* [BUG] kernel BUG in team driver: buffer overflow in team_add_slave()
@ 2026-06-08 10:00 Yeswanth Krishna
2026-06-08 12:04 ` Yeswanth Krishna
2026-06-08 12:12 ` Jiayuan Chen
0 siblings, 2 replies; 3+ messages in thread
From: Yeswanth Krishna @ 2026-06-08 10:00 UTC (permalink / raw)
To: netdev, venkat88; +Cc: linux-kernel, linuxppc-dev
Hi Team ,
I encountered a kernel crash while running selftests on kernel 7.1.0-rc6
on a POWER10 system. The crash occurs when adding a slave device to a
team interface, triggered by FORTIFY_SOURCE detecting a buffer overflow.
**System Information:**
- Kernel: 7.1.0-rc6-160099.42-default+ (commit d548c6f4301b)
- Architecture: powerpc64le (ppc64le)
- Hardware: IBM POWER10 (9043-MRX), pSeries
- Config: CONFIG_FORTIFY_SOURCE=y
**Crash Location:**
[ 3492.897824][T77143] kernel BUG at lib/string_helpers.c:1044!
[ 3492.898057][T77143] NIP [c000000000ac1120] __fortify_panic+0x18/0x28
[ 3492.898096][T77143] [c00000000efdb350] [c00800000b857a18]
team_add_slave+0xc60/0xcc0 [team]
**Call Trace:**
__fortify_panic+0x18/0x28
team_add_slave+0xc60/0xcc0 [team]
do_set_master+0x19c/0x240
do_setlink.isra.0+0x388/0x1450
rtnl_newlink+0xac8/0x1030
rtnetlink_rcv_msg+0x450/0x530
netlink_rcv_skb+0x74/0x1b0
rtnetlink_rcv+0x24/0x40
netlink_unicast+0x2e0/0x430
netlink_sendmsg+0x210/0x580
____sys_sendmsg+0x30c/0x470
___sys_sendmsg+0x94/0xf0
__sys_sendmsg+0x84/0x100
system_call_exception+0x154/0x2b0
**Reproducer:**
The crash is 100% reproducible via selftests:
```bash
cd tools/testing/selftests
make -C drivers/net/team run_tests
Please add below reported-by tag:
yeswanth <yeswanth@linux.ibm.com>
Thanks,
Yeswanth Krishna
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [BUG] kernel BUG in team driver: buffer overflow in team_add_slave()
2026-06-08 10:00 [BUG] kernel BUG in team driver: buffer overflow in team_add_slave() Yeswanth Krishna
@ 2026-06-08 12:04 ` Yeswanth Krishna
2026-06-08 12:12 ` Jiayuan Chen
1 sibling, 0 replies; 3+ messages in thread
From: Yeswanth Krishna @ 2026-06-08 12:04 UTC (permalink / raw)
To: netdev, venkat88; +Cc: linux-kernel, linuxppc-dev
Please add this tag Reported-by: yeswanth <yeswanth@linux.ibm.com>
On 08/06/26 3:30 pm, Yeswanth Krishna wrote:
> Hi Team ,
>
> I encountered a kernel crash while running selftests on kernel 7.1.0-rc6
> on a POWER10 system. The crash occurs when adding a slave device to a
> team interface, triggered by FORTIFY_SOURCE detecting a buffer overflow.
>
> **System Information:**
> - Kernel: 7.1.0-rc6-160099.42-default+ (commit d548c6f4301b)
> - Architecture: powerpc64le (ppc64le)
> - Hardware: IBM POWER10 (9043-MRX), pSeries
> - Config: CONFIG_FORTIFY_SOURCE=y
>
> **Crash Location:**
>
> [ 3492.897824][T77143] kernel BUG at lib/string_helpers.c:1044!
