Hello:
This series was applied to bpf/bpf-next.git (master)
by Alexei Starovoitov <[email protected]>:
On Sat, 24 Jan 2026 19:32:42 +0800 you wrote:
> syzkaller reported a bug [1] where a socket using sockmap, after being
> unloaded, exposed incorrect copied_seq calculation. The selftest I
> provided can be used to reproduce the issue reported by syzkaller.
>
> TCP recvmsg seq # bug 2: copied E92C873, seq E68D125, rcvnxt E7CEB7C, fl 40
> WARNING: CPU: 1 PID: 5997 at net/ipv4/tcp.c:2724
> tcp_recvmsg_locked+0xb2f/0x2910 net/ipv4/tcp.c:2724
> Call Trace:
> <TASK>
> receive_fallback_to_copy net/ipv4/tcp.c:1968 [inline]
> tcp_zerocopy_receive+0x131a/0x2120 net/ipv4/tcp.c:2200
> do_tcp_getsockopt+0xe28/0x26c0 net/ipv4/tcp.c:4713
> tcp_getsockopt+0xdf/0x100 net/ipv4/tcp.c:4812
> do_sock_getsockopt+0x34d/0x440 net/socket.c:2421
> __sys_getsockopt+0x12f/0x260 net/socket.c:2450
> __do_sys_getsockopt net/socket.c:2457 [inline]
> __se_sys_getsockopt net/socket.c:2454 [inline]
> __x64_sys_getsockopt+0xbd/0x160 net/socket.c:2454
> do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
> do_syscall_64+0xcd/0xfa0 arch/x86/entry/syscall_64.c:94
> entry_SYSCALL_64_after_hwframe+0x77/0x7f
>
> [...]
Here is the summary with links:
- [bpf-next,v9,1/3] bpf, sockmap: Fix incorrect copied_seq calculation
https://git.kernel.org/bpf/bpf-next/c/b40cc5adaa80
- [bpf-next,v9,2/3] bpf, sockmap: Fix FIONREAD for sockmap
https://git.kernel.org/bpf/bpf-next/c/929e30f93125
- [bpf-next,v9,3/3] bpf, selftest: Add tests for FIONREAD and copied_seq
https://git.kernel.org/bpf/bpf-next/c/17e2ce02bf56
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
