Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp3877744rwd; Mon, 22 May 2023 23:03:07 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7eWYimgUeI5vkqtXYH+JXBpXR0FqGBJuE32ER3uwxSFuXYiztqbVvkI/ZQkEIs2RZmemst X-Received: by 2002:a05:6a20:8e1b:b0:10b:bf2d:71bb with SMTP id y27-20020a056a208e1b00b0010bbf2d71bbmr5406358pzj.27.1684821787079; Mon, 22 May 2023 23:03:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684821787; cv=none; d=google.com; s=arc-20160816; b=zC/OC1RBPGgt1AV5uSBWSr+fTjRw+3G7ZdiRSy18OCLXPYeLShRB5nEvIEIsaveACT gXBlodTpTvWb+FgmEMc5WMMcj7b1XrzLn6cAgfpqb5wVFqZY/j3/LU+21nPUgJHRVb6Q JirCIgLD8y8+te9IR30NptS2CNRjjmNkfm5pn1ATPrmykhmaMpp9HVtVYPfXTmwEjxKj llRCMGn76LIv7ttlGnoOO2Pz/nPFEvJRwmjwYQgTqRPOnJMwkW5oA/J4AvN9jiP4cmYq FCm2ii/ChYlt0Js9smu4gZJvIQEbPW9Q3kaVFhcGtXo9JmRxNvomTK1kBO8vr8A3yrWW LRUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=GAnZGDk/FN7vuQkDTHFR40h0pyNa8eDVqn6h/H/qRE4=; b=QS/h2ELL5HqoRgdk2F59CCAlssPlk4U3tfipn/LzGovNIuBVHGzZ6X6nLwHx0jpOj8 aO6M8UFMjDia20vSZYmnOeu0T9RMSGqKWtOk1uQaPhRtOpZLbF2bE1OXYrwyWFy4ST2M USOQFTH61PUsNJUyc34yobs3zPD6vWXI/dIJyBm7y1jdTilL3MYjITVtuClOTX4fBNnI gwxfw8gg6mKqxilRH4NQG4MuOgB07t8PU45bO5XRkSe54Ux4RKFHFclRP7DQ+R9gln2B sF6Bkjlw+zh6Pl4sPxA0vk5gn6QhAqflMh6OY1+FfFMJmGmDX6qVBxvFU+FDNmqpBayS 5usA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=AHUVle6S; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bv190-20020a632ec7000000b0053427a98b7asi6022866pgb.146.2023.05.22.23.02.52; Mon, 22 May 2023 23:03:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=AHUVle6S; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230404AbjEWFwd (ORCPT + 99 others); Tue, 23 May 2023 01:52:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46022 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229459AbjEWFwb (ORCPT ); Tue, 23 May 2023 01:52:31 -0400 Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 58C93109; Mon, 22 May 2023 22:52:30 -0700 (PDT) Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-970028cfb6cso291696866b.1; Mon, 22 May 2023 22:52:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1684821149; x=1687413149; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=GAnZGDk/FN7vuQkDTHFR40h0pyNa8eDVqn6h/H/qRE4=; b=AHUVle6SGyOqFZNmxo/n79Q/lkpN45w+hs1HUOKjnZpfVgJG50GAuBK7o4MIiK3944 1+vvNNqrhuF3GVVjPTds3M1ffZaFfzvp3aceE5TurXJ6oQUxQzKiRUgrRQ9qh1c2f4g9 hGNb1lzhECE65Pn0RbLjIf5B0bwzyk8To09cQ1Y27AfWwe77mwqUL2XqjcI5Q1F+WLjU zuyBpz0ns/HZ/gSdL2ZrWtB+MceHLKC+gZz45Mts3aAELWizJP2pIz0DJd6pAhxPDv00 h/GNNoXZD+MfODSkAlPSMP8I9vcbqsMNShIIUISCwWuwWravTFoF8zyEyR0AClrtsEBp QbdA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684821149; x=1687413149; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GAnZGDk/FN7vuQkDTHFR40h0pyNa8eDVqn6h/H/qRE4=; b=DmuciBPBuhLochUeZtDTyFcvW1NK1Tge3Sjf1g4lX/tgjNa2i8KsITwzx+zxwAvYP0 FV8Nvh3bdtWG0rqzoDCWZJUI0x4WCJrTEmYlYafj+YOdFgBx8YoDtGNPunFgc4HMOR1R WlwbUdJM6WPXCCiqGe1AXyABxa/DnEC2UMv/0B6WUrdADqDXN2ODUJEfwAMYJexm2s+e mPTEhoU4K5G1LfuDJhyCnmdN75IpxFh9YZNaXg8a6LoEWSkqf3ijFzJwypsEvebgtZWO sHZmT8T2irCG3i0rDkM/9opbIwzerMri2E9G1YtY2O4DxA2F+d13hvmZHeORjh8bGsvq 1nvw== X-Gm-Message-State: AC+VfDzOAr4JcBOAEK/bUU3PvSrWPPeygH3btC5m1BiuINpGw75Rv2+e CXbMahBEKTvAFORJFaqKmVJiTTptfeI7/zOCAjg= X-Received: by 2002:a17:907:16a9:b0:959:a9a1:589e with SMTP id hc41-20020a17090716a900b00959a9a1589emr12631243ejc.76.1684821148506; Mon, 22 May 2023 22:52:28 -0700 (PDT) MIME-Version: 1.0 References: <000000000000a589d005fc52ee2d@google.com> <13528f21-0f36-4fa2-d34f-eecee6720bc1@linux.dev> <0d515e17-5386-61ba-8278-500620969497@linux.dev> <5b6b8431-92c7-62df-299b-28f3a5f61d5f@linux.dev> In-Reply-To: <5b6b8431-92c7-62df-299b-28f3a5f61d5f@linux.dev> From: Zhu Yanjun Date: Tue, 23 May 2023 13:52:15 +0800 Message-ID: Subject: Re: [syzbot] [rdma?] INFO: trying to register non-static key in skb_dequeue (2) To: Guoqing Jiang Cc: syzbot , jgg@ziepe.ca, leon@kernel.org, linux-kernel@vger.kernel.org, linux-rdma@vger.kernel.org, netdev@vger.kernel.