From: patchwork-bot+netdevbpf@kernel.org
To: Davide Caratti <dcaratti@redhat.com>
Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us,
davem@davemloft.net, kuba@kernel.org, wenxu@ucloud.cn,
marcelo.leitner@gmail.com, shuali@redhat.com,
netdev@vger.kernel.org
Subject: Re: [PATCH net] net/sched: act_ct: fix wild memory access when clearing fragments
Date: Mon, 26 Apr 2021 20:40:09 +0000 [thread overview]
Message-ID: <161946960916.8317.10070114864783131903.git-patchwork-notify@kernel.org> (raw)
In-Reply-To: <a72b5a4239942c5cc0152e4efba17b544a8a19fb.1619450967.git.dcaratti@redhat.com>
Hello:
This patch was applied to netdev/net-next.git (refs/heads/master):
On Mon, 26 Apr 2021 17:45:51 +0200 you wrote:
> while testing re-assembly/re-fragmentation using act_ct, it's possible to
> observe a crash like the following one:
>
> KASAN: maybe wild-memory-access in range [0x0001000000000448-0x000100000000044f]
> CPU: 50 PID: 0 Comm: swapper/50 Tainted: G S 5.12.0-rc7+ #424
> Hardware name: Dell Inc. PowerEdge R730/072T6D, BIOS 2.4.3 01/17/2017
> RIP: 0010:inet_frag_rbtree_purge+0x50/0xc0
> Code: 00 fc ff df 48 89 c3 31 ed 48 89 df e8 a9 7a 38 ff 4c 89 fe 48 89 df 49 89 c6 e8 5b 3a 38 ff 48 8d 7b 40 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 75 59 48 8d bb d0 00 00 00 4c 8b 6b 40 48 89 f8 48
> RSP: 0018:ffff888c31449db8 EFLAGS: 00010203
> RAX: 0000200000000089 RBX: 000100000000040e RCX: ffffffff989eb960
> RDX: 0000000000000140 RSI: ffffffff97cfb977 RDI: 000100000000044e
> RBP: 0000000000000900 R08: 0000000000000000 R09: ffffed1186289350
> R10: 0000000000000003 R11: ffffed1186289350 R12: dffffc0000000000
> R13: 000100000000040e R14: 0000000000000000 R15: ffff888155e02160
> FS: 0000000000000000(0000) GS:ffff888c31440000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00005600cb70a5b8 CR3: 0000000a2c014005 CR4: 00000000003706e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> Call Trace:
> <IRQ>
> inet_frag_destroy+0xa9/0x150
> call_timer_fn+0x2d/0x180
> run_timer_softirq+0x4fe/0xe70
> __do_softirq+0x197/0x5a0
> irq_exit_rcu+0x1de/0x200
> sysvec_apic_timer_interrupt+0x6b/0x80
> </IRQ>
>
> [...]
Here is the summary with links:
- [net] net/sched: act_ct: fix wild memory access when clearing fragments
https://git.kernel.org/netdev/net-next/c/f77bd544a6bb
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
prev parent reply other threads:[~2021-04-26 20:40 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-26 15:45 [PATCH net] net/sched: act_ct: fix wild memory access when clearing fragments Davide Caratti
2021-04-26 20:40 ` patchwork-bot+netdevbpf [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=161946960916.8317.10070114864783131903.git-patchwork-notify@kernel.org \
--to=patchwork-bot+netdevbpf@kernel.org \
--cc=davem@davemloft.net \
--cc=dcaratti@redhat.com \
--cc=jhs@mojatatu.com \
--cc=jiri@resnulli.us \
--cc=kuba@kernel.org \
--cc=marcelo.leitner@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=shuali@redhat.com \
--cc=wenxu@ucloud.cn \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.