Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp10248054rwb; Fri, 25 Nov 2022 02:46:43 -0800 (PST) X-Google-Smtp-Source: AA0mqf5eu+AMvWRjG9a/jjKyAc/L/DgxoI9ZtCDTF4MLPx/DeKUq/1jXoJWpSw9KcqCSozeeEQI2 X-Received: by 2002:a17:907:7666:b0:7bb:dc8a:519b with SMTP id kk6-20020a170907766600b007bbdc8a519bmr4609146ejc.209.1669373202701; Fri, 25 Nov 2022 02:46:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669373202; cv=none; d=google.com; s=arc-20160816; b=TBOwF4Kt51eBuc1p7v6AlhRvXk5tjCetI4Ls41PonfY4VC42yxeDLr25eIZpRaI9Hr Ca6bgypZmXRS2ZeS+mGkCGTeaxOwsgj65h7ju/NTF0HvoapYRlhuwexkyHrH9/jIQz55 QyRxrf89CipEVaOuWpm4wfQdxHqLZNBQ12RQCIUG7AEKQqJunx6P7ipQ1DfHy76kWEGv XQNXkGo9yEhswcc9saylvZlvctVb+lARTxjDugoOcRMfaWVeXCh8GBJ18iDqkKMrz7L4 x9iW/aTeYXA0lKTWDGfTD7/yOwV7TTWDK41/9iqn//I9ee/2X5GoXVQTWmcV2KcH3nQz Dbxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=dFk4/TyXFVH4omq0MKPCZJW7VRN5MWFd1VLeZHQ4myQ=; b=DJzrx0j79romAoHpQl/m08kFIwyvRhMAoUNY3qAKUMhnoeJpfhr6ejox0y/qBuVxd3 dOyek0fYC6deYBpNP+j8ph7famsqlDopZ5Mj5QI30jKDc32sdFMx8WN+Q+DTsfIVkM4b vOmJa1quzbBXi3abj5mzEtflDdg7XIm/ZDM3eWsB+L/HiAHhUKN7B6HkrE7Sfn0jh0CJ QQtmJZULgOhstgxnD4ML8Bf9qimRMxp/Y0foM89CokbEqRyC/4/K5BjOGacPQeHWd3n5 l7CUkgHGDlHxIRe87Y6dvqsvpkuHR9aCDN04hrPaqC6FpxlFu0/CRe/SVP0E1Mp1xGxG rhQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=O13X7eQn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d12-20020a170906640c00b007ae545e330dsi2460442ejm.210.2022.11.25.02.46.20; Fri, 25 Nov 2022 02:46:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=O13X7eQn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229572AbiKYKWp (ORCPT + 86 others); Fri, 25 Nov 2022 05:22:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48528 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230195AbiKYKWg (ORCPT ); Fri, 25 Nov 2022 05:22:36 -0500 Received: from mail-oa1-x36.google.com (mail-oa1-x36.google.com [IPv6:2001:4860:4864:20::36]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 31019BCB0 for ; Fri, 25 Nov 2022 02:22:32 -0800 (PST) Received: by mail-oa1-x36.google.com with SMTP id 586e51a60fabf-14286d5ebc3so4673543fac.3 for ; Fri, 25 Nov 2022 02:22:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=dFk4/TyXFVH4omq0MKPCZJW7VRN5MWFd1VLeZHQ4myQ=; b=O13X7eQnbmmZ5OZqc1v+Nq5wiHmRFlOakztg4v4kVKzbkp9A2YhxSxn700wHfwQgHj jtL4ZvMsa4P4eCx3kHERQVZdyN5zMzG56fIXBLxVYZQ4xAUnftJ8E2hMwey7QHEHYTBy wp9WzqOq0Gq/2vaXu/AjhjkkuOFzNZ1N/QzaxJ4OEbwT0srBV76yrEy8VyGdoNUgoBlZ UAj99FE9mas+xMxsdohu26gc/ZjZ2KrH/RfUmuZznSQM71QlIJCwRGw9Cc54yyF3L140 9OyC6ojt8/4ZJ28HRhAXVPwy3kxFwYw3Sp6rS36NcIB8kLmQbASBByv40OmbsOI0KC6F AfVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=dFk4/TyXFVH4omq0MKPCZJW7VRN5MWFd1VLeZHQ4myQ=; b=ckHD2NTt7A4nEtDVdr49sGARoKHqKfaDhvt7aaax1nALFmk2IfbWh2Lx7LJMACoedU VqHsx3De+RK44+FbjeJW8AifBiPzbynO6h6Y0iCD+BXOIgu1uhTUv46bBuyFBtYKfaih c0zokTYa7MahfxbF5AV99ZxynURJ98FRlAFP/UdtZbb/COUNSugzE9WD+utKmEkTL4H1 TAvMx6cVu/Gqv29ejE5lG997y0PXBKG8NmTBJZE5qUJEPdBorT2l2RZdyxpuKQhV1TwF eWOIPOHybyN5mJxW44HIreVGPGMA1rL0R0MzIc76xWfPHkDg9nmwDpdN6I3HOmvvWSh3 2hhw== X-Gm-Message-State: ANoB5pmBpnkNucwcgsJ6cbmXZNHwrcLwtAWQjt/qTLNWj41tGDQ+od29 qN1Z35rIs5l4CJS8qO74uoGjJLlSMbMaDMssvZ/2Lw== X-Received: by 2002:a05:6870:b689:b0:13c:7d1c:5108 with SMTP id cy9-20020a056870b68900b0013c7d1c5108mr11030408oab.282.1669371751235; Fri, 25 Nov 2022 02:22:31 -0800 (PST) MIME-Version: 1.0 References: <000000000000706e6f05edfb4ce0@google.com> <20221121171513.GB704954@gauss3.secunet.de> <20221122062657.GE704954@gauss3.secunet.de> In-Reply-To: <20221122062657.GE704954@gauss3.secunet.de> From: Dmitry Vyukov Date: Fri, 25 Nov 2022 11:22:20 +0100 Message-ID: Subject: Re: [syzbot] linux-next test error: general protection fault in xfrm_policy_lookup_bytype To: Steffen Klassert Cc: Sabrina Dubroca , syzbot , davem@davemloft.net, edumazet@google.com, herbert@gondor.apana.org.au, kuba@kernel.org, linux-kernel@vger.kernel.org, linux-next@vger.kernel.org, netdev@vger.kernel.org, pabeni@redhat.com, sfr@canb.auug.org.au, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 22 Nov 2022 at 07:27, Steffen Klassert wrote: > > On Mon, Nov 21, 2022 at 10:41:57PM +0100, Sabrina Dubroca wrote: > > 2022-11-21, 18:15:13 +0100, Steffen Klassert wrote: > > > On Mon, Nov 21, 2022 at 04:07:26PM +0100, Sabrina Dubroca wrote: > > > > 2022-11-21, 05:47:38 -0800, syzbot wrote: > > > > > Hello, > > > > > > > > > > syzbot found the following issue on: > > > > > > > > > > HEAD commit: e4cd8d3ff7f9 Add linux-next specific files for 20221121 > > > > > git tree: linux-next > > > > > console output: https://syzkaller.appspot.com/x/log.txt?x=1472370d880000 > > > > > kernel config: https://syzkaller.appspot.com/x/.config?x=a0ebedc6917bacc1 > > > > > dashboard link: https://syzkaller.appspot.com/bug?extid=bfb2bee01b9c01fff864 > > > > > compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 > > > > > > > > > > Downloadable assets: > > > > > disk image: https://storage.googleapis.com/syzbot-assets/b59eb967701d/disk-e4cd8d3f.raw.xz > > > > > vmlinux: https://storage.googleapis.com/syzbot-assets/37a7b43e6e84/vmlinux-e4cd8d3f.xz > > > > > kernel image: https://storage.googleapis.com/syzbot-assets/ebfb0438e6a2/bzImage-e4cd8d3f.xz > > > > > > > > > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > > > > > Reported-by: syzbot+bfb2bee01b9c01fff864@syzkaller.appspotmail.com > > > > > > > > > > general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 [#1] PREEMPT SMP KASAN > > > > > KASAN: null-ptr-deref in range [0x00000000000000c8-0x00000000000000cf] > > > > > CPU: 0 PID: 5295 Comm: kworker/0:3 Not tainted 6.1.0-rc5-next-20221121-syzkaller #0 > > > > > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 > > > > > Workqueue: ipv6_addrconf addrconf_dad_work > > > > > RIP: 0010:xfrm_policy_lookup_bytype.cold+0x1c/0x54 net/xfrm/xfrm_policy.c:2139 > > > > > > > > That's the printk at the end of the function, when > > > > xfrm_policy_lookup_bytype returns NULL. It seems to have snuck into > > > > commit c39f95aaf6d1 ("xfrm: Fix oops in __xfrm_state_delete()"), we > > > > can just remove it: > > > > > > > > diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c > > > > index 3a203c59a11b..e392d8d05e0c 100644 > > > > --- a/net/xfrm/xfrm_policy.c > > > > +++ b/net/xfrm/xfrm_policy.c > > > > @@ -2135,9 +2135,6 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type, > > > > fail: > > > > rcu_read_unlock(); > > > > > > > > - if (!IS_ERR(ret)) > > > > - printk("xfrm_policy_lookup_bytype: policy if_id %d, wanted if_id %d\n", ret->if_id, if_id); > > > > - > > > > return ret; > > > > > > Hm, this was not in the original patch. Maybe my tree was not > > > clean when I applied it. Do you want to send a patch, or should > > > I just remove it? > > > > Go ahead, I guess it's more convenient for you. > > I just did a forced push to remove that hunk. Let's tell syzbot about the fix, so that it reports similarly looking crashes in future: #syz fix: xfrm: Fix oops in __xfrm_state_delete()