From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932360AbdJVB5A (ORCPT ); Sat, 21 Oct 2017 21:57:00 -0400 Received: from mail-pg0-f47.google.com ([74.125.83.47]:56788 "EHLO mail-pg0-f47.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932295AbdJVB46 (ORCPT ); Sat, 21 Oct 2017 21:56:58 -0400 X-Google-Smtp-Source: ABhQp+SCuXa3hARfzR6EXCJeJDKXV5VhFznQVic2TTRdDazWAQYi+/DIMGJ3Gxfn87iCpSwKL8Q/mA== Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: v4.14-rc3/arm64 DABT exception in atomic_inc() / __skb_clone() From: Wei Wei In-Reply-To: Date: Sat, 21 Oct 2017 21:56:49 -0400 Cc: Dmitry Vyukov , Mark Rutland , linux-arm-kernel@lists.infradead.org, LKML , netdev , Eric Dumazet , David Miller , Willem de Bruijn , syzkaller Message-Id: References: <20171020111408.edj24tztxdptte5r@lakrids.cambridge.arm.com> <960D71EC-C1E9-4898-ACBE-543FC09483FF@gmail.com> To: Willem de Bruijn X-Mailer: Apple Mail (2.3273) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nfs id v9M1v4qX009854 I have uploaded the VM core dump [1]. And I don’t know if these logs are helpful in the case of failing to get the C reproducer currently. [1] https://github.com/dotweiba/skb_clone_atomic_inc_bug/blob/master/vmcore.gz 2017/10/21 20:24:32 reproducing crash 'unable to handle kernel paging request in __skb_clone': testing program (duration=24s, {Threaded:true Collide:true Repeat:true Procs:8 Sandb ox:setuid Fault:false FaultCall:-1 FaultNth:0 EnableTun:true UseTmpDir:true HandleSegv:true WaitRepeat:true Debug:false Repro:true}): mmap-socket$inet_tcp-bind$inet-sendto$inet-se ndto$inet-syz_emit_ethernet 2017/10/21 20:24:49 reproducing crash 'unable to handle kernel paging request in __skb_clone': program crashed: unable to handle kernel paging request in __skb_clone 2017/10/21 20:24:49 reproducing crash 'unable to handle kernel paging request in __skb_clone': extracting C reproducer 2017/10/21 20:24:49 reproducing crash 'unable to handle kernel paging request in __skb_clone': reproducing took 1h47m5.070207729s 2017/10/21 20:24:49 reproduction failed: no target compiler Thanks, Wei > On 20 Oct 2017, at 11:39 AM, Willem de Bruijn wrote: > > On Fri, Oct 20, 2017 at 11:14 AM, Dmitry Vyukov wrote: >> On Fri, Oct 20, 2017 at 4:40 PM, Wei Wei wrote: >>> Sadly, the syzkaller characterized it as a non-reproducible bug and there were empty >>> repro files. But if manually executing in VM like this “./syz-execprog -executor= >>> ./syz-executor -repeat=0 -procs=16 -cover=0 crash-log”, it crashed when executing exactly >>> program 1056 using log0 provided. >>> >>> I failed to generate the C reproducer with syz-repro as it said “no target compiler” >>> in the final step. I would appreciate if you could give some hints. >> >> syzkaller tries to use aarch64-linux-gnu-gcc when cross-compiling to arm64: >> https://github.com/google/syzkaller/blob/master/sys/targets/targets.go#L62 >> Try to install g++-aarch64-linux-gnu. >> Or how should it be done on your system? > > A core dump would also be helpful to root around in and inspect > what those registers point to. Thanks for posting the various reports > on github, btw. From mboxrd@z Thu Jan 1 00:00:00 1970 From: dotweiba@gmail.com (Wei Wei) Date: Sat, 21 Oct 2017 21:56:49 -0400 Subject: v4.14-rc3/arm64 DABT exception in atomic_inc() / __skb_clone() In-Reply-To: References: <20171020111408.edj24tztxdptte5r@lakrids.cambridge.arm.com> <960D71EC-C1E9-4898-ACBE-543FC09483FF@gmail.com> Message-ID: To: linux-arm-kernel@lists.infradead.org List-Id: linux-arm-kernel.lists.infradead.org I have uploaded the VM core dump [1]. And I don?t know if these logs are helpful in the case of failing to get the C reproducer currently. [1] https://github.com/dotweiba/skb_clone_atomic_inc_bug/blob/master/vmcore.gz 2017/10/21 20:24:32 reproducing crash 'unable to handle kernel paging request in __skb_clone': testing program (duration=24s, {Threaded:true Collide:true Repeat:true Procs:8 Sandb ox:setuid Fault:false FaultCall:-1 FaultNth:0 EnableTun:true UseTmpDir:true HandleSegv:true WaitRepeat:true Debug:false Repro:true}): mmap-socket$inet_tcp-bind$inet-sendto$inet-se ndto$inet-syz_emit_ethernet 2017/10/21 20:24:49 reproducing crash 'unable to handle kernel paging request in __skb_clone': program crashed: unable to handle kernel paging request in __skb_clone 2017/10/21 20:24:49 reproducing crash 'unable to handle kernel paging request in __skb_clone': extracting C reproducer 2017/10/21 20:24:49 reproducing crash 'unable to handle kernel paging request in __skb_clone': reproducing took 1h47m5.070207729s 2017/10/21 20:24:49 reproduction failed: no target compiler Thanks, Wei > On 20 Oct 2017, at 11:39 AM, Willem de Bruijn wrote: > > On Fri, Oct 20, 2017 at 11:14 AM, Dmitry Vyukov wrote: >> On Fri, Oct 20, 2017 at 4:40 PM, Wei Wei wrote: >>> Sadly, the syzkaller characterized it as a non-reproducible bug and there were empty >>> repro files. But if manually executing in VM like this ?./syz-execprog -executor= >>> ./syz-executor -repeat=0 -procs=16 -cover=0 crash-log?, it crashed when executing exactly >>> program 1056 using log0 provided. >>> >>> I failed to generate the C reproducer with syz-repro as it said ?no target compiler? >>> in the final step. I would appreciate if you could give some hints. >> >> syzkaller tries to use aarch64-linux-gnu-gcc when cross-compiling to arm64: >> https://github.com/google/syzkaller/blob/master/sys/targets/targets.go#L62 >> Try to install g++-aarch64-linux-gnu. >> Or how should it be done on your system? > > A core dump would also be helpful to root around in and inspect > what those registers point to. Thanks for posting the various reports > on github, btw.