All of lore.kernel.org
 help / color / mirror / Atom feed
From: syzbot <syzbot+8a5dadc5c0b1d7055945@syzkaller.appspotmail.com>
To: andrii.nakryiko@gmail.com, andriin@fb.com, ast@kernel.org,
	bpf@vger.kernel.org, dan.carpenter@oracle.com,
	daniel@iogearbox.net, john.fastabend@gmail.com, kafai@fb.com,
	kpsingh@chromium.org, linux-kernel@vger.kernel.org,
	netdev@vger.kernel.org, songliubraving@fb.com,
	syzkaller-bugs@googlegroups.com, yhs@fb.com
Subject: Re: WARNING in bpf_cgroup_link_release
Date: Mon, 31 Aug 2020 19:58:15 -0700	[thread overview]
Message-ID: <000000000000c5d18605ae37b04c@google.com> (raw)
In-Reply-To: <000000000000500e6f05a34ecc01@google.com>

syzbot has found a reproducer for the following issue on:

HEAD commit:    bb8872a1 tipc: fix using smp_processor_id() in preemptible
git tree:       net
console output: https://syzkaller.appspot.com/x/log.txt?x=10aa0271900000
kernel config:  https://syzkaller.appspot.com/x/.config?x=a0437fdd630bee11
dashboard link: https://syzkaller.appspot.com/bug?extid=8a5dadc5c0b1d7055945
compiler:       gcc (GCC) 10.1.0-syz 20200507
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1291cbde900000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=12896476900000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+8a5dadc5c0b1d7055945@syzkaller.appspotmail.com

RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009
R13: 00007ffeea853240 R14: 0000000000000000 R15: 0000000000000000
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6859 at kernel/bpf/cgroup.c:833 bpf_cgroup_link_release.part.0+0x28b/0x380 kernel/bpf/cgroup.c:833
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 6859 Comm: syz-executor054 Not tainted 5.9.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x18f/0x20d lib/dump_stack.c:118
 panic+0x2e3/0x75c kernel/panic.c:231
 __warn.cold+0x20/0x4a kernel/panic.c:600
 report_bug+0x1bd/0x210 lib/bug.c:198
 handle_bug+0x38/0x90 arch/x86/kernel/traps.c:234
 exc_invalid_op+0x14/0x40 arch/x86/kernel/traps.c:254
 asm_exc_invalid_op+0x12/0x20 arch/x86/include/asm/idtentry.h:536
RIP: 0010:bpf_cgroup_link_release.part.0+0x28b/0x380 kernel/bpf/cgroup.c:833
Code: 01 e8 ce e0 cd ff e9 f1 fe ff ff e8 3f 60 e7 ff 48 c7 c7 00 d4 bf 89 e8 83 ad 68 06 5b 5d 41 5c e9 2a 60 e7 ff e8 25 60 e7 ff <0f> 0b e9 01 fe ff ff e8 19 60 e7 ff e8 e4 2a d4 ff 31 ff 89 c3 89
RSP: 0018:ffffc90005367d38 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff888094525700 RCX: ffffffff818cdceb
RDX: ffff8880978ec240 RSI: ffffffff818cdeeb RDI: 0000000000000005
RBP: 00000000fffffff4 R08: 0000000000000001 R09: ffffffff89c97453
R10: 0000000000000000 R11: 0000000035383654 R12: ffff888094525768
R13: ffffffffffffffa1 R14: 0000000000000022 R15: 0000000000000008
 bpf_cgroup_link_release kernel/bpf/cgroup.c:822 [inline]
 bpf_cgroup_link_detach+0x38/0x50 kernel/bpf/cgroup.c:854
 link_detach kernel/bpf/syscall.c:4009 [inline]
 __do_sys_bpf+0x667/0x4c20 kernel/bpf/syscall.c:4267
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x442229
Code: e8 1c b4 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffeea8531e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000442229
RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000022
RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009
R13: 00007ffeea853240 R14: 0000000000000000 R15: 0000000000000000
Kernel Offset: disabled
Rebooting in 86400 seconds..


      parent reply	other threads:[~2020-09-01  2:58 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-15  6:55 WARNING in bpf_cgroup_link_release syzbot
2020-04-15 11:57 ` Daniel Borkmann
2020-04-15 16:51   ` Andrii Nakryiko
2020-04-16 10:26     ` Dan Carpenter
2020-04-16 19:47       ` Andrii Nakryiko
2020-09-01  2:58 ` syzbot [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=000000000000c5d18605ae37b04c@google.com \
    --to=syzbot+8a5dadc5c0b1d7055945@syzkaller.appspotmail.com \
    --cc=andrii.nakryiko@gmail.com \
    --cc=andriin@fb.com \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=dan.carpenter@oracle.com \
    --cc=daniel@iogearbox.net \
    --cc=john.fastabend@gmail.com \
    --cc=kafai@fb.com \
    --cc=kpsingh@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=songliubraving@fb.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=yhs@fb.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.