From: Dmitry Vyukov <dvyukov@google.com>
To: Alan Stern <stern@rowland.harvard.edu>
Cc: syzbot <syzbot+fbf4fc11a819824e027b@syzkaller.appspotmail.com>,
a@unstable.cc, alex.aring@gmail.com,
b.a.t.m.a.n@lists.open-mesh.org,
David Miller <davem@davemloft.net>,
info@sophiescuban.com, Jiri Kosina <jkosina@suse.cz>,
Jakub Kicinski <kuba@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
linux-wpan@vger.kernel.org, mareklindner@neomailbox.ch,
netdev <netdev@vger.kernel.org>,
stefan@datenfreihafen.org, sw@simonwunderlich.de,
syzkaller-bugs <syzkaller-bugs@googlegroups.com>
Subject: Re: [syzbot] WARNING in ieee802154_del_seclevel
Date: Tue, 13 Apr 2021 10:32:50 +0200 [thread overview]
Message-ID: <CACT4Y+ZMFwTLrdK+8YZifJR_7V21gwOxbVKnbRP3Yj=YQ+k7xQ@mail.gmail.com> (raw)
In-Reply-To: <20210401133037.GA1052133@rowland.harvard.edu>
On Thu, Apr 1, 2021 at 3:30 PM Alan Stern <stern@rowland.harvard.edu> wrote:
>
> On Wed, Mar 31, 2021 at 02:03:08PM -0700, syzbot wrote:
> > syzbot has bisected this issue to:
> >
> > commit 416dacb819f59180e4d86a5550052033ebb6d72c
> > Author: Alan Stern <stern@rowland.harvard.edu>
> > Date: Wed Aug 21 17:27:12 2019 +0000
> >
> > HID: hidraw: Fix invalid read in hidraw_ioctl
> >
> > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=127430fcd00000
> > start commit: 6e5a03bc ethernet/netronome/nfp: Fix a use after free in n..
> > git tree: net
> > final oops: https://syzkaller.appspot.com/x/report.txt?x=117430fcd00000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=167430fcd00000
> > kernel config: https://syzkaller.appspot.com/x/.config?x=daeff30c2474a60f
> > dashboard link: https://syzkaller.appspot.com/bug?extid=fbf4fc11a819824e027b
> > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13bfe45ed00000
> > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1188e31ad00000
> >
> > Reported-by: syzbot+fbf4fc11a819824e027b@syzkaller.appspotmail.com
> > Fixes: 416dacb819f5 ("HID: hidraw: Fix invalid read in hidraw_ioctl")
> >
> > For information about bisection process see: https://goo.gl/tpsmEJ#bisection
>
> It seems likely that the bisection ran off the rails here. This commit
> could not have caused a problem, although it may have revealed a
> pre-existing problem that previously was hidden.
Hi Alan,
Yes, bisection log shows it was derailed by:
KASAN: use-after-free Read in batadv_iv_ogm_queue_add
and:
BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low!
https://syzkaller.appspot.com/x/bisect.txt?x=127430fcd00000
> By the way, what happened to the annotated stack dumps that syzkaller
> used to provide in its bug reports?
