Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp4055633rwi; Wed, 12 Oct 2022 10:00:24 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7xmV0HHn5pWDdXyhqvLjLCxwYHNKPS/AkvS2J0OAZ4VSIuDEFx9bq8JIxtKHBsF3cu7RnK X-Received: by 2002:a05:6a00:1d05:b0:563:5715:7f3d with SMTP id a5-20020a056a001d0500b0056357157f3dmr17960535pfx.48.1665594024204; Wed, 12 Oct 2022 10:00:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665594024; cv=none; d=google.com; s=arc-20160816; b=gzyvHN151PH8svnsrK3l/L/9727+qSsb98KFJc7HpLwUqbdnb5bJLhi1bre8V90pmx PIRmpxD54MsZuaXyS399n6Au2wrRhCkd8sPCX0Kr9uMjlzVAZRghPPDS/klWMpx5oAhv kRyq35gQXGLYBrS670HkRLYJYbg+GARVd5uxM49/TKTaFRt0sOpx0PmC+wdCYXjX76NA M0bgGnRGF1vgG15w2ArK1XP1ZhZOgZ2FhHDWKKIZ56dVxbedfOZSRh+eXx27zdCQVvn5 HzRq/rYcf8sXkScIQ2dC5p56rRwqBMhX6zQYF0xd2mnnXNJKkzDqm7X+wq2piZ5wMg23 Mnxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=h+F92RkYhFsQOtGvE4sV1yhvRS5q4N+++0G7TOCIAAE=; b=nhP3my42RnlWw+kV9mvubXhHUFwfrsruhiKcFfgYE2sS4I6g3rD6lGGEzyr+pY+aRL Pk32ii4ePtHOV8eFN0waMsjI1E1jVph6vUClX1i4qpzeFnDGCRFrEZPn16YWrKRpqSDS 40/1H2RFJsety5kOm9P1EoYNAAmdbHJVwhHpefewwKgnSDLMsJmQRod8hiU/uClhsY7D edZeHwQKy4dRZecrJxX0GfdKqR92qAhIrLxBuzxrtoAOHdCfUgCEQ78lPDvYOwUQTNgf YlC74AgqUZM64b+HPfKQM7jOrvWh3wCAGOaAI2egDmFBteFZ+rr8qN+BAcG20iyMjqmY eojg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=VuhOIML5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s82-20020a632c55000000b0042ff6b15129si18772525pgs.2.2022.10.12.10.00.11; Wed, 12 Oct 2022 10:00:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=VuhOIML5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230074AbiJLQm5 (ORCPT + 99 others); Wed, 12 Oct 2022 12:42:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39940 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229874AbiJLQmx (ORCPT ); Wed, 12 Oct 2022 12:42:53 -0400 Received: from mail-yb1-xb2f.google.com (mail-yb1-xb2f.google.com [IPv6:2607:f8b0:4864:20::b2f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E0C0EBB055 for ; Wed, 12 Oct 2022 09:42:51 -0700 (PDT) Received: by mail-yb1-xb2f.google.com with SMTP id 63so20647344ybq.4 for ; Wed, 12 Oct 2022 09:42:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=h+F92RkYhFsQOtGvE4sV1yhvRS5q4N+++0G7TOCIAAE=; b=VuhOIML5x4p+9jPGYEHYx6Qe2CMLDGInQ/ECsOzVpu4IZw1lnu8FcoTxAIMumN07Ta o+rRjfV2MLOCIW7hVl6MaPjMe0in5B16itWcHjIm4tMv+NAnmKfFX0AMpMMtawsM5F2L IWexc3OnT5WCSgf2rh4BPw3xeUUQAFqZT93Z87FEz0WwEvMatlFiEfXkAVNq3F06+/fh V4hoKHVerte5F8B7AM4VPFHvv7F4PxVM8cPrYwrr1Rn+UeuAgXm63DbSstk0vK/qrLWs Ep569RfFUSidGtCgeGK+JSP+ub9B5YdstWTmm9afjj75e9fFYZq6d4Fh08iH/TYGaU9B 63rg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=h+F92RkYhFsQOtGvE4sV1yhvRS5q4N+++0G7TOCIAAE=; b=VhZ8Gn8DHaITHod+JoCiSM8yoegJRXy5QgQXQTj1xPj0gGjGYMkcIjxCy0+O95Tq/y AatZCyi+bfzF5sD3U8gYHon0eOB4CSY4cKjfwBdH7Hg8EXgCPqSt54mkTL+h5P5ViITU NyMY1BLheHCIF6Yeeqb3TveFaUS3haqSI6PDnI84gcfZh8/WFRyw2XSPp4WrNJlH3RFL i2Y2YTMfm5R1iTcDT80xET7tCNdndppj4Z6DlcJqOyX0V3RE3KCmy3a47i0/KrXIgnvj VxGO8Xo45vj6OdPCm8/8xJbAxLycqPMwnf0gz7KHf+AUrQXrXvr6Kv5k5q3sPeBIGCE9 /L8w== X-Gm-Message-State: ACrzQf0PmkBEMGcKTli9V2c1PnbJRconVF9P9nGElLj9+gGYQzhKUWs+ XNkQIGWVrAz+Hj58nATzNZTU/pBGhgBwddhfveQpBA== X-Received: by 2002:a25:7a01:0:b0:6b0:820:dd44 with SMTP id v1-20020a257a01000000b006b00820dd44mr26544935ybc.387.1665592970881; Wed, 12 Oct 2022 09:42:50 -0700 (PDT) MIME-Version: 1.0 References: <000000000000c8900705ead19e41@google.com> In-Reply-To: From: Eric Dumazet Date: Wed, 12 Oct 2022 09:42:39 -0700 Message-ID: Subject: Re: [syzbot] kernel panic: kernel stack overflow To: Jiri Pirko Cc: Dmitry Vyukov , syzbot , davem@davemloft.net, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, pabeni@redhat.com, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 12, 2022 at 8:08 AM Jiri Pirko wrote: > > Wed, Oct 12, 2022 at 03:54:59PM CEST, dvyukov@google.com wrote: > >On Wed, 12 Oct 2022 at 15:11, Jiri Pirko wrote: > >> > >> Wed, Oct 12, 2022 at 09:53:27AM CEST, dvyukov@google.com wrote: > >> >On Wed, 12 Oct 2022 at 09:48, syzbot > >> > wrote: > >> >> > >> >> Hello, > >> >> > >> >> syzbot