x584/0x870 net/socket.c:2431
___sys_sendmsg+0x214/0x294 net/socket.c:2485
__sys_sendmmsg+0x23c/0x648 net/socket.c:2571
__do_sys_sendmmsg net/socket.c:2600 [inline]
__se_sys_sendmmsg net/socket.c:2597 [inline]
__arm64_sys_sendmmsg+0xa0/0xbc net/socket.c:2597
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 5981
hardirqs last enabled at (5980): [<ffff8000081b4d1c>] __local_bh_enable_ip+0x230/0x470 kernel/softirq.c:388
hardirqs last disabled at (5981): [<ffff80001197e028>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:396
softirqs last enabled at (5958): [<ffff8000105430d4>] local_bh_enable+0x10/0x1d0 include/linux/bottom_half.h:31
softirqs last disabled at (5959): [<ffff8000081b5054>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (5959): [<ffff8000081b5054>] do_softirq+0xf8/0x1ac kernel/softirq.c:459
---[ end trace 49ba9982022219ff ]---
TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters.
TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters.
syzbot
Apr 18, 2024, 12:30:17 PMApr 18
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
syzbot
Apr 28, 2024, 11:28:14 AM (6 days ago) Apr 28
to syzkaller...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages