| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <679d53ab.050a0220.163cdc.0012.GAE@google.com>
Date: Fri, 31 Jan 2025 14:50:19 -0800
From: syzbot <syzbot+652bceddc8ff90c594ad@...kaller.appspotmail.com>
To: johannes@...solutions.net, linux-kernel@...r.kernel.org,
linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: [syzbot] [wireless?] WARNING in ADDR
Hello,
syzbot found the following issue on:
HEAD commit: 805ba04cb7cc Merge tag 'mips_6.14' of git://git.kernel.org..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=102805f8580000
kernel config: https://syzkaller.appspot.com/x/.config?x=2ae8afe424ee551e
dashboard link: https://syzkaller.appspot.com/bug?extid=652bceddc8ff90c594ad
compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/7feb34a89c2a/non_bootable_disk-805ba04c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/f9b9a1354470/vmlinux-805ba04c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6c77f51f864a/bzImage-805ba04c.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+652bceddc8ff90c594ad@...kaller.appspotmail.com
Jan 27 22:47:14 syzkaller kern.notice kernel: [ 71.133063][ T39] audit: type=1400 audit(1738018034.313:3483): avc: denied { read } for pid=5336 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclas[ 71.519128][ C2] ------------[ cut here ]------------
s=[ 71.521211][ C2] WARNING: CPU: 2 PID: 1418 at net/mac80211/tx.c:5040 __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5040 [inline]
s=[ 71.521211][ C2] WARNING: CPU: 2 PID: 1418 at net/mac80211/tx.c:5040 __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5035 [inline]
s=[ 71.521211][ C2] WARNING: CPU: 2 PID: 1418 at net/mac80211/tx.c:5040 __ieee80211_beacon_get+0x14ac/0x16b0 net/mac80211/tx.c:5469
Jan 27 22:47:14 [ 71.555288][ C2] FS: 0000000000000000(0000) GS:ffff88806a800000(0000) knlGS:0000000000000000
syzkaller kern.n[ 71.558416][ C2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
otice kernel: [ [ 71.560778][ C2] CR2: 00007f188c918f98 CR3: 000000000df80000 CR4: 0000000000352ef0
71.183083][ [ 71.563537][ C2] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
T39] audit: type[ 71.566318][ C2] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
=1400 audit(1738[ 71.569117][ C2] Call Trace:
018034.323:3484)[ 71.570531][ C2] <IRQ>
: avc: denied [ 71.571844][ C2] ? __warn+0xea/0x3c0 kernel/panic.c:746
{ create } for [ 71.573494][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5040 [inline]
{ create } for [ 71.573494][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5035 [inline]
{ create } for [ 71.573494][ C2] ? __ieee80211_beacon_get+0x14ac/0x16b0 net/mac80211/tx.c:5469
pid=7155 comm="s[ 71.575627][ C2] ? __report_bug lib/bug.c:199 [inline]
pid=7155 comm="s[ 71.575627][ C2] ? report_bug+0x3c0/0x580 lib/bug.c:219
yz.0.427" sconte[ 71.577454][ C2] ? handle_bug+0x54/0xa0 arch/x86/kernel/traps.c:285
xt=root:sysadm_r[ 71.579210][ C2] ? exc_invalid_op+0x17/0x50 arch/x86/kernel/traps.c:309
:sysadm_t tconte[ 71.581290][ C2] ? asm_exc_invalid_op+0x1a/0x20 arch/x86/include/asm/idtentry.h:621
xt=root:sysadm_r[ 71.583223][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5040 [inline]
xt=root:sysadm_r[ 71.583223][ C2] ? __ieee80211_beacon_get+0xb32/0x16b0 net/mac80211/tx.c:5469
:sysadm_t tclass[ 71.585319][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5040 [inline]
