Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp3016736imd; Sun, 28 Oct 2018 23:49:55 -0700 (PDT) X-Google-Smtp-Source: AJdET5c83JLSfD7o+JOdIFf5eLQKi+JmOxhJvwhCnBj8ji8PgA2FO0ai9XJfwqyEyl9O/59Ls4Ll X-Received: by 2002:a62:444f:: with SMTP id r76-v6mr14382153pfa.111.1540795795810; Sun, 28 Oct 2018 23:49:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540795795; cv=none; d=google.com; s=arc-20160816; b=F7GaEzN7F6V/maWJAedArpc+Y9hILTBR7GvE6TS1zU841Ln2LUoh8bf61aQth1tXtv lDf/2jvr4S0+NLS3H0jNpu4qPqDqoDL7YnuYdL0ceDOq4Gpz0h4GMytIAYq5oOZ5+gXN grQYRM8doKFYaReALIeA84X+0ljrtmUbYqswkwXCmS7TIt+H53Scuny5azc0iDbx6W0Z sZ+VPP0niVNlgwe9/KGT77+9qkOC4psJ3OXT5zlkMVrUT+1NOaOqLfVCOCmSkD3HaA75 nXHf9AomMXKz2f8dL/qCMuAhSfHN6bMi4zsai2P36bPbr3KkVsqM9DtJ9ykasWlGmW8N ntJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=15uqe2fGEH73ZAnT4/ykZlis84rFY50I1HR4ur533QY=; b=DRQFmeriw+Uf4aGdLYRK3+lpIcaLUgR/Ojm+R/oVizYzettLqx5RzQNyfmhcsfcGBG KmFo5yVnTkQbd5efCcH6bn5QAlmzuC1cTYtnLuGVjb9dxgVW+AyF7f2B4bNey0EJsyki oakCw2emf0oR6Ih037SfmReXGMeXcevyGGBdIJ0KZoPOg9zZaBdnf6ZpmZgdeBkmGibD NzG0ZqgOMXipSLFkeGtuE5atMUOkbHiswAbpgTJ4IIFHqdK2z5999Zb1rMbL7z46bt+P lWYUNNthDOiUKNeneqEDjNC/SOabGtJUixJWMto2I/H3wWndfmfbVYqAWK+tgwm61NpC F4yw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Tp5xieOF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q13-v6si18708157pgq.526.2018.10.28.23.49.39; Sun, 28 Oct 2018 23:49:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Tp5xieOF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729359AbeJ2PfE (ORCPT + 99 others); Mon, 29 Oct 2018 11:35:04 -0400 Received: from mail-qt1-f193.google.com ([209.85.160.193]:36901 "EHLO mail-qt1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729265AbeJ2PfE (ORCPT ); Mon, 29 Oct 2018 11:35:04 -0400 Received: by mail-qt1-f193.google.com with SMTP id d14-v6so8021492qto.4; Sun, 28 Oct 2018 23:47:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=15uqe2fGEH73ZAnT4/ykZlis84rFY50I1HR4ur533QY=; b=Tp5xieOFXB7k3rOYdPP6dIR8i4C1p1Hd/XCKiPBsiPZ0qALY8xyoMO4AE55j71UiyS ydqtbY2dsgZxPQneMWYXcfM8jwcB7qcqFc7slLMXFO5x3yJKGHxhtlhdkLvCMQyggoFr O5W2VwMyNnEUix++hJ3b6iYxq4KS8BpvVXp/qAHlWA5TxTHbqQwkD4czHHdvfsaD8Sj2 5/z752XyHzMwVQgikEjFRbFcDX7f0PfiYvKqQ3Sq6KqjV2J2dDqF29X23b33cMkWauWJ WcalTL9OJebxOEUjwNgeK1YTjzykxm6WfajH06TCFYAC65iFxydv6rVOsCjtI8fVDznw Dw8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=15uqe2fGEH73ZAnT4/ykZlis84rFY50I1HR4ur533QY=; b=rFzf4R4I/c5NZYd5V9rU8k8JJ4oYycRDiEI4xqjlmbwsBP4NbsWFOJqc6oyWaYM0fG NA+qu+x4X5CmCzhEcAp3h62cQd37cQrBZtUvUsQ6MAXijSB2fzB/jelMouCoQpU6M1Rl RHaWqtqmLBX/67xgrBoN36qrLCyJZqiqtNg4NVRZx8rgjH0tFKC/GIiYGJg7fiuISfLD aIVHgBKkCmIGbwmp+Q+Lc5wPu+jWTdMQ1sA1cq63LAXcC0h4zH++dCAOIUXuJNMb5WLy hgobJB+swCFq9S5CEkT4CIPEhnm5rO5qK3PGw9J5a/iNUepduDdzpBOK8Vyve5ZRQIfo /IPQ== X-Gm-Message-State: AGRZ1gIJ4U8GjYWDJe21RO8A5/TYjO/nimQuNabkNNHAk/kmA8J2AcAD tEC+lcte6QQZ4d5r83/b19xClTWzK7LjTq0a/44= X-Received: by 2002:ac8:2413:: with SMTP id c19-v6mr11566108qtc.194.1540795664928; Sun, 28 Oct 2018 23:47:44 -0700 (PDT) MIME-Version: 1.0 References: <0000000000008db3210579416691@google.com> <64bc75ce-336d-2115-1016-b10bc920539f@gmail.com> In-Reply-To: <64bc75ce-336d-2115-1016-b10bc920539f@gmail.com> From: Song Liu Date: Sun, 28 Oct 2018 23:47:33 -0700 Message-ID: Subject: Re: WARNING in __debug_object_init (3) To: eric.dumazet@gmail.com Cc: dvyukov@google.com, syzbot+6e682caa546b7c96c859@syzkaller.appspotmail.com, edumazet@google.com, Alexei Starovoitov , Daniel Borkmann , "David S . Miller" , open list , Networking , syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Oct 28, 2018 at 10:45 AM Eric Dumazet wrote: > > > > On 10/28/2018 08:13 AM, Dmitry Vyukov wrote: > > On Sun, Oct 28, 2018 at 3:18 AM, syzbot > > wrote: > >> Hello, > >> > >> syzbot found the following crash on: > >> > >> HEAD commit: 8c60c36d0b8c Add linux-next specific files for 20181019 > >> git tree: linux-next > >> console output: https://syzkaller.appspot.com/x/log.txt?x=100feec5400000 > >> kernel config: https://syzkaller.appspot.com/x/.config?x=8b6d7c4c81535e89 > >> dashboard link: https://syzkaller.appspot.com/bug?extid=6e682caa546b7c96c859 > >> compiler: gcc (GCC) 8.0.1 20180413 (experimental) > >> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13579abd400000 > >> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=13654f6b400000 > >> > >> IMPORTANT: if you fix the bug, please add the following tag to the commit: > >> Reported-by: syzbot+6e682caa546b7c96c859@syzkaller.appspotmail.com > > > > +Eric knows what's wrong here. Something about "bpf: add tests for > > direct packet access from CGROUP_SKB" commit. Was is amended to fix a > > bug? > > > > I know little. > > It seems that this linux-next tree contains a (buggy) pre-version of > this commit : > > commit 2cb494a36c98279c5c6ce8e99cf9776f15449ade > Author: Song Liu > Date: Fri Oct 19 09:57:58 2018 -0700 > > bpf: add tests for direct packet access from CGROUP_SKB > > Tests are added to make sure CGROUP_SKB cannot access: > tc_classid, data_meta, flow_keys > > and can read and write: > mark, prority, and cb[0-4] > > and can read other fields. > > To make selftest with skb->sk work, a dummy sk is added in > bpf_prog_test_run_skb(). > > Signed-off-by: Song Liu > Signed-off-by: Alexei Starovoitov > > Maybe bpf maintainers chose to pre-submit a buggy patch and rebased their tree. > > The buggy patch in linux-next was : > > commit 75079847e9d05d4cc1b7e09b29e22cbc8318a6b7 > Author: Song Liu > Date: Thu Oct 18 09:06:49 2018 -0700 > > bpf: add tests for direct packet access from CGROUP_SKB > > Tests are added to make sure CGROUP_SKB cannot access: > tc_classid, data_meta, flow_keys > > and can read and write: > mark, prority, and cb[0-4] > > and can read other fields. > > To make selftest with skb->sk work, a dummy sk is added in > bpf_prog_test_run_skb(). > > Signed-off-by: Song Liu > Signed-off-by: Alexei Starovoitov > Thanks Eric. Yeah, the version in the linux-next tree was a buggy version. The one in Linus' tree is correct. I confirmed that this issue doesn't repro in Linus' tree. Song