Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp2382827lqt; Mon, 22 Apr 2024 09:11:39 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCU3gJXOPWmtIOmKLqXmY8ti/7EQwW/K+I0hzOZg9PyBmAaPlsvUg1zN27EturE4Z/YXXVcApTzeeUnIEdPlIjOR6WcPzUsThQ/XHQtPBg== X-Google-Smtp-Source: AGHT+IHOIVTzdoLc+ORcvt1kVGEl8c8xvrE8XN/aXVbPtoWIU5GtNmRzoUYNjZmRLMVgHNxSkP/a X-Received: by 2002:a17:907:1183:b0:a52:3ca9:9bda with SMTP id uz3-20020a170907118300b00a523ca99bdamr91908ejb.22.1713802298877; Mon, 22 Apr 2024 09:11:38 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713802298; cv=pass; d=google.com; s=arc-20160816; b=liQR/CrJ0Mu5oP3Yl/f/T9CfHS8n0+52SKTr1SPOWWTXnMsDBMXG3eR2PYPnIHEBUR ef0Tus6nF/633rzqyjtxL8aurtaQ/mwFizmCUIej9RKZ/li0b4QlQsOP48zx2V/0mG7s BmBtqgCl00mTvD+SQ1fkP4lbQfCkfiDmXtxYl8GZsjzFyW5m93OBU+v9uQkWmp0A2lKO z3oIcViDZ9A5fgJV6J06LspT5MlxF/0wMSgl7IsNoLvSkBW8k9ymoJOqBayg3qi3W4La HY7+i0N6+TDvRsqji7KJc2v6PysspZlH+NxhomkJoVAuILvBhIGUWF4H2XSGu2PdO8kQ EcAg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=FUemsqeaBxTFXlHFc7wvr33AU2ZxcVwt25g4PMBCnzc=; fh=HfgN9scZTs61B0NhRsx2yg7LJmsdU1HMXTprFw26gzo=; b=c0H7bCvwDD0uU9fl2TgMIo5XuDLYkmMahylaacLJm8vQRjH9XFCG0g+yJwu0En3tK6 F1Qej13e7Lelo9Hy06v7gtcRRIBy5o7q8doWypCCD6lVGl1vxCFbXsvZeI1SF0jIJNa1 na5pQhaFYW8z3NMFxK1DFSBC+Nlj6d/EKDlsEAz+iD0ivx0BGYLElu0pblK6iiUs9/Lx fwEBiP889be0qLfP/chumF1CmtJ4Myjek/vo6VOQTBFsC4spK1ovvyMBKWpfKZPqFaMV IbwRuPFJWdsGEY41GP5+9Qa34jV9FH2vN7t3EUC/45RmuPBO3t8tES0dYMVoJC93YS/F tnbQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=X70YJ8xX; arc=pass (i=1 spf=pass spfdomain=amazon.co.jp dkim=pass dkdomain=amazon.com dmarc=pass fromdomain=amazon.com); spf=pass (google.com: domain of linux-kernel+bounces-153680-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-153680-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id p19-20020a170906b21300b00a54f054f523si5949945ejz.876.2024.04.22.09.11.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Apr 2024 09:11:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-153680-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=X70YJ8xX; arc=pass (i=1 spf=pass spfdomain=amazon.co.jp dkim=pass dkdomain=amazon.com dmarc=pass fromdomain=amazon.com); spf=pass (google.com: domain of linux-kernel+bounces-153680-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-153680-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 7114B1F219A5 for ; Mon, 22 Apr 2024 16:11:38 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7F8BF153803; Mon, 22 Apr 2024 16:11:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="X70YJ8xX" Received: from smtp-fw-33001.amazon.com (smtp-fw-33001.amazon.com [207.171.190.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 52F6615357B; Mon, 22 Apr 2024 16:11:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=207.171.190.10 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713802290; cv=none; b=Bm/fk85GGthtwlkL15mrKG9bbrdfUbJzlXN5XzNCPdsRSKrux9WG3POScgojUTSDF5Stp/oSxGhS8IjW+YOahRTHIsCVNI0k81kEIuYPQctRU7tp8dE+IZ5Sf+eAyyHdi2WnM4GPKBWcit4ZxReiDHkv636OKMSzSQpXKXfX7Io= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713802290; c=relaxed/simple; bh=3le542UJeSfYGDRoP90qKz4Zy3WYFGW+CJlvN5OAxOs=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=HW6T4F9TONOm1JuiWOacM+82iYuiPal65NZh6Q7E6VLjtWhXisR3q9djQOjl2B6FO9dmFSzd6/dvntPkulZ4/e8LfTjBG4GhthwhQHtuMyzIUDZ5aqce8Uv8UK8NquoutCbHHMjD3N+eVYRThIo8AKxlKrfQ+RaDhFHxjZKtUQ0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.co.jp; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=X70YJ8xX; arc=none smtp.client-ip=207.171.190.10 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.jp DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1713802290; x=1745338290; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=FUemsqeaBxTFXlHFc7wvr33AU2ZxcVwt25g4PMBCnzc=; b=X70YJ8xXV4QYubRaYN1EHQwuqbjwFacIOCMtQ2K9EtsQjhbyiufYQO8P jegQRKXlbkirrKkpt75duLH23D2xhrFbnnH3GEA3p88KLr4bZ8N0/QF8F 96hkXlZAbVIxZIm3FGcWy/7PvDW6GNsbju8lQm7CxzLz1Xr07Zur4YPkq k=; X-IronPort-AV: E=Sophos;i="6.07,221,1708387200"; d="scan'208";a="340362836" Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-33001.sea14.