From nobody Wed Oct 8 11:01:21 2025 Received: from plesk.hostmyservers.fr (plesk.hostmyservers.fr [45.145.164.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1527E1F92A; Sun, 29 Jun 2025 13:35:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=45.145.164.37 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751204111; cv=none; b=qAEeIxOmHksQ1mOWEm3porL95xTeru+dozEFwkm5SM2EDLwdlZGDbj1ChSwYFJx9RnBAzqtMrAYw17OoQJqpHWwxC0LCU+28pmRX/L1dGw1YVw9SU5yQUFDhsqKdkxavDXGUcr+3pu3tDn5aTnB/gGcXG9LPCFBE4zfvNtVa5Yk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751204111; c=relaxed/simple; bh=tcug8XrJIcCuYfiSBxqFOEwin4mfCE6UNDWtr7RJpYQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FsvrUuRMbbFYl5LJIRG+uXJMZPd5jE02DS6pMLnDF5JhAE2mvt9Su2SLqKhhWQSjdqeJJP/jzvhU3lNV3d+UNuE3OvtHMzAFlHIj0raKKu3jHmmT2vypvOEVqYl7TAul2JgylJ/3puexfpUShbnK9QxbShySzEq9SKChtTGJk6g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=arnaud-lcm.com; spf=pass smtp.mailfrom=arnaud-lcm.com; arc=none smtp.client-ip=45.145.164.37 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=arnaud-lcm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=arnaud-lcm.com Received: from arnaudlcm-X570-UD.. (unknown [IPv6:2a02:8084:255b:aa00:d1f3:4f54:4c66:bf44]) by plesk.hostmyservers.fr (Postfix) with ESMTPSA id 0692241B49; Sun, 29 Jun 2025 13:29:39 +0000 (UTC) Authentication-Results: Plesk; spf=pass (sender IP is 2a02:8084:255b:aa00:d1f3:4f54:4c66:bf44) smtp.mailfrom=contact@arnaud-lcm.com smtp.helo=arnaudlcm-X570-UD.. Received-SPF: pass (Plesk: connection is authenticated) From: Arnaud Lecomte To: syzbot+827ae2bfb3a3529333e9@syzkaller.appspotmail.com Cc: agordeev@linux.ibm.com, alibuda@linux.alibaba.com, davem@davemloft.net, edumazet@google.com, guwen@linux.alibaba.com, horms@kernel.org, jaka@linux.ibm.com, kuba@kernel.org, linux-kernel@vger.kernel.org, linux-rdma@vger.kernel.org, linux-s390@vger.kernel.org, netdev@vger.kernel.org, pabeni@redhat.com, syzkaller-bugs@googlegroups.com, tonylu@linux.alibaba.com, wenjia@linux.ibm.com Subject: syztest Date: Sun, 29 Jun 2025 14:29:32 +0100 Message-ID: <20250629132933.33599-1-contact@arnaud-lcm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <67eaf9b8.050a0220.3c3d88.004a.GAE@google.com> References: <67eaf9b8.050a0220.3c3d88.004a.GAE@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-PPP-Message-ID: <175120378100.6050.10331989249896580154@Plesk> X-PPP-Vhost: arnaud-lcm.com Content-Type: text/plain; charset="utf-8" #syz test --- a/net/smc/af_smc.c +++ b/net/smc/af_smc.c @@ -123,11 +123,14 @@ static struct sock *smc_tcp_syn_recv_sock(const struc= t sock *sk, struct request_sock *req_unhash, bool *own_req) { + read_lock_bh(&((struct sock *)sk)->sk_callback_lock); struct smc_sock *smc; struct sock *child; - smc =3D smc_clcsock_user_data(sk); =20 + if (!smc) + goto drop; + if (READ_ONCE(sk->sk_ack_backlog) + atomic_read(&smc->queued_smc_hs) > sk->sk_max_ack_backlog) goto drop; @@ -148,9 +151,11 @@ static struct sock *smc_tcp_syn_recv_sock(const struct= sock *sk, if (inet_csk(child)->icsk_af_ops =3D=3D inet_csk(sk)->icsk_af_ops) inet_csk(child)->icsk_af_ops =3D smc->ori_af_ops; } + read_unlock_bh(&((struct sock *)sk)->sk_callback_lock); return child; =20 drop: + read_unlock_bh(&((struct sock *)sk)->sk_callback_lock); dst_release(dst); tcp_listendrop(sk); return NULL; @@ -2613,7 +2618,7 @@ int smc_listen(struct socket *sock, int backlog) int rc; =20 smc =3D smc_sk(sk); - lock_sock(sk); + lock_sock(sock->sk); =20 rc =3D -EINVAL; if ((sk->sk_state !=3D SMC_INIT && sk->sk_state !=3D SMC_LISTEN) || --=20 2.43.0