:sysadm_t tclass[ 71.585319][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5035 [inline]
:sysadm_t tclass[ 71.585319][ C2] ? __ieee80211_beacon_get+0x14ab/0x16b0 net/mac80211/tx.c:5469
=netlink_netfilt[ 71.587451][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5040 [inline]
=netlink_netfilt[ 71.587451][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5035 [inline]
=netlink_netfilt[ 71.587451][ C2] ? __ieee80211_beacon_get+0x14ac/0x16b0 net/mac80211/tx.c:5469
er_socket permis[ 71.589588][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5040 [inline]
er_socket permis[ 71.589588][ C2] ? __ieee80211_beacon_update_cntdwn net/mac80211/tx.c:5035 [inline]
er_socket permis[ 71.589588][ C2] ? __ieee80211_beacon_get+0x14ab/0x16b0 net/mac80211/tx.c:5469
si[ 71.591735][ C2] ieee80211_beacon_get_tim+0xa7/0x280 net/mac80211/tx.c:5596
Jan 27 22:47:14 [ 71.614223][ C2] ? __pfx___hrtimer_run_queues+0x10/0x10 include/trace/events/timer.h:222
syzkaller kern.n[ 71.619260][ C2] handle_softirqs+0x213/0x8f0 kernel/softirq.c:561
otice kernel: [ [ 71.621158][ C2] ? __pfx_handle_softirqs+0x10/0x10 include/trace/events/irq.h:156
71.206999][ [ 71.623160][ C2] ? rcu_lock_release include/linux/rcupdate.h:347 [inline]
71.206999][ [ 71.623160][ C2] ? rcu_read_unlock_bh include/linux/rcupdate.h:917 [inline]
71.206999][ [ 71.623160][ C2] ? __dev_queue_xmit+0x89b/0x43e0 net/core/dev.c:4611
T39] audit: type[ 71.625157][ C2] do_softirq kernel/softirq.c:462 [inline]
T39] audit: type[ 71.625157][ C2] do_softirq+0xb2/0xf0 kernel/softirq.c:449
=1400 audit(1738[ 71.626849][ C2] </IRQ>
018034.323:3485)[ 71.628241][ C2] <TASK>
: avc: denied [ 71.629591][ C2] __local_bh_enable_ip+0x100/0x120 kernel/softirq.c:389
{ read } for pi[ 71.631612][ C2] ? rcu_lock_release include/linux/rcupdate.h:347 [inline]
{ read } for pi[ 71.631612][ C2] ? rcu_read_unlock_bh include/linux/rcupdate.h:917 [inline]
{ read } for pi[ 71.631612][ C2] ? __dev_queue_xmit+0x89b/0x43e0 net/core/dev.c:4611
d=5336 comm="sys[ 71.633591][ C2] local_bh_enable include/linux/bottom_half.h:33 [inline]
d=5336 comm="sys[ 71.633591][ C2] rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]
d=5336 comm="sys[ 71.633591][ C2] __dev_queue_xmit+0x8b0/0x43e0 net/core/dev.c:4611
logd" name="log"[ 71.635522][ C2] ? __pfx___dev_queue_xmit+0x10/0x10 include/linux/netdevice.h:3825
dev="sda1" ino=[ 71.637626][ C2] ? __pfx___lock_acquire+0x10/0x10 kernel/locking/lockdep.c:4389
1915 scontext=sy[ 71.639638][ C2] ? __pfx___lock_acquire+0x10/0x10 kernel/locking/lockdep.c:4389
stem_u:system_r:[ 71.641634][ C2] ? lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851
syslogd_t tconte[ 71.643650][ C2] ? find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:5341
xt=system_u:obje[ 71.645540][ C2] ? find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:5341
ct_r:var_t tclas[ 71.647398][ C2] ? spin_unlock_irq include/linux/spinlock.h:401 [inline]
ct_r:var_t tclas[ 71.647398][ C2] ? tx+0xa8/0x190 drivers/block/aoe/aoenet.c:60
s=
Jan 27 22:47:14 [ 71.658874][ C2] ? __pfx_kthread+0x10/0x10 arch/x86/include/asm/bitops.h:206
syzkaller kern.n[ 71.669505][ C2] ? __pfx_kthread+0x10/0x10 arch/x86/include/asm/bitops.h:206
otice kernel: [ [ 71.671354][ C2] ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
71.238225][ [ 71.673261][ C2] </TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Powered by blists - more mailing lists