Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp12546501rwl; Tue, 3 Jan 2023 16:34:09 -0800 (PST) X-Google-Smtp-Source: AMrXdXs4cNHzmYnQu/nH5VWAlLEFJ56r/1fPUPVkt22albAmWJt5edZk7joVEQT4YTWdfP/F5S9J X-Received: by 2002:a62:6546:0:b0:578:119c:1c52 with SMTP id z67-20020a626546000000b00578119c1c52mr38662077pfb.14.1672792449059; Tue, 03 Jan 2023 16:34:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672792449; cv=none; d=google.com; s=arc-20160816; b=fhklQ5RSlLNTTL7koYPOVkzEPhzr+ykpmnTf3zbDq/670+CxEuCN4yePfh9QeR475E I6jJFNWQGe/wdjaHcCWksSXZBndUxC8pBU7IrTKuLJxMw0oI6PBwSR+wBKjh6wxoEX4a o/Qe8G5LmZLcs0MTFgK8JjAmY2MhwMQbGKZsXhpOM9q96dkVgtqSwsftZsBh/V7Voij7 ZGvrt6tlT6y+Mi6riFz9bzmyiqpux5KO8MPOax5ezqVJZsQ0r72PKhfEkmEHkOcS/SFy j2prBAYAhmX79BEa3ACRjNKA1Hk4fpQH9qUdvwzC3E6RIlBQzBl9iHut88OGSr5iDDFI 7SOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:from:subject:message-id:date:mime-version; bh=BdI30cbwiGsAahh561Kwaa0VX4PARo/97jT/k9Clyvs=; b=WeBq1dJl+tUuP8xXPyvj8gPG/hj0FD++DlQmhk/hR+s78nWXEF3rnaST5zIq7/xwDz /JnF13hbSSSw0gF4BxAZjtiR6PaH6Tl04rAgFP2HMa2/wI3L1a7F/Pza6w1Jd40/d/Rj XDQc+1NJ89giTfYk/qcQa3grLlcQmmVI2qzle2TtVnKFPFX+/FoFCqpD7/yOmk0kEwIN dYbtkCmQRwPaG4lVYhHqRbYCJoegF0xjfKkxXqFF/ENYipadKewzkA3pDx9iHLyL85FJ hKwib5vyG/rb5DzI8YhpkzdUufUCc8NAACx73rqQAZwKOC1UkxBFhvzBFUIM0o0KalXE jBYg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d3-20020a654243000000b0044fb332e9c2si35132855pgq.560.2023.01.03.16.34.01; Tue, 03 Jan 2023 16:34:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234230AbjADAIz (ORCPT + 59 others); Tue, 3 Jan 2023 19:08:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58624 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233598AbjADAIx (ORCPT ); Tue, 3 Jan 2023 19:08:53 -0500 Received: from mail-il1-f198.google.com (mail-il1-f198.google.com [209.85.166.198]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B44D713DEC for ; Tue, 3 Jan 2023 16:08:51 -0800 (PST) Received: by mail-il1-f198.google.com with SMTP id i7-20020a056e021b0700b003033a763270so20371297ilv.19 for ; Tue, 03 Jan 2023 16:08:51 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:from:subject:message-id:date:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=BdI30cbwiGsAahh561Kwaa0VX4PARo/97jT/k9Clyvs=; b=g3UdvfQeNlWyVdU0GXaID1ioTjNXRPtL77aX6kVuo2ToEdXuk3T5LD0r+Rqlm1dnx8 AdiM2AhxsFTunD7K7PxdfLGs2IPvlrD4tr2U9c8sI6s9YN9lzCLIzxovaZp0tAPjiwAM 5eygKc3LQr2a+AOwYZ8K3rnN9GsErl6vhGmEh/RTTdcVuu8eJpjKVkz6hqBvKgzRalsE InZgXb6/HHfaKKsj8yimaP7efXIYlXh5h4NMfMIf+FO59DnXhvzt/X7yvK4gHwypP3ZE uEgg7OVhUFyXl6j1AFKzb7AlCAFsQ8cgKROo/1iYmSJjhoEIo7o9CIBR+K9jCYj/9C7p 84Hw== X-Gm-Message-State: AFqh2ko7GMgeYnLumqw7NGp7De/uj74opYYueIZgXz9fBZDs+4tchHW3 /Dknr8GRJGvztTwoTqB6D+DnvuDTeRu1Na0AlD8u4dpwkJzK MIME-Version: 1.0 X-Received: by 2002:a05:6638:490b:b0:375:2ff:b633 with SMTP id cx11-20020a056638490b00b0037502ffb633mr519089jab.100.1672790931037; Tue, 03 Jan 2023 16:08:51 -0800 (PST) Date: Tue, 03 Jan 2023 16:08:51 -0800 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <0000000000003a68dc05f164fd69@google.com> Subject: [syzbot] kernel BUG in vhost_vsock_handle_tx_kick From: syzbot To: jasowang@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, mst@redhat.com, netdev@vger.kernel.org, sgarzare@redhat.com, stefanha@redhat.com, syzkaller-bugs@googlegroups.com, virtualization@lists.linux-foundation.