From: syzbot <syzbot+c0998868487c1f7e05e5@syzkaller.appspotmail.com>
To: akpm@linux-foundation.org, aneesh.kumar@linux.ibm.com,
bpf@vger.kernel.org, davem@davemloft.net, dhowells@redhat.com,
edumazet@google.com, hch@lst.de, jhubbard@nvidia.com,
kuba@kernel.org, linux-arch@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
netdev@vger.kernel.org, npiggin@gmail.com, pabeni@redhat.com,
peterz@infradead.org, syzkaller-bugs@googlegroups.com,
will@kernel.org
Subject: [syzbot] kernel BUG in process_one_work
Date: Mon, 06 Feb 2023 01:23:40 -0800 [thread overview]
Message-ID: <0000000000003a78a905f4049614@google.com> (raw)
Hello,
syzbot found the following issue on:
HEAD commit: 4fafd96910ad Add linux-next specific files for 20230203
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=17e5d623480000
kernel config: https://syzkaller.appspot.com/x/.config?x=1d2fba7d42502ca4
dashboard link: https://syzkaller.appspot.com/bug?extid=c0998868487c1f7e05e5
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=148901bb480000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14911ba5480000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/348cc2da441a/disk-4fafd969.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/e2dedc500f12/vmlinux-4fafd969.xz
kernel image: https://storage.googleapis.com/syzbot-assets/fae710d9ebd8/bzImage-4fafd969.xz
The issue was bisected to:
commit 920756a3306a35f1c08f25207d375885bef98975
Author: David Howells <dhowells@redhat.com>
Date: Sat Jan 21 12:51:18 2023 +0000
block: Convert bio_iov_iter_get_pages to use iov_iter_extract_pages
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13d93dd9480000
final oops: https://syzkaller.appspot.com/x/report.txt?x=10393dd9480000
console output: https://syzkaller.appspot.com/x/log.txt?x=17d93dd9480000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c0998868487c1f7e05e5@syzkaller.appspotmail.com
Fixes: 920756a3306a ("block: Convert bio_iov_iter_get_pages to use iov_iter_extract_pages")
skbuff: skb_over_panic: text:ffffffff8615b76f len:20 put:20 head:0000000000000000 data:0000000000000000 tail:0x14 end:0x0 dev:<NULL>
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:122!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 6.2.0-rc6-next-20230203-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
Workqueue: events nsim_dev_trap_report_work
RIP: 0010:skb_panic+0x152/0x1d0 net/core/skbuff.c:122
Code: 0f b6 04 01 84 c0 74 04 3c 03 7e 20 8b 4b 70 41 56 45 89 e8 48 c7 c7 40 11 5c 8b 41 57 56 48 89 ee 52 4c 89 e2 e8 de 43 5e f9 <0f> 0b 4c 89 4c 24 10 48 89 54 24 08 48 89 34 24 e8 a9 66 c9 f9 4c
RSP: 0018:ffffc90000a1fbc0 EFLAGS: 00010286
RAX: 0000000000000084 RBX: ffff88802b3e6500 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8168dfbc RDI: 0000000000000005
RBP: ffffffff8b5c1f80 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000001 R11: 0000000000000000 R12: ffffffff8615b76f
R13: 0000000000000014 R14: ffffffff8b5c1100 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fdf942b0150 CR3: 000000007a8e3000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
skb_over_panic net/core/skbuff.c:127 [inline]
skb_put+0x16f/0x1a0 net/core/skbuff.c:2261
nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:764 [inline]
nsim_dev_trap_report drivers/net/netdevsim/dev.c:808 [inline]
nsim_dev_trap_report_work+0x4df/0xc80 drivers/net/netdevsim/dev.c:853
process_one_work+0x9bf/0x1820 kernel/workqueue.c:2390
worker_thread+0x669/0x1090 kernel/workqueue.c:2537
kthread+0x2e8/0x3a0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
</TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:skb_panic+0x152/0x1d0 net/core/skbuff.c:122
Code: 0f b6 04 01 84 c0 74 04 3c 03 7e 20 8b 4b 70 41 56 45 89 e8 48 c7 c7 40 11 5c 8b 41 57 56 48 89 ee 52 4c 89 e2 e8 de 43 5e f9 <0f> 0b 4c 89 4c 24 10 48 89 54 24 08 48 89 34 24 e8 a9 66 c9 f9 4c
RSP: 0018:ffffc90000a1fbc0 EFLAGS: 00010286
RAX: 0000000000000084 RBX: ffff88802b3e6500 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8168dfbc RDI: 0000000000000005
RBP: ffffffff8b5c1f80 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000001 R11: 0000000000000000 R12: ffffffff8615b76f
R13: 0000000000000014 R14: ffffffff8b5c1100 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fdf942b0150 CR3: 000000007a8e3000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
next reply other threads:[~2023-02-06 9:23 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-06 9:23 syzbot [this message]
2023-02-07 14:16 ` [syzbot] kernel BUG in process_one_work David Howells
2023-02-07 14:50 ` syzbot
2023-02-07 15:09 ` David Howells
[not found] <20230206140214.1911-1-hdanton@sina.com>
2023-02-06 17:15 ` syzbot
[not found] <20230207002846.844-1-hdanton@sina.com>
2023-02-07 1:09 ` syzbot
[not found] <20230207023236.975-1-hdanton@sina.com>
2023-02-07 2:47 ` syzbot
[not found] <20230207032427.1028-1-hdanton@sina.com>
2023-02-07 3:41 ` syzbot
[not found] <20230207045013.1083-1-hdanton@sina.com>
2023-02-07 5:12 ` syzbot
[not found] <20230207072656.1175-1-hdanton@sina.com>
2023-02-07 7:43 ` syzbot
[not found] <20230207082506.1322-1-hdanton@sina.com>
2023-02-07 8:50 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0000000000003a78a905f4049614@google.com \
--to=syzbot+c0998868487c1f7e05e5@syzkaller.appspotmail.com \
--cc=akpm@linux-foundation.org \
--cc=aneesh.kumar@linux.ibm.com \
--cc=bpf@vger.kernel.org \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=edumazet@google.com \
--cc=hch@lst.de \
--cc=jhubbard@nvidia.com \
--cc=kuba@kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=netdev@vger.kernel.org \
--cc=npiggin@gmail.com \
--cc=pabeni@redhat.com \
--cc=peterz@infradead.org \
--cc=syzkaller-bugs@googlegroups.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.