All of lore.kernel.org
 help / color / mirror / Atom feed
From: Marc Kleine-Budde <mkl@pengutronix.de>
To: Eric Dumazet <edumazet@google.com>
Cc: syzbot <syzbot+4c63f36709a642f801c5@syzkaller.appspotmail.com>,
	anthony.l.nguyen@intel.com, changbin.du@intel.com,
	Christian Brauner <christian.brauner@ubuntu.com>,
	David Miller <davem@davemloft.net>,
	Eric Dumazet <eric.dumazet@gmail.com>,
	Jesper Dangaard Brouer <hawk@kernel.org>,
	Heiner Kallweit <hkallweit1@gmail.com>,
	intel-wired-lan-owner@osuosl.org,
	intel-wired-lan@lists.osuosl.org,
	Jesse Brandeburg <jesse.brandeburg@intel.com>,
	Jakub Kicinski <kuba@kernel.org>,
	linux-can@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>,
	netdev <netdev@vger.kernel.org>,
	Oliver Hartkopp <socketcan@hartkopp.net>,
	syzkaller-bugs <syzkaller-bugs@googlegroups.com>,
	Yajun Deng <yajun.deng@linux.dev>
Subject: Re: [syzbot] kernel BUG in pskb_expand_head
Date: Wed, 5 Jan 2022 15:04:43 +0100	[thread overview]
Message-ID: <20220105140443.vwobz3yx4z3rux6a@pengutronix.de> (raw)
In-Reply-To: <CANn89i+LbcWn3xoYU-eMjjmQPz0x1pSAat2OpF=i0+RByc-h4w@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1633 bytes --]

On 05.01.2022 05:59:35, Eric Dumazet wrote:
> On Wed, Jan 5, 2022 at 3:20 AM syzbot
> <syzbot+4c63f36709a642f801c5@syzkaller.appspotmail.com> wrote:
> >
> > syzbot has found a reproducer for the following issue on:
> >
> > HEAD commit:    c9e6606c7fe9 Linux 5.16-rc8
> > git tree:       upstream
> > console output: https://syzkaller.appspot.com/x/log.txt?x=148351c3b00000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=32f9fa260d7413b4
> > dashboard link: https://syzkaller.appspot.com/bug?extid=4c63f36709a642f801c5
> > compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=15435e2bb00000
> > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=12f4508db00000
> >
> 
> This C repro looks legit, bug should be in CAN layer.

ACK - it's bug in CAN's ISOTP

> > The issue was bisected to:
> >
> > commit e4b8954074f6d0db01c8c97d338a67f9389c042f
> > Author: Eric Dumazet <edumazet@google.com>
> > Date:   Tue Dec 7 01:30:37 2021 +0000
> >
> >     netlink: add net device refcount tracker to struct ethnl_req_info
> 
> Ignore this bisection, an unrelated commit whent in its way.

ACK - We have a RFC fix for this:

https://lore.kernel.org/all/20220105132429.1170627-1-mkl@pengutronix.de

regards,
Marc

-- 
Pengutronix e.K.                 | Marc Kleine-Budde           |
Embedded Linux                   | https://www.pengutronix.de  |
Vertretung West/Dortmund         | Phone: +49-231-2826-924     |
Amtsgericht Hildesheim, HRA 2686 | Fax:   +49-5121-206917-5555 |

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

WARNING: multiple messages have this Message-ID (diff)
From: Marc Kleine-Budde <mkl@pengutronix.de>
To: intel-wired-lan@osuosl.org
Subject: [Intel-wired-lan] [syzbot] kernel BUG in pskb_expand_head
Date: Wed, 5 Jan 2022 15:04:43 +0100	[thread overview]
Message-ID: <20220105140443.vwobz3yx4z3rux6a@pengutronix.de> (raw)
In-Reply-To: <CANn89i+LbcWn3xoYU-eMjjmQPz0x1pSAat2OpF=i0+RByc-h4w@mail.gmail.com>

On 05.01.2022 05:59:35, Eric Dumazet wrote:
> On Wed, Jan 5, 2022 at 3:20 AM syzbot
> <syzbot+4c63f36709a642f801c5@syzkaller.appspotmail.com> wrote:
> >
> > syzbot has found a reproducer for the following issue on:
> >
> > HEAD commit:    c9e6606c7fe9 Linux 5.16-rc8
> > git tree:       upstream
> > console output: https://syzkaller.appspot.com/x/log.txt?x=148351c3b00000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=32f9fa260d7413b4
> > dashboard link: https://syzkaller.appspot.com/bug?extid=4c63f36709a642f801c5
> > compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=15435e2bb00000
> > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=12f4508db00000
> >
> 
> This C repro looks legit, bug should be in CAN layer.

ACK - it's bug in CAN's ISOTP

> > The issue was bisected to:
> >
> > commit e4b8954074f6d0db01c8c97d338a67f9389c042f
> > Author: Eric Dumazet <edumazet@google.com>
> > Date:   Tue Dec 7 01:30:37 2021 +0000
> >
> >     netlink: add net device refcount tracker to struct ethnl_req_info
> 
> Ignore this bisection, an unrelated commit whent in its way.

ACK - We have a RFC fix for this:

https://lore.kernel.org/all/20220105132429.1170627-1-mkl at pengutronix.de

regards,
Marc

-- 
Pengutronix e.K.                 | Marc Kleine-Budde           |
Embedded Linux                   | https://www.pengutronix.de  |
Vertretung West/Dortmund         | Phone: +49-231-2826-924     |
Amtsgericht Hildesheim, HRA 2686 | Fax:   +49-5121-206917-5555 |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.osuosl.org/pipermail/intel-wired-lan/attachments/20220105/1a7af409/attachment.asc>

  reply	other threads:[~2022-01-05 14:05 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-15  8:38 [syzbot] kernel BUG in pskb_expand_head syzbot
2021-11-15  8:38 ` [Intel-wired-lan] " syzbot
2021-12-20  0:19 ` syzbot
2021-12-20  0:19   ` [Intel-wired-lan] " syzbot
2022-01-05 11:44   ` Marc Kleine-Budde
2022-01-05 11:44     ` [Intel-wired-lan] " Marc Kleine-Budde
2022-01-05 12:46     ` Oliver Hartkopp
2022-01-05 12:46       ` [Intel-wired-lan] " Oliver Hartkopp
2021-12-20  4:15 ` syzbot
2021-12-20  4:15   ` [Intel-wired-lan] " syzbot
2022-01-05 11:20 ` syzbot
2022-01-05 11:20   ` [Intel-wired-lan] " syzbot
2022-01-05 13:59   ` Eric Dumazet
2022-01-05 13:59     ` [Intel-wired-lan] " Eric Dumazet
2022-01-05 14:04     ` Marc Kleine-Budde [this message]
2022-01-05 14:04       ` Marc Kleine-Budde

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220105140443.vwobz3yx4z3rux6a@pengutronix.de \
    --to=mkl@pengutronix.de \
    --cc=anthony.l.nguyen@intel.com \
    --cc=changbin.du@intel.com \
    --cc=christian.brauner@ubuntu.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=eric.dumazet@gmail.com \
    --cc=hawk@kernel.org \
    --cc=hkallweit1@gmail.com \
    --cc=intel-wired-lan-owner@osuosl.org \
    --cc=intel-wired-lan@lists.osuosl.org \
    --cc=jesse.brandeburg@intel.com \
    --cc=kuba@kernel.org \
    --cc=linux-can@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=socketcan@hartkopp.net \
    --cc=syzbot+4c63f36709a642f801c5@syzkaller.appspotmail.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=yajun.deng@linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.