* WARNING in bpf_prog_kallsyms_add @ 2019-01-04 15:41 syzbot 2019-03-24 2:16 ` syzbot 0 siblings, 1 reply; 4+ messages in thread From: syzbot @ 2019-01-04 15:41 UTC (permalink / raw) To: ast, daniel, linux-kernel, netdev, syzkaller-bugs Hello, syzbot found the following crash on: HEAD commit: 645ff1e8e704 Merge branch 'for-linus' of git://git.kernel... git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=14a5c64b400000 kernel config: https://syzkaller.appspot.com/x/.config?x=20271e14bc1c87f0 dashboard link: https://syzkaller.appspot.com/bug?extid=987e48d84abddbe2506d compiler: gcc (GCC) 9.0.0 20181231 (experimental) syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13c69d20c00000 IMPORTANT: if you fix the bug, please add the following tag to the commit: Reported-by: syzbot+987e48d84abddbe2506d@syzkaller.appspotmail.com 8021q: adding VLAN 0 to HW filter on device batadv0 8021q: adding VLAN 0 to HW filter on device batadv0 IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready 8021q: adding VLAN 0 to HW filter on device batadv0 8021q: adding VLAN 0 to HW filter on device batadv0 WARNING: CPU: 1 PID: 8154 at kernel/bpf/core.c:578 bpf_prog_ksym_node_add kernel/bpf/core.c:578 [inline] WARNING: CPU: 1 PID: 8154 at kernel/bpf/core.c:578 bpf_prog_kallsyms_add+0x909/0xaf0 kernel/bpf/core.c:610 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 8154 Comm: syz-executor0 Not tainted 4.20.0+ #7 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1db/0x2d0 lib/dump_stack.c:113 panic+0x2cb/0x589 kernel/panic.c:189 __warn.cold+0x20/0x4b kernel/panic.c:544 report_bug+0x263/0x2b0 lib/bug.c:186 fixup_bug arch/x86/kernel/traps.c:178 [inline] fixup_bug arch/x86/kernel/traps.c:173 [inline] do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:271 do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:290 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:973 RIP: 0010:bpf_prog_ksym_node_add kernel/bpf/core.c:578 [inline] RIP: 0010:bpf_prog_kallsyms_add+0x909/0xaf0 kernel/bpf/core.c:610 Code: 2d d9 36 00 e9 a4 fe ff ff 31 db 48 c7 c0 f0 db 80 89 e9 a0 fb ff ff 31 db 48 c7 c0 e8 db 80 89 e9 f6 fc ff ff e8 37 06 f3 ff <0f> 0b e9 c6 f8 ff ff 48 89 85 10 ff ff ff e8 54 d9 36 00 48 8b 85 RSP: 0018:ffff88808de979b8 EFLAGS: 00010293 RAX: ffff8880901a6280 RBX: ffff88809292c628 RCX: 0000000000000001 RDX: 0000000000000000 RSI: ffffffff818e9039 RDI: ffffc90001933020 RBP: ffff88808de97ac8 R08: 1ffff11011bd2f24 R09: ffffed1011bd2f25 R10: ffffed1011bd2f24 R11: 0000000000000003 R12: ffff88809292c5c0 R13: 1ffff11011bd2f48 R14: ffff88808de97aa0 R15: ffffffff899f1c80 bpf_prog_load+0x13a9/0x1d00 kernel/bpf/syscall.c:1556 __do_sys_bpf+0xc52/0x4410 kernel/bpf/syscall.c:2618 __se_sys_bpf kernel/bpf/syscall.c:2580 [inline] __x64_sys_bpf+0x73/0xb0 kernel/bpf/syscall.c:2580 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457ec9 Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f94ae545c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457ec9 RDX: 0000000000000048 RSI: 0000000020000780 RDI: 0000000000000005 RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f94ae5466d4 R13: 00000000004be236 R14: 00000000004ce360 R15: 00000000ffffffff Kernel Offset: disabled Rebooting in 86400 seconds.. --- This bug is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this bug report. See: https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with syzbot. syzbot can test patches for this bug, for details see: https://goo.gl/tpsmEJ#testing-patches ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: WARNING in bpf_prog_kallsyms_add 2019-01-04 15:41 WARNING in bpf_prog_kallsyms_add syzbot @ 2019-03-24 2:16 ` syzbot 2019-03-25 12:16 ` Ido Schimmel 0 siblings, 1 reply; 4+ messages in thread From: syzbot @ 2019-03-24 2:16 UTC (permalink / raw) To: ast, daniel, davem, idosch, jiri, kuznet, linux-kernel, netdev, syzkaller-bugs, yoshfuji syzbot has bisected this bug to: commit 7607dd35fc34893214284cca740d015154d20452 Author: Ido Schimmel <idosch@mellanox.com> Date: Mon Jul 17 12:15:30 2017 +0000 mlxsw: spectrum: Trap IPv4 packets with Router Alert option bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=14e0ac07200000 start commit: 645ff1e8 Merge branch 'for-linus' of git://git.kernel.org/.. git tree: upstream final crash: https://syzkaller.appspot.com/x/report.txt?x=16e0ac07200000 console output: https://syzkaller.appspot.com/x/log.txt?x=12e0ac07200000 kernel config: https://syzkaller.appspot.com/x/.config?x=20271e14bc1c87f0 dashboard link: https://syzkaller.appspot.com/bug?extid=987e48d84abddbe2506d syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13c69d20c00000 Reported-by: syzbot+987e48d84abddbe2506d@syzkaller.appspotmail.com Fixes: 7607dd35fc34 ("mlxsw: spectrum: Trap IPv4 packets with Router Alert option") For information about bisection process see: https://goo.gl/tpsmEJ#bisection ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: WARNING in bpf_prog_kallsyms_add 2019-03-24 2:16 ` syzbot @ 2019-03-25 12:16 ` Ido Schimmel 2019-03-26 8:27 ` Dmitry Vyukov 0 siblings, 1 reply; 4+ messages in thread From: Ido Schimmel @ 2019-03-25 12:16 UTC (permalink / raw) To: syzbot, dvyukov Cc: ast, daniel, davem, Jiri Pirko, kuznet, linux-kernel, netdev, syzkaller-bugs, yoshfuji + Dmitry On Sat, Mar 23, 2019 at 07:16:01PM -0700, syzbot wrote: > syzbot has bisected this bug to: > > commit 7607dd35fc34893214284cca740d015154d20452 > Author: Ido Schimmel <idosch@mellanox.com> > Date: Mon Jul 17 12:15:30 2017 +0000 > > mlxsw: spectrum: Trap IPv4 packets with Router Alert option > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=14e0ac07200000 > start commit: 645ff1e8 Merge branch 'for-linus' of git://git.kernel.org/.. > git tree: upstream > final crash: https://syzkaller.appspot.com/x/report.txt?x=16e0ac07200000 > console output: https://syzkaller.appspot.com/x/log.txt?x=12e0ac07200000 > kernel config: https://syzkaller.appspot.com/x/.config?x=20271e14bc1c87f0 > dashboard link: https://syzkaller.appspot.com/bug?extid=987e48d84abddbe2506d > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13c69d20c00000 > > Reported-by: syzbot+987e48d84abddbe2506d@syzkaller.appspotmail.com > Fixes: 7607dd35fc34 ("mlxsw: spectrum: Trap IPv4 packets with Router Alert > option") > > For information about bisection process see: https://goo.gl/tpsmEJ#bisection Dmitry, The bisection is probably wrong. Above mentioned commit is specific to mlxsw which is not even present in the provided kernel config. I see that this also appears in the web interface [1] which might be misleading to some people. Might be worthwhile to add a command for syzbot that tells it that bisection is wrong? [1] https://syzkaller.appspot.com/bug?id=b658eb696c8279d9951a4ceea79efba8a1d12467 ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: WARNING in bpf_prog_kallsyms_add 2019-03-25 12:16 ` Ido Schimmel @ 2019-03-26 8:27 ` Dmitry Vyukov 0 siblings, 0 replies; 4+ messages in thread From: Dmitry Vyukov @ 2019-03-26 8:27 UTC (permalink / raw) To: Ido Schimmel Cc: syzbot, ast, daniel, davem, Jiri Pirko, kuznet, linux-kernel, netdev, syzkaller-bugs, yoshfuji On Mon, Mar 25, 2019 at 1:16 PM Ido Schimmel <idosch@mellanox.com> wrote: > > + Dmitry > > On Sat, Mar 23, 2019 at 07:16:01PM -0700, syzbot wrote: > > syzbot has bisected this bug to: > > > > commit 7607dd35fc34893214284cca740d015154d20452 > > Author: Ido Schimmel <idosch@mellanox.com> > > Date: Mon Jul 17 12:15:30 2017 +0000 > > > > mlxsw: spectrum: Trap IPv4 packets with Router Alert option > > > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=14e0ac07200000 > > start commit: 645ff1e8 Merge branch 'for-linus' of git://git.kernel.org/.. > > git tree: upstream > > final crash: https://syzkaller.appspot.com/x/report.txt?x=16e0ac07200000 > > console output: https://syzkaller.appspot.com/x/log.txt?x=12e0ac07200000 > > kernel config: https://syzkaller.appspot.com/x/.config?x=20271e14bc1c87f0 > > dashboard link: https://syzkaller.appspot.com/bug?extid=987e48d84abddbe2506d > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13c69d20c00000 > > > > Reported-by: syzbot+987e48d84abddbe2506d@syzkaller.appspotmail.com > > Fixes: 7607dd35fc34 ("mlxsw: spectrum: Trap IPv4 packets with Router Alert > > option") > > > > For information about bisection process see: https://goo.gl/tpsmEJ#bisection > > Dmitry, > > The bisection is probably wrong. Above mentioned commit is specific to > mlxsw which is not even present in the provided kernel config. > > I see that this also appears in the web interface [1] which might be > misleading to some people. Might be worthwhile to add a command for > syzbot that tells it that bisection is wrong? > > [1] https://syzkaller.appspot.com/bug?id=b658eb696c8279d9951a4ceea79efba8a1d12467 Hi Ido, Do you mean for the purposes of showing the results as "wrong" on the dashboard? Generally the idea is that people can leave any free form comments on the email thread associated with the bug (there is always a link from the dashboard back to the email thread). It's not possible to capture all possible situations in a set of fixed tags. All information on the dashboard may be incorrect in interesting ways. For example, consider bisection diverged at the very last steps, so one may check the bisection log and easily identify the commit that is most likely the root cause, but the official result is off-by-one. Or may the free stack in a use-after-free report is incorrect and then somebody may suggest the right stack. But having said that there is a proposal for custom tags for bugs (e.g. for priority, subsystem, etc): https://github.com/google/syzkaller/issues/608 And "bisection is wrong" may be a reasonable tag. I just don't want to jump to a first ad-hoc implementation right now. I want to at least try to thought out some consistent, extensible and useful design for tagging. I will add a note about bisection there. Another concern is that I suspect very few people will actually use it. Most people seem to tend to just drop a comment like "this is fixed" or "syzbot sucks" without actually caring about any formal bug state tracking... But even if nobody will use it for majority of bugs, somebody (me) still needs to design, implement, write tests, carefully deploy and maintain this thing... But thanks for the proposal! ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-03-26 8:27 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-01-04 15:41 WARNING in bpf_prog_kallsyms_add syzbot 2019-03-24 2:16 ` syzbot 2019-03-25 12:16 ` Ido Schimmel 2019-03-26 8:27 ` Dmitry Vyukov
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).