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Apr 2024 16:11:22 +0000 Received: from EX19MTAUWC001.ant.amazon.com [10.0.21.151:54137] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.31.31:2525] with esmtp (Farcaster) id b5dd08d2-1c1d-4c47-bb35-ab706d63a8fa; Mon, 22 Apr 2024 16:11:20 +0000 (UTC) X-Farcaster-Flow-ID: b5dd08d2-1c1d-4c47-bb35-ab706d63a8fa Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX19MTAUWC001.ant.amazon.com (10.250.64.174) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Mon, 22 Apr 2024 16:11:20 +0000 Received: from 88665a182662.ant.amazon.com (10.106.101.48) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.28; Mon, 22 Apr 2024 16:11:17 +0000 From: Kuniyuki Iwashima To: CC: , , , , , , , , , , Subject: Re: [syzbot] [net?] WARNING in gre_tap_xmit (2) Date: Mon, 22 Apr 2024 09:11:08 -0700 Message-ID: <20240422161108.83595-1-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <0000000000007aa28106168b76c9@google.com> References: <0000000000007aa28106168b76c9@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: EX19D037UWC002.ant.amazon.com (10.13.139.250) To EX19D004ANA001.ant.amazon.com (10.37.240.138) From: syzbot Date: Sat, 20 Apr 2024 11:35:04 -0700 > syzbot has bisected this issue to: > > commit 219eee9c0d16f1b754a8b85275854ab17df0850a > Author: Florian Westphal > Date: Fri Feb 16 11:36:57 2024 +0000 > > net: skbuff: add overflow debug check to pull/push helpers > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=167a954f180000 > start commit: 443574b03387 riscv, bpf: Fix kfunc parameters incompatibil.. > git tree: bpf > final oops: https://syzkaller.appspot.com/x/report.txt?x=157a954f180000 > console output: https://syzkaller.appspot.com/x/log.txt?x=117a954f180000 > kernel config: https://syzkaller.appspot.com/x/.config?x=6fb1be60a193d440 > dashboard link: https://syzkaller.appspot.com/bug?extid=c298c9f0e46a3c86332b > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14a94f00980000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15bce6ab180000 > > Reported-by: syzbot+c298c9f0e46a3c86332b@syzkaller.appspotmail.com > Fixes: 219eee9c0d16 ("net: skbuff: add overflow debug check to pull/push helpers") Testing same patch for this #syz test: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 219eee9c0d16 diff --git a/net/nsh/nsh.c b/net/nsh/nsh.c index f4a38bd6a7e0..1344653916c4 100644 --- a/net/nsh/nsh.c +++ b/net/nsh/nsh.c @@ -77,13 +77,15 @@ EXPORT_SYMBOL_GPL(nsh_pop); static struct sk_buff *nsh_gso_segment(struct sk_buff *skb, netdev_features_t features) { + unsigned int tnl_hlen, mac_len, nsh_len; struct sk_buff *segs = ERR_PTR(-EINVAL); u16 mac_offset = skb->mac_header; - unsigned int nsh_len, mac_len; - __be16 proto; + __be16 tnl_proto, proto; skb_reset_network_header(skb); + tnl_proto = skb->protocol; + tnl_hlen = skb->network_header - skb->mac_header; mac_len = skb->mac_len; if (unlikely(!pskb_may_pull(skb, NSH_BASE_HDR_LEN))) @@ -113,11 +115,11 @@ static struct sk_buff *nsh_gso_segment(struct sk_buff *skb, } for (skb = segs; skb; skb = skb->next) { - skb->protocol = htons(ETH_P_NSH); - __skb_push(skb, nsh_len); - skb->mac_header = mac_offset; - skb->network_header = skb->mac_header + mac_len; + __skb_push(skb, nsh_len + tnl_hlen); + skb_reset_mac_header(skb); + skb->network_header = skb->mac_header + tnl_hlen; skb->mac_len = mac_len; + skb->protocol = tnl_proto; } out: