Received: by 2002:ab2:3141:0:b0:1ed:23cc:44d1 with SMTP id i1csp92867lqg; Thu, 29 Feb 2024 21:53:30 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCW9+FwkP6owAculF+w0L7KkRbhBosLWVHtR2VclFA8I4ut+m2Px8zw5DYNUstAZUuDU3yA+LjGpmq+cXOZXL44pnezth5onNdvV54ljDg== X-Google-Smtp-Source: AGHT+IEL7jWK+olcDNG8RqzQEPOAN2dVN5x8IZYRsauXngKpU1NJBoHQlO0w9CBYzPvvOpVGm9/u X-Received: by 2002:a05:6808:1149:b0:3c0:4719:45ad with SMTP id u9-20020a056808114900b003c0471945admr713608oiu.40.1709272410142; Thu, 29 Feb 2024 21:53:30 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709272410; cv=pass; d=google.com; s=arc-20160816; b=HBR/0R0M0Y3rh4gPbf9FxW0P0cyhyZ+4H/Gj0a2o2LJZzrnzYPvczuc+9AI8qejWvN KooJZqiNVlkDkUCgCJp2PxUuKg1yWpbpNmSYf3m8464ukmAc3KU04PPF4TFzNG+u1/Hq i18x/4oE1asfvlxDCBmR+Aext+5gzjLMSISHXrQeBKqz2lSctK1Oj0BuqreAfcLmbzJU Mz6Z/JtkT5cJTeelbGZrFibOSvQEfihnjnNYJ7yX9tK9RXLRc3TbdWNvTdBOVUrx2VWY 38QEX/I7/QLpCEfiZQ3oEDI6BdMuH01KOekk7oYX6LCiulGwZHwOoV7wSyW+xo22d9Mb Dcww== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:reply-to:from:references:cc :to:content-language:subject:user-agent:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:date:message-id :dkim-signature; bh=ncXBQX+kSqn2nKAzLMBhXZ/NTpGfNX4QeH2wgUJQDLU=; fh=nus2pD97xzNczcJ0kkqolfkLmaB6v5Q+ePgCc5M896E=; b=SZHJIO+MXD65V37lIsEGWZSoHyV5prjsp+HNXBaop8902khP7M3bbrqPUkf7bt5g4/ QWj9H2Vv0Vr/GaZMT8brsFTfAJyMZM3B22xEkJJTjplpkq5Mj/LOvsch7kY5Uq2xwOXE nyv2PEfX8rpWSvbNodrmgxDwaJx+eOkpMxJrTMkgnDOwQBq3MpMQ0JLd/fNWXhdt/dGq YV4Uq8jnwb2kbwKd3I+99X6jTX6PuVOaaxEnh6umqKpvM5YhEHHhrjTqH16GQ8bVkGYN o4solUBtH98FsNhYumXaUcG14PM6JuZEmMac1JIKBZhfq5OtFrRz9rdDi8zpkZAiaFBP 9FkQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@leemhuis.info header.s=he214686 header.b=fg9cY+vd; arc=pass (i=1 spf=pass spfdomain=leemhuis.info dkim=pass dkdomain=leemhuis.info); spf=pass (google.com: domain of linux-bluetooth+bounces-2219-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-bluetooth+bounces-2219-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id y21-20020a634b15000000b005dc4e7d879csi2958195pga.66.2024.02.29.21.53.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 21:53:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-bluetooth+bounces-2219-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@leemhuis.info header.s=he214686 header.b=fg9cY+vd; arc=pass (i=1 spf=pass spfdomain=leemhuis.info dkim=pass dkdomain=leemhuis.info); spf=pass (google.com: domain of linux-bluetooth+bounces-2219-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-bluetooth+bounces-2219-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id B0F37284340 for ; Fri, 1 Mar 2024 05:53:28 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C5A0951C59; Fri, 1 Mar 2024 05:53:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=leemhuis.info header.i=@leemhuis.info header.b="fg9cY+vd" X-Original-To: linux-bluetooth@vger.kernel.org Received: from wp530.webpack.hosteurope.de (wp530.webpack.hosteurope.de [80.237.130.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DF51C3FE23; Fri, 1 Mar 2024 05:53:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=80.237.130.52 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709272403; cv=none; b=DClwS/FvRRKvhMLT9glWZ6G+BwY1NerM2fR6dhMRb/4Rui91FuMGMSqMHEvQf7lBY0LIKLlBb2kRtWu/hEc0FtNBJotZ9QTG2vtmySjTsuRPc9QuW30qOdf8b0ssf0UZu9WvM9oSCEQLBovriTIKywam80Ezn4i88jVqUHrcBy8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709272403; c=relaxed/simple; bh=5TgWZb4/KOE0mCOVJEt0Xmql79Rk7IHFG+Z2FeL2hOM=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=lWrJcjFe16zWiftiXDWMEjBeJkOggDyowiwFA3Fjxdfos9kWxKsiuhdu4Ropx33AX3lkwuNPIMvi4ll/Bug8K1E/hvB5mjC00TeLBTb6Vd+wKpF/aVUzdeI/OAPWVxnvOF7rMY+hGTq5lefssUNcwe9gv+WQOt33Zu96nFOY7Hg= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=leemhuis.info; spf=pass smtp.mailfrom=leemhuis.info; dkim=pass (2048-bit key) header.d=leemhuis.info header.i=@leemhuis.info header.b=fg9cY+vd; arc=none smtp.client-ip=80.237.130.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=leemhuis.info Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=leemhuis.info DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=leemhuis.info; s=he214686; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:Reply-To:From:References:Cc:To:Subject:MIME-Version:Date: Message-ID:From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=ncXBQX+kSqn2nKAzLMBhXZ/NTpGfNX4QeH2wgUJQDLU=; t=1709272401; x=1709704401; b=fg9cY+vdRQ/5I1wx0xTsG4qDZg1EbxfVpZh9frGXqmf4pOa fYvJSOqMLW4UxAasulNfqeSkEwrtUYob0CLjYXE8m+sOotSN8n9Tlgz2onrfheEh5vsUDkv+PZkGB VUYonlLGxcsf6yWwUiS274ztj18gvzPIoGE8mq1QGJbDw9Pl07PK0is2FRv+ip2hi0h61I1sldYiI WkRaKPoic0lv8ZchRhgfCDUWsxPrPwBqOV5lGTERizWI7UiksEeGDTeTA/JBh2IuuatI+EWnIAFd8 6Esvk+tgvpjiiSZa/h7NFIza2/dIqvjdM61zakYY21m2e41Hd/A7/g92g/nwcy2w==; Received: from [2a02:8108:8980:2478:8cde:aa2c:f324:937e]; authenticated by wp530.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) id 1rfvpd-00044Z-Up; Fri, 01 Mar 2024 06:53:18 +0100 Message-ID: <7639639c-7c63-44a9-81bc-f9093b70559f@leemhuis.info> Date: Fri, 1 Mar 2024 06:53:17 +0100 Precedence: bulk X-Mailing-List: linux-bluetooth@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg Content-Language: en-US, de-DE To: linux-bluetooth@vger.kernel.org Cc: stable@vger.kernel.org, regressions@lists.linux.dev References: <20240226213855.GB3202@hostway.ca> From: "Linux regression tracking #adding (Thorsten Leemhuis)" Reply-To: Linux regressions mailing list In-Reply-To: <20240226213855.GB3202@hostway.ca> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-bounce-key: webpack.hosteurope.de;regressions@leemhuis.info;1709272401;a6bacc60; X-HE-SMSGID: 1rfvpd-00044Z-Up On 26.02.24 22:38, Simon Kirby wrote: > > I bisected a regression where reading from a Bluetooth device gets stuck > in recvfrom() calls. The device here is a Wii Balance Board, using > https://github.com/initialstate/beerfridge/blob/master/wiiboard_test.py; > this worked fine in v6.6.1 and v6.6.8, but when I tried on a v6.6.14 > build, the script no longer outputs any readings. > > 1d576c3a5af850bf11fbd103f9ba11aa6d6061fb is the first bad commit > > which maps to upstream commit 2e07e8348ea454615e268222ae3fc240421be768: > > Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg > > With this commit in place, as also in v6.7 and v6.7.6, the script does > not output anything _unless_ I strace the process, in which case a bunch > of recvmsg() syscalls are shown, and then it hangs again. If I ^C the > strace and run it a few times, eventually the script will get enough data > and output a reading. Thanks for the report. To be sure the issue doesn't fall through the cracks unnoticed, I'm adding it to regzbot, the Linux kernel regression tracking bot: #regzbot ^introduced 2e07e8348ea454 #regzbot title af_bluetooth: reading from a device gets stuck in recvfrom() calls #regzbot ignore-activity Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat) -- Everything you wanna know about Linux kernel regression tracking: https://linux-regtracking.leemhuis.info/about/#tldr That page also explains what to do if mails like this annoy you.