Nothing has changed in this respect, they are still in bug reports:
https://lore.kernel.org/lkml/00000000000073afff05bbe9a54d@google.com/
WARNING: multiple messages have this Message-ID (diff)
From: Dmitry Vyukov <dvyukov@google.com>
To: Alan Stern <stern@rowland.harvard.edu>
Cc: syzbot <syzbot+fbf4fc11a819824e027b@syzkaller.appspotmail.com>,
a@unstable.cc, alex.aring@gmail.com,
b.a.t.m.a.n@lists.open-mesh.org,
David Miller <davem@davemloft.net>,
info@sophiescuban.com, Jiri Kosina <jkosina@suse.cz>,
Jakub Kicinski <kuba@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
linux-wpan@vger.kernel.org, mareklindner@neomailbox.ch,
netdev <netdev@vger.kernel.org>,
stefan@datenfreihafen.org,
syzkaller-bugs <syzkaller-bugs@googlegroups.com>
Subject: Re: [syzbot] WARNING in ieee802154_del_seclevel
Date: Tue, 13 Apr 2021 10:32:50 +0200 [thread overview]
Message-ID: <CACT4Y+ZMFwTLrdK+8YZifJR_7V21gwOxbVKnbRP3Yj=YQ+k7xQ@mail.gmail.com> (raw)
In-Reply-To: <20210401133037.GA1052133@rowland.harvard.edu>
On Thu, Apr 1, 2021 at 3:30 PM Alan Stern <stern@rowland.harvard.edu> wrote:
>
> On Wed, Mar 31, 2021 at 02:03:08PM -0700, syzbot wrote:
> > syzbot has bisected this issue to:
> >
> > commit 416dacb819f59180e4d86a5550052033ebb6d72c
> > Author: Alan Stern <stern@rowland.harvard.edu>
> > Date: Wed Aug 21 17:27:12 2019 +0000
> >
> > HID: hidraw: Fix invalid read in hidraw_ioctl
> >
> > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=127430fcd00000
> > start commit: 6e5a03bc ethernet/netronome/nfp: Fix a use after free in n..
> > git tree: net
> > final oops: https://syzkaller.appspot.com/x/report.txt?x=117430fcd00000
> > console output: https://syzkaller.appspot.com/x/log.txt?x=167430fcd00000
> > kernel config: https://syzkaller.appspot.com/x/.config?x=daeff30c2474a60f
> > dashboard link: https://syzkaller.appspot.com/bug?extid=fbf4fc11a819824e027b
> > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13bfe45ed00000
> > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1188e31ad00000
> >
> > Reported-by: syzbot+fbf4fc11a819824e027b@syzkaller.appspotmail.com
> > Fixes: 416dacb819f5 ("HID: hidraw: Fix invalid read in hidraw_ioctl")
> >
> > For information about bisection process see: https://goo.gl/tpsmEJ#bisection
>
> It seems likely that the bisection ran off the rails here. This commit
> could not have caused a problem, although it may have revealed a
> pre-existing problem that previously was hidden.
Hi Alan,
Yes, bisection log shows it was derailed by:
KASAN: use-after-free Read in batadv_iv_ogm_queue_add
and:
BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low!
https://syzkaller.appspot.com/x/bisect.txt?x=127430fcd00000
> By the way, what happened to the annotated stack dumps that syzkaller
> used to provide in its bug reports?
Nothing has changed in this respect, they are still in bug reports:
https://lore.kernel.org/lkml/00000000000073afff05bbe9a54d@google.com/
next prev parent reply other threads:[~2021-04-13 8:33 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-22 9:44 WARNING in ieee802154_del_seclevel syzbot
2021-03-30 21:08 ` [syzbot] " syzbot
2021-03-31 21:03 ` syzbot
2021-04-01 13:30 ` Alan Stern
2021-04-13 8:32 ` Dmitry Vyukov [this message]
2021-04-13 8:32 ` Dmitry Vyukov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACT4Y+ZMFwTLrdK+8YZifJR_7V21gwOxbVKnbRP3Yj=YQ+k7xQ@mail.gmail.com' \
--to=dvyukov@google.com \
--cc=a@unstable.cc \
--cc=alex.aring@gmail.com \
--cc=b.a.t.m.a.n@lists.open-mesh.org \
--cc=davem@davemloft.net \
--cc=info@sophiescuban.com \
--cc=jkosina@suse.cz \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wpan@vger.kernel.org \
--cc=mareklindner@neomailbox.ch \
--cc=netdev@vger.kernel.org \
--cc=stefan@datenfreihafen.org \
--cc=stern@rowland.harvard.edu \
--cc=sw@simonwunderlich.de \
--cc=syzbot+fbf4fc11a819824e027b@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.