found the following issue on: > >> >> > >> >> HEAD commit: bbed346d5a96 Merge branch 'for-next/core' into for-kernelci > >> >> git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci > >> >> console output: https://syzkaller.appspot.com/x/log.txt?x=14a03a2a880000 > >> >> kernel config: https://syzkaller.appspot.com/x/.config?x=aae2d21e7dd80684 > >> >> dashboard link: https://syzkaller.appspot.com/bug?extid=60748c96cf5c6df8e581 > >> >> compiler: Debian clang version 13.0.1-++20220126092033+75e33f71c2da-1~exp1~20220126212112.63, GNU ld (GNU Binutils for Debian) 2.35.2 > >> >> userspace arch: arm64 > >> >> > >> >> Unfortunately, I don't have any reproducer for this issue yet. > >> >> > >> >> Downloadable assets: > >> >> disk image: https://storage.googleapis.com/syzbot-assets/11078f50b80b/disk-bbed346d.raw.xz > >> >> vmlinux: https://storage.googleapis.com/syzbot-assets/398e5f1e6c84/vmlinux-bbed346d.xz > >> >> > >> >> IMPORTANT: if you fix the issue, please add the following tag to the commit: > >> >> Reported-by: syzbot+60748c96cf5c6df8e581@syzkaller.appspotmail.com > >> > > >> >+Jiri > >> > > >> >It looks like the issue is with the team device. It seems to call > >> >itself infinitely. > >> >team_device_event was mentioned in stack overflow bugs in the past: > >> >https://groups.google.com/g/syzkaller-bugs/search?q=%22team_device_event%22 > >> > >> Hi, do you have dmesg output available by any chance? > > > >Hi Jiri, > > > >syzbot attaches dmesg output to every report under the "console output" link. > > I see. I guess the debug messages are not printed out, I don't see them > there. Would it be possible to turn them on? What debug messages do you need ? There is a nice stack trace [1] with file:number available My guess was that for some reason the team driver does not enforce a max nest level of 8 ? https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=65921376425fc9c8b7ce647e1f7989f7cdf5dd70 [1] CPU: 1 PID: 16874 Comm: syz-executor.3 Not tainted 6.0.0-rc7-syzkaller-18095-gbbed346d5a96 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 Call trace: dump_backtrace+0x1c4/0x1f0 arch/arm64/kernel/stacktrace.c:156 show_stack+0x2c/0x54 arch/arm64/kernel/stacktrace.c:163 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x104/0x16c lib/dump_stack.c:106 dump_stack+0x1c/0x58 lib/dump_stack.c:113 panic+0x218/0x50c kernel/panic.c:274 nmi_panic+0xbc/0xf0 kernel/panic.c:169 panic_bad_stack+0x134/0x154 arch/arm64/kernel/traps.c:906 handle_bad_stack+0x34/0x48 arch/arm64/kernel/entry-common.c:848 __bad_stack+0x78/0x7c arch/arm64/kernel/entry.S:549 mark_lock+0x4/0x1b4 kernel/locking/lockdep.c:4593 lock_acquire+0x100/0x1f8 kernel/locking/lockdep.c:5666 do_write_seqcount_begin_nested include/linux/seqlock.h:516 [inline] do_write_seqcount_begin include/linux/seqlock.h:541 [inline] psi_group_change+0x128/0x3d0 kernel/sched/psi.c:705 psi_task_switch+0x9c/0x310 kernel/sched/psi.c:851 psi_sched_switch kernel/sched/stats.h:194 [inline] __schedule+0x554/0x5a0 kernel/sched/core.c:6489 preempt_schedule_irq+0x64/0x110 kernel/sched/core.c:6806 arm64_preempt_schedule_irq arch/arm64/kernel/entry-common.c:265 [inline] __el1_irq arch/arm64/kernel/entry-common.c:473 [inline] el1_interrupt+0x4c/0x68 arch/arm64/kernel/entry-common.c:485 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:490 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:577 arch_local_irq_restore+0x8/0x10 arch/arm64/include/asm/irqflags.h:122 lock_is_held include/linux/lockdep.h:283 [inline] __might_resched+0x7c/0x218 kernel/sched/core.c:9854 __might_sleep+0x48/0x78 kernel/sched/core.c:9821 might_alloc include/linux/sched/mm.h:274 [inline] slab_pre_alloc_hook mm/slab.h:700 [inline] slab_alloc_node mm/slub.c:3162 [inline] kmem_cache_alloc_node+0x80/0x370 mm/slub.c:3298 __alloc_skb+0xf8/0x378 net/core/skbuff.c:422 alloc_skb include/linux/skbuff.h:1257 [inline] nlmsg_new include/net/netlink.h:953 [inline] genlmsg_new include/net/genetlink.h:410 [inline] ethnl_default_notify+0x16c/0x320 net/ethtool/netlink.c:640 ...