On Sun, Sep 27, 2020 at 10:38 AM syzbot
<[email protected]> wrote:
>
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 748d1c8a Merge branch 'devlink-Use-nla_policy-to-validate-..
> git tree: net-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=13ac3ec3900000
> kernel config: https://syzkaller.appspot.com/x/.config?x=51fb40e67d1e3dec
> dashboard link: https://syzkaller.appspot.com/bug?extid=3640e696903873858f7e
> compiler: gcc (GCC) 10.1.0-syz 20200507
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1599be03900000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149fd44b900000
Based on the reproducer, this looks like some wireless bug.
+net/wireless maintainers.
> Bisection is inconclusive: the issue happens on the oldest tested release.
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=1474aaad900000
> final oops: https://syzkaller.appspot.com/x/report.txt?x=1674aaad900000
> console output: https://syzkaller.appspot.com/x/log.txt?x=1274aaad900000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: [email protected]
>
> ------------[ cut here ]------------
> WARNING: CPU: 1
>
>
> ---
> This report is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at [email protected].
>
> syzbot will keep track of this issue. See:
> https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection
> syzbot can test patches for this issue, for details see:
> https://goo.gl/tpsmEJ#testing-patches
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/000000000000bbdb3b05b0477890%40google.com.
On 9/27/2020 10:47 AM, Dmitry Vyukov wrote:
> On Sun, Sep 27, 2020 at 10:38 AM syzbot
> <[email protected]> wrote:
>>
>> Hello,
>>
>> syzbot found the following issue on:
>>
>> HEAD commit: 748d1c8a Merge branch 'devlink-Use-nla_policy-to-validate-..
>> git tree: net-next
>> console output: https://syzkaller.appspot.com/x/log.txt?x=13ac3ec3900000
>> kernel config: https://syzkaller.appspot.com/x/.config?x=51fb40e67d1e3dec
>> dashboard link: https://syzkaller.appspot.com/bug?extid=3640e696903873858f7e
>> compiler: gcc (GCC) 10.1.0-syz 20200507
>> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1599be03900000
>> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149fd44b900000
>
> Based on the reproducer, this looks like some wireless bug.
> +net/wireless maintainers.
I don't think so looking at this part of the stacktrace:
[ 51.814941] [<ffffffff8465cc95>] macvlan_common_newlink+0xa15/0x1720
[ 51.833542] [<ffffffff84662548>] macvtap_newlink+0x128/0x230
[ 51.858008] [<ffffffff85b68bfe>] rtnl_newlink+0xe5e/0x1780
[ 51.925885] [<ffffffff85b5d32b>] rtnetlink_rcv_msg+0x22b/0xc20
Regards,
Arend
On Mon, Sep 28, 2020 at 11:31 AM Arend Van Spriel
<[email protected]> wrote:
>
> On 9/27/2020 10:47 AM, Dmitry Vyukov wrote:
> > On Sun, Sep 27, 2020 at 10:38 AM syzbot
> > <[email protected]> wrote:
> >>
> >> Hello,
> >>
> >> syzbot found the following issue on:
> >>
> >> HEAD commit: 748d1c8a Merge branch 'devlink-Use-nla_policy-to-validate-..
> >> git tree: net-next
> >> console output: https://syzkaller.appspot.com/x/log.txt?x=13ac3ec3900000
> >> kernel config: https://syzkaller.appspot.com/x/.config?x=51fb40e67d1e3dec
> >> dashboard link: https://syzkaller.appspot.com/bug?extid=3640e696903873858f7e
> >> compiler: gcc (GCC) 10.1.0-syz 20200507
> >> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1599be03900000
> >> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149fd44b900000
> >
> > Based on the reproducer, this looks like some wireless bug.
> > +net/wireless maintainers.
>
> I don't think so looking at this part of the stacktrace:
>
> [ 51.814941] [<ffffffff8465cc95>] macvlan_common_newlink+0xa15/0x1720
> [ 51.833542] [<ffffffff84662548>] macvtap_newlink+0x128/0x230
> [ 51.858008] [<ffffffff85b68bfe>] rtnl_newlink+0xe5e/0x1780
> [ 51.925885] [<ffffffff85b5d32b>] rtnetlink_rcv_msg+0x22b/0xc20
>
> Regards,
> Arend
That's the trace on the oldest release and the bisection was diverged
somewhere midway.
You may see this in the bisection log:
https://syzkaller.appspot.com/text?tag=Log&x=1474aaad900000
Initially it crashed with this warning:
all runs: crashed: WARNING in sta_info_insert_rcu
This function is in net/mac80211/sta_info.c.
On 9/28/2020 12:04 PM, Dmitry Vyukov wrote:
> On Mon, Sep 28, 2020 at 11:31 AM Arend Van Spriel
> <[email protected]> wrote:
>>
>> On 9/27/2020 10:47 AM, Dmitry Vyukov wrote:
>>> On Sun, Sep 27, 2020 at 10:38 AM syzbot
>>> <[email protected]> wrote:
>>>>
>>>> Hello,
>>>>
>>>> syzbot found the following issue on:
>>>>
>>>> HEAD commit: 748d1c8a Merge branch 'devlink-Use-nla_policy-to-validate-..
>>>> git tree: net-next
>>>> console output: https://syzkaller.appspot.com/x/log.txt?x=13ac3ec3900000
>>>> kernel config: https://syzkaller.appspot.com/x/.config?x=51fb40e67d1e3dec
>>>> dashboard link: https://syzkaller.appspot.com/bug?extid=3640e696903873858f7e
>>>> compiler: gcc (GCC) 10.1.0-syz 20200507
>>>> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1599be03900000
>>>> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149fd44b900000
>>>
>>> Based on the reproducer, this looks like some wireless bug.
>>> +net/wireless maintainers.
>>
>> I don't think so looking at this part of the stacktrace:
>>
>> [ 51.814941] [<ffffffff8465cc95>] macvlan_common_newlink+0xa15/0x1720
>> [ 51.833542] [<ffffffff84662548>] macvtap_newlink+0x128/0x230
>> [ 51.858008] [<ffffffff85b68bfe>] rtnl_newlink+0xe5e/0x1780
>> [ 51.925885] [<ffffffff85b5d32b>] rtnetlink_rcv_msg+0x22b/0xc20
>>
>> Regards,
>> Arend
>
> That's the trace on the oldest release and the bisection was diverged
> somewhere midway.
> You may see this in the bisection log:
> https://syzkaller.appspot.com/text?tag=Log&x=1474aaad900000
>
> Initially it crashed with this warning:
> all runs: crashed: WARNING in sta_info_insert_rcu
>
> This function is in net/mac80211/sta_info.c.
I see. Thanks for the clarification. It was not really obvious where to
dig for information.
Regards,
Arend