| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250407063703.20757-1-kuniyu@amazon.com>
Date: Sun, 6 Apr 2025 23:37:01 -0700
From: Kuniyuki Iwashima <kuniyu@...zon.com>
To: <syzbot+45016fe295243a7882d3@...kaller.appspotmail.com>
CC: <andrew+netdev@...n.ch>, <davem@...emloft.net>, <edumazet@...gle.com>,
<horms@...nel.org>, <kuba@...nel.org>, <kuniyu@...zon.com>,
<linux-kernel@...r.kernel.org>, <netdev@...r.kernel.org>,
<pabeni@...hat.com>, <sdf@...ichev.me>, <syzkaller-bugs@...glegroups.com>
Subject: Re: [syzbot] [net?] WARNING: bad unlock balance in do_setlink
From: syzbot <syzbot+45016fe295243a7882d3@...kaller.appspotmail.com>
Date: Sun, 06 Apr 2025 22:57:35 -0700
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 8bc251e5d874 Merge tag 'nf-25-04-03' of git://git.kernel.o..
> git tree: net
> console+strace: https://syzkaller.appspot.com/x/log.txt?x=1133afb0580000
> kernel config: https://syzkaller.appspot.com/x/.config?x=24f9c4330e7c0609
> dashboard link: https://syzkaller.appspot.com/bug?extid=45016fe295243a7882d3
> compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1040823f980000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=151d194c580000
>
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/a500d5daba83/disk-8bc251e5.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/2459c792199a/vmlinux-8bc251e5.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/558655fb055e/bzImage-8bc251e5.xz
>
> The issue was bisected to:
>
> commit dbfc99495d960134bfe1a4f13849fb0d5373b42c
> Author: Stanislav Fomichev <sdf@...ichev.me>
> Date: Tue Apr 1 16:34:47 2025 +0000
>
> net: dummy: request ops lock
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13233998580000
> final oops: https://syzkaller.appspot.com/x/report.txt?x=10a33998580000
> console output: https://syzkaller.appspot.com/x/log.txt?x=17233998580000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+45016fe295243a7882d3@...kaller.appspotmail.com
> Fixes: dbfc99495d96 ("net: dummy: request ops lock")
>
> =====================================
> WARNING: bad unlock balance detected!
> 6.14.0-syzkaller-12504-g8bc251e5d874 #0 Not tainted
> -------------------------------------
> syz-executor814/5834 is trying to release lock (&dev_instance_lock_key) at:
> [<ffffffff89f41f56>] netdev_unlock include/linux/netdevice.h:2756 [inline]
> [<ffffffff89f41f56>] netdev_unlock_ops include/net/netdev_lock.h:48 [inline]
> [<ffffffff89f41f56>] do_setlink+0xc26/0x43a0 net/core/rtnetlink.c:3406
> but there are no more locks to release!
#syz test
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index c23852835050..925d634f724e 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -3027,7 +3027,7 @@ static int do_setlink(const struct sk_buff *skb, struct net_device *dev,
err = validate_linkmsg(dev, tb, extack);
if (err < 0)
- goto errout;
+ return err;
if (tb[IFLA_IFNAME])
nla_strscpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
Powered by blists - more mailing lists