> [ 3492.898057][T77143] NIP [c000000000ac1120] __fortify_panic+0x18/0x28
> [ 3492.898096][T77143] [c00000000efdb350] [c00800000b857a18]
> team_add_slave+0xc60/0xcc0 [team]
>
>
> **Call Trace:**
>
> __fortify_panic+0x18/0x28
> team_add_slave+0xc60/0xcc0 [team]
> do_set_master+0x19c/0x240
> do_setlink.isra.0+0x388/0x1450
> rtnl_newlink+0xac8/0x1030
> rtnetlink_rcv_msg+0x450/0x530
> netlink_rcv_skb+0x74/0x1b0
> rtnetlink_rcv+0x24/0x40
> netlink_unicast+0x2e0/0x430
> netlink_sendmsg+0x210/0x580
> ____sys_sendmsg+0x30c/0x470
> ___sys_sendmsg+0x94/0xf0
> __sys_sendmsg+0x84/0x100
> system_call_exception+0x154/0x2b0
>
> **Reproducer:**
> The crash is 100% reproducible via selftests:
> ```bash
> cd tools/testing/selftests
> make -C drivers/net/team run_tests
>
> Please add below reported-by tag:
> yeswanth <yeswanth@linux.ibm.com>
>
>
> Thanks,
> Yeswanth Krishna
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [BUG] kernel BUG in team driver: buffer overflow in team_add_slave()
2026-06-08 10:00 [BUG] kernel BUG in team driver: buffer overflow in team_add_slave() Yeswanth Krishna
2026-06-08 12:04 ` Yeswanth Krishna
@ 2026-06-08 12:12 ` Jiayuan Chen
1 sibling, 0 replies; 3+ messages in thread
From: Jiayuan Chen @ 2026-06-08 12:12 UTC (permalink / raw)
To: Yeswanth Krishna, netdev, venkat88; +Cc: linux-kernel, linuxppc-dev
On 6/8/26 6:00 PM, Yeswanth Krishna wrote:
> Hi Team ,
>
> I encountered a kernel crash while running selftests on kernel 7.1.0-rc6
> on a POWER10 system. The crash occurs when adding a slave device to a
> team interface, triggered by FORTIFY_SOURCE detecting a buffer overflow.
>
> **System Information:**
> - Kernel: 7.1.0-rc6-160099.42-default+ (commit d548c6f4301b)
> - Architecture: powerpc64le (ppc64le)
> - Hardware: IBM POWER10 (9043-MRX), pSeries
> - Config: CONFIG_FORTIFY_SOURCE=y
>
> **Crash Location:**
>
> [ 3492.897824][T77143] kernel BUG at lib/string_helpers.c:1044!
> [ 3492.898057][T77143] NIP [c000000000ac1120] __fortify_panic+0x18/0x28
> [ 3492.898096][T77143] [c00000000efdb350] [c00800000b857a18]
> team_add_slave+0xc60/0xcc0 [team]
>
>
> **Call Trace:**
>
> __fortify_panic+0x18/0x28
> team_add_slave+0xc60/0xcc0 [team]
> do_set_master+0x19c/0x240
> do_setlink.isra.0+0x388/0x1450
> rtnl_newlink+0xac8/0x1030
> rtnetlink_rcv_msg+0x450/0x530
> netlink_rcv_skb+0x74/0x1b0
> rtnetlink_rcv+0x24/0x40
> netlink_unicast+0x2e0/0x430
> netlink_sendmsg+0x210/0x580
> ____sys_sendmsg+0x30c/0x470
> ___sys_sendmsg+0x94/0xf0
> __sys_sendmsg+0x84/0x100
> system_call_exception+0x154/0x2b0
>
> **Reproducer:**
> The crash is 100% reproducible via selftests:
> ```bash
> cd tools/testing/selftests
> make -C drivers/net/team run_tests
I tried this under x86, but the warning was not triggered with
CONFIG_FORTIFY_SOURCE.
Hope somebody who has a PPC system can test it.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-06-08 12:13 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-08 10:00 [BUG] kernel BUG in team driver: buffer overflow in team_add_slave() Yeswanth Krishna
2026-06-08 12:04 ` Yeswanth Krishna
2026-06-08 12:12 ` Jiayuan Chen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox