Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp363373pxa;
        Fri, 21 Aug 2020 09:09:16 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxNKY1xTf/HJ15ew5KCncuFvSMbGItCVY/telGapVjt8/4P9UXMZyz4KbGmKkIaZdr94Eqa
X-Received: by 2002:a50:ef09:: with SMTP id m9mr2192382eds.230.1598026155964;
        Fri, 21 Aug 2020 09:09:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1598026155; cv=none;
        d=google.com; s=arc-20160816;
        b=Um9O93fVluSZ2ykM6arS/YDKmJdfS3+pmo4hjw8elgmu0t8swWwqMIEC9tJmTJchlc
         OXKT+TcKLuH8SPi+U5sepJubtV0CyFiiX3CC3JrD4B2rNhVU1fohgolWqpgry8EUbOef
         OGebIUSp1a2X8Yl9CxEX+GnF6dOPiol4QggiBa6ykkCV2kWbDlde9UciFIaGcHfMcgOS
         rFEtpz0ZLgMuRtSeqExqXmfjV06N9d1s2XYMGyPlc1/wxK8GOdD0J1jqAoOGCoBUFWPM
         ONhGgIxc4wKB6nyMI4uyTPNrZHwyZCCQo6/FY8TbzUwsyT8huk/0WjhGt/fJXeMOuRLo
         GfYw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:to:subject:dkim-signature;
        bh=BcOLS+QuONeHD3ULxAD7chhfzxFLcz1amouLJKxi+4E=;
        b=JA17zGtO+lMwQZms7MGBklkI8KtiJEAR7eINxWsJgHRpcrwkiAr8n8FnZ/E7EbD93o
         UTnro0nDw5I7UhCdmNApwskGKDaBct6KD799QqcEbTg4Zu4ep5cnwPf62EtRmdEbeGUp
         ktJpjlJpzezG1sciI08vuRr2kkTaijyG9UCgqUGgmcEvmNH6MP1beGyb2a44AuhewzZT
         lUonSRUfbvCJMEQSUOOmqp3TEVxbGsNC6vIXk58Y/nRlu+c/nraVBtLp1gNSIxMSJGRa
         636ssEIU16pDaZg+yFqHdwNCxc7UIZzppGBcVCrkGje3NmzeXzgHv5oXhhXbPS794yeq
         mMRg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=CLiNQhzz;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id um11si1414181ejb.117.2020.08.21.09.08.52;
        Fri, 21 Aug 2020 09:09:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=CLiNQhzz;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726057AbgHUQFk (ORCPT <rfc822;uzarths@gmail.com> + 99 others);
        Fri, 21 Aug 2020 12:05:40 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59272 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725834AbgHUQFh (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 21 Aug 2020 12:05:37 -0400
Received: from mail-oi1-x243.google.com (mail-oi1-x243.google.com [IPv6:2607:f8b0:4864:20::243])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 65F69C061573;
        Fri, 21 Aug 2020 09:05:37 -0700 (PDT)
Received: by mail-oi1-x243.google.com with SMTP id o21so1909308oie.12;
        Fri, 21 Aug 2020 09:05:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:references:from:message-id:date:user-agent:mime-version
         :in-reply-to:content-language:content-transfer-encoding;
        bh=BcOLS+QuONeHD3ULxAD7chhfzxFLcz1amouLJKxi+4E=;
        b=CLiNQhzzfkl8UaGxUU332gsocXd65bcriw/vgAe+SQvAOTIvOkdx/DGINT/3KQ6l4N
         UE4E8YfqEVIbBoMpZGeo7ZOvqBaB9pLGk7CqMotD8E/Ss1ypE1fcy4MehY5zzxSnDqkC
         gx58nceVEBx4K+pdI2iTotzuMpQWUvNaRQxFhLyVVRyOrFkL4yuZroV4dhghrNC2Awy8
         wf2zPHOTnP9RYilhVHYYVnUzZbNrHhPuyrM8+S4qafxNUIzwcWVS59n7XrnVtXFOHDB8
         SEeniXIZvPbiD9fiBRl5bBbTs76WkX4zfKD7JEmDB7TNtMTjuWA8WeWJ9Ro8J35XHzu/
         S5QA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=BcOLS+QuONeHD3ULxAD7chhfzxFLcz1amouLJKxi+4E=;
        b=XYchesj05xtkDB4IJnjsuDozeFyLSt7DWVg8jI1V9PnDbRAubn2+b84ZH48KjwR+ri
         Wbyv2ngSCUzk/N8lmxNMqrwOjLGYwANxoKmI65WVBr2AJxura4NBSydNtqUz4Q2IaoDd
         iwBfoF5yakbuz5m+34FyeMnNU+im6v/7FL2vJGSHIRhdnAbG//ZvGevGsdTDmEThJZoR
         DTj86RqgYgFNUwbU1N4RIAHLGOvp46CaUvqxvvD/9tBwE91hhXAJ3powM00ZHfIS4Fse
         nMSzfwzASVOTNowXIHxtWcv5cDmB6Bnbz2b1NxlAKrFvM5HGVo/aH9H/n92ByTB4YQKA
         2gEQ==
X-Gm-Message-State: AOAM531VcQt5BSirqF894s7nB38EUglnyBaUCOWygmq5SS/GiXNVcy7g
        XX6FgbXJQwdhFdatkXndR78=
X-Received: by 2002:aca:2304:: with SMTP id e4mr2225683oie.1.1598025935729;
        Fri, 21 Aug 2020 09:05:35 -0700 (PDT)
Received: from Davids-MacBook-Pro.local ([2601:284:8202:10b0:a888:bc35:d7d6:9aca])
        by smtp.googlemail.com with ESMTPSA id t1sm494307ooi.27.2020.08.21.09.05.34
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Fri, 21 Aug 2020 09:05:35 -0700 (PDT)
Subject: Re: general protection fault in fib_dump_info (2)
To:     Nikolay Aleksandrov <nikolay@cumulusnetworks.com>,
        syzbot <syzbot+a61aa19b0c14c8770bd9@syzkaller.appspotmail.com>,
        davem@davemloft.net, kuba@kernel.org, kuznet@ms2.inr.ac.ru,
        linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
        syzkaller-bugs@googlegroups.com, yoshfuji@linux-ipv6.org
References: <00000000000039b10005ad64df20@google.com>
 <47e92c2b-c9c5-4c74-70c4-103e70e91630@cumulusnetworks.com>
From:   David Ahern <dsahern@gmail.com>
Message-ID: <6184a09e-04ee-f7f0-81b0-de405b6188ae@gmail.com>
Date:   Fri, 21 Aug 2020 10:05:16 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0)
 Gecko/20100101 Thunderbird/68.11.0
MIME-Version: 1.0
In-Reply-To: <47e92c2b-c9c5-4c74-70c4-103e70e91630@cumulusnetworks.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 8/21/20 10:00 AM, Nikolay Aleksandrov wrote:
> 
> This seems like a much older bug to me, the code allows to pass 0 groups
> and
> thus we end up without any nh_grp_entry pointers. I reproduced it with a
> modified iproute2 that sends an empty NHA_GROUP and then just uses the new
> nexthop in any way (e.g. add a route with it). This is the same bug as the
> earlier report for: "general protection fault in fib_check_nexthop"

hmmm.... empty NHA_GROUP should not be allowed.

> 
> I have a patch but I'll be able to send it tomorrow.
> 

thanks.