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_00,FROM_LOCAL_HEX, HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, SORTED_RECIPS,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, syzbot found the following issue on: HEAD commit: c76083fac3ba Add linux-next specific files for 20221226 git tree: linux-next console+strace: https://syzkaller.appspot.com/x/log.txt?x=1723da42480000 kernel config: https://syzkaller.appspot.com/x/.config?x=c217c755f1884ab6 dashboard link: https://syzkaller.appspot.com/bug?extid=30b72abaa17c07fe39dd compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14fc414c480000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1604b20a480000 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/e388f26357fd/disk-c76083fa.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/e24f0bae36d5/vmlinux-c76083fa.xz kernel image: https://storage.googleapis.com/syzbot-assets/a5a69a059716/bzImage-c76083fa.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+30b72abaa17c07fe39dd@syzkaller.appspotmail.com skbuff: skb_over_panic: text:ffffffff8768d6f1 len:25109 put:25109 head:ffff88802b5ac000 data:ffff88802b5ac02c tail:0x6241 end:0xc0 dev: ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:121! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 5072 Comm: vhost-5071 Not tainted 6.2.0-rc1-next-20221226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 RIP: 0010:skb_panic+0x16c/0x16e net/core/skbuff.c:121 Code: f7 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 40 04 5b 8b ff 74 24 10 ff 74 24 20 e8 09 8e bf ff <0f> 0b e8 1a 67 82 f7 4c 8b 64 24 18 e8 80 3d d0 f7 48 c7 c1 40 12 RSP: 0018:ffffc90003cefca0 EFLAGS: 00010282 RAX: 000000000000008d RBX: ffff88802b674500 RCX: 0000000000000000 RDX: ffff8880236bba80 RSI: ffffffff81663b9c RDI: fffff5200079df86 RBP: ffffffff8b5b1280 R08: 000000000000008d R09: 0000000000000000 R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff8768d6f1 R13: 0000000000006215 R14: ffffffff8b5b0400 R15: 00000000000000c0 FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000380 CR3: 000000002985f000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: skb_over_panic net/core/skbuff.c:126 [inline] skb_put.cold+0x24/0x24 net/core/skbuff.c:2218 virtio_vsock_skb_rx_put include/linux/virtio_vsock.h:56 [inline] vhost_vsock_alloc_skb drivers/vhost/vsock.c:374 [inline] vhost_vsock_handle_tx_kick+0xad1/0xd00 drivers/vhost/vsock.c:509 vhost_worker+0x241/0x3e0 drivers/vhost/vhost.c:364 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:skb_panic+0x16c/0x16e net/core/skbuff.c:121 Code: f7 4c 8b 4c 24 10 8b 4b 70 41 56 45 89 e8 4c 89 e2 41 57 48 89 ee 48 c7 c7 40 04 5b 8b ff 74 24 10 ff 74 24 20 e8 09 8e bf ff <0f> 0b e8 1a 67 82 f7 4c 8b 64 24 18 e8 80 3d d0 f7 48 c7 c1 40 12 RSP: 0018:ffffc90003cefca0 EFLAGS: 00010282 RAX: 000000000000008d RBX: ffff88802b674500 RCX: 0000000000000000 RDX: ffff8880236bba80 RSI: ffffffff81663b9c RDI: fffff5200079df86 RBP: ffffffff8b5b1280 R08: 000000000000008d R09: 0000000000000000 R10: 0000000080000000 R11: 0000000000000000 R12: ffffffff8768d6f1 R13: 0000000000006215 R14: ffffffff8b5b0400 R15: 00000000000000c0 FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fdc6f4a4298 CR3: 000000002985f000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. syzbot can test patches for this issue, for details see: https://goo.gl/tpsmEJ#testing-patches