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 23, 2023 at 1:44=E2=80=AFPM Guoqing Jiang wrote: > > > > On 5/23/23 13:18, Zhu Yanjun wrote: > > On Tue, May 23, 2023 at 1:08=E2=80=AFPM Zhu Yanjun wrote: > >> On Tue, May 23, 2023 at 12:29=E2=80=AFPM Zhu Yanjun wrote: > >>> On Tue, May 23, 2023 at 12:10=E2=80=AFPM Guoqing Jiang wrote: > >>>> > >>>> > >>>> On 5/23/23 12:02, Zhu Yanjun wrote: > >>>>> On Tue, May 23, 2023 at 11:47=E2=80=AFAM Zhu Yanjun wrote: > >>>>>> On Tue, May 23, 2023 at 10:26=E2=80=AFAM Guoqing Jiang wrote: > >>>>>>> > >>>>>>> On 5/23/23 10:13, syzbot wrote: > >>>>>>>> Hello, > >>>>>>>> > >>>>>>>> syzbot tried to test the proposed patch but the build/boot faile= d: > >>>>>>>> > >>>>>>>> failed to apply patch: > >>>>>>>> checking file drivers/infiniband/sw/rxe/rxe_qp.c > >>>>>>>> patch: **** unexpected end of file in patch > >>>>>> This is not the root cause. The fix is not good. > >>>>> This problem is about "INFO: trying to register non-static key. The > >>>>> code is fine but needs lockdep annotation, or maybe" > >>> This warning is from "lock is not initialized". This is a > >>> use-before-initialized problem. > >>> The correct fix is to initialize the lock that is complained before i= t is used. > >>> > >>> Zhu Yanjun > >> Based on the call trace, the followings are the order of this call tra= ce. > >> > >> 291 /* called by the create qp verb */ > >> 292 int rxe_qp_from_init(struct rxe_dev *rxe, struct rxe_qp *qp, > >> struct rxe_pd *pd, > >> 297 { > >> ... > >> 317 rxe_qp_init_misc(rxe, qp, init); > >> ... > >> 322 > >> 323 err =3D rxe_qp_init_resp(rxe, qp, init, udata, uresp); > >> 324 if (err) > >> 325 goto err2; <--- error > >> > >> ... > >> > >> 334 err2: > >> 335 rxe_queue_cleanup(qp->sq.queue); <--- Goto here > >> 336 qp->sq.queue =3D NULL; > >> > >> In rxe_qp_init_resp, the error occurs before skb_queue_head_init. > >> So this call trace appeared. > > 250 static int rxe_qp_init_resp(struct rxe_dev *rxe, struct rxe_qp *qp, > > 254 { > > ... > > 264 > > 265 type =3D QUEUE_TYPE_FROM_CLIENT; > > 266 qp->rq.queue =3D rxe_queue_init(rxe, &qp->rq.max_wr= , > > 267 wqe_size, type); > > 268 if (!qp->rq.queue) > > 269 return -ENOMEM; <---Error here > > 270 > > > > ... > > > > 282 skb_queue_head_init(&qp->resp_pkts); <-this is not called. > > ... > > This will make spin_lock of resp_pkts is used before initialized. > > IMHO, the above is same as > > > Which is caused by "skb_queue_head_init(&qp->resp_pkts)" is not called > > given rxe_qp_init_resp returns error, but the cleanup still trigger the > > chain. > > > > rxe_qp_do_cleanup -> rxe_completer -> drain_resp_pkts -> > > skb_dequeue(&qp->resp_pkts) > > my previous analysis. If not, could you provide another better way to > fix it? Move the initialization to the beginning. This can fix this problem. See below: " diff --git a/drivers/infiniband/sw/rxe/rxe_qp.c b/drivers/infiniband/sw/rxe/rxe_qp.c index c5451a4488ca..22ef6188d7b1 100644 --- a/drivers/infiniband/sw/rxe/rxe_qp.c +++ b/drivers/infiniband/sw/rxe/rxe_qp.c @@ -176,6 +176,9 @@ static void rxe_qp_init_misc(struct rxe_dev *rxe, struct rxe_qp *qp, spin_lock_init(&qp->rq.producer_lock); spin_lock_init(&qp->rq.consumer_lock); + skb_queue_head_init(&qp->req_pkts); + skb_queue_head_init(&qp->resp_pkts); + atomic_set(&qp->ssn, 0); atomic_set(&qp->skb_out, 0); } @@ -234,8 +237,6 @@ static int rxe_qp_init_req(struct rxe_dev *rxe, struct rxe_qp *qp, qp->req.opcode =3D -1; qp->comp.opcode =3D -1; - skb_queue_head_init(&qp->req_pkts); - rxe_init_task(&qp->req.task, qp, rxe_requester); rxe_init_task(&qp->comp.task, qp, rxe_completer); @@ -279,8 +280,6 @@ static int rxe_qp_init_resp(struct rxe_dev *rxe, struct rxe_qp *qp, } } - skb_queue_head_init(&qp->resp_pkts); - rxe_init_task(&qp->resp.task, qp, rxe_responder); qp->resp.opcode =3D OPCODE_NONE; " > > Guoqing