[syzbot] [rdma?] WARNING in rxe_pool_cleanup
9 views
Skip to first unread message
syzbot
May 12, 2024, 10:22:31 PMMay 12
to j...@ziepe.ca, le...@kernel.org, linux-...@vger.kernel.org, linux...@vger.kernel.org, net...@vger.kernel.org, syzkall...@googlegroups.com, zyjzy...@gmail.com
Hello,
syzbot found the following issue on:
HEAD commit: 6d7ddd805123 Merge tag 'soc-fixes-6.9-3' of git://git.kern..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1567aa6c980000
kernel config: https://syzkaller.appspot.com/x/.config?x=7144b4fe7fbf5900
dashboard link: https://syzkaller.appspot.com/bug?extid=221e213bf17f17e0d6cd
compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/7bc7510fe41f/non_bootable_disk-6d7ddd80.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/64e247bdde82/vmlinux-6d7ddd80.xz
kernel image: https://storage.googleapis.com/syzbot-assets/b78396634af8/bzImage-6d7ddd80.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+221e21...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 2 PID: 11465 at drivers/infiniband/sw/rxe/rxe_pool.c:116 rxe_pool_cleanup+0x41/0x60 drivers/infiniband/sw/rxe/rxe_pool.c:116
Modules linked in:
CPU: 2 PID: 11465 Comm: syz-executor.2 Not tainted 6.9.0-rc7-syzkaller-00023-g6d7ddd805123 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:rxe_pool_cleanup+0x41/0x60 drivers/infiniband/sw/rxe/rxe_pool.c:116
Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1f 48 83 bb 80 00 00 00 00 75 06 5b e9 95 28 73 f9 e8 90 28 73 f9 90 <0f> 0b 90 5b e9 86 28 73 f9 e8 81 75 ce f9 eb da 66 66 2e 0f 1f 84
RSP: 0018:ffffc90003baf170 EFLAGS: 00010246
RAX: 0000000000040000 RBX: ffff8880471b5228 RCX: ffffc90003f99000
RDX: 0000000000040000 RSI: ffffffff881aa460 RDI: ffff8880471b52a8
RBP: ffffffff88190dd0 R08: 0000000000000005 R09: 0000000000000000
R10: 00000000ffffffed R11: 0000000000000000 R12: ffffc90003baf600
R13: ffffc90003baf600 R14: ffff88804570c000 R15: 0000000000000000
FS: 00007fedd04706c0(0000) GS:ffff88806b400000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f1c5125dd58 CR3: 000000003df64000 CR4: 0000000000350ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
rxe_dealloc+0x26/0x110 drivers/infiniband/sw/rxe/rxe.c:24
ib_dealloc_device+0x46/0x230 drivers/infiniband/core/device.c:657
rxe_net_add+0xb2/0xe0 drivers/infiniband/sw/rxe/rxe_net.c:536
rxe_newlink+0x70/0x190 drivers/infiniband/sw/rxe/rxe.c:197
nldev_newlink+0x396/0x670 drivers/infiniband/core/nldev.c:1763
rdma_nl_rcv_msg+0x388/0x6e0 drivers/infiniband/core/netlink.c:195
rdma_nl_rcv_skb.constprop.0.isra.0+0x2e6/0x450 drivers/infiniband/core/netlink.c:239
netlink_unicast_kernel net/netlink/af_netlink.c:1335 [inline]
netlink_unicast+0x542/0x820 net/netlink/af_netlink.c:1361
netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1905
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg net/socket.c:745 [inline]
____sys_sendmsg+0xab5/0xc90 net/socket.c:2584
___sys_sendmsg+0x135/0x1e0 net/socket.c:2638
__sys_sendmsg+0x117/0x1f0 net/socket.c:2667
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcf/0x260 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fedcf67dd69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fedd04700c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fedcf7abf80 RCX: 00007fedcf67dd69
RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
RBP: 00007fedcf6ca49e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007fedcf7abf80 R15: 00007ffcb1bc3058
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 6d7ddd805123 Merge tag 'soc-fixes-6.9-3' of git://git.kern..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1567aa6c980000
kernel config: https://syzkaller.appspot.com/x/.config?x=7144b4fe7fbf5900
dashboard link: https://syzkaller.appspot.com/bug?extid=221e213bf17f17e0d6cd
compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/7bc7510fe41f/non_bootable_disk-6d7ddd80.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/64e247bdde82/vmlinux-6d7ddd80.xz
kernel image: https://storage.googleapis.com/syzbot-assets/b78396634af8/bzImage-6d7ddd80.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+221e21...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 2 PID: 11465 at drivers/infiniband/sw/rxe/rxe_pool.c:116 rxe_pool_cleanup+0x41/0x60 drivers/infiniband/sw/rxe/rxe_pool.c:116
Modules linked in:
CPU: 2 PID: 11465 Comm: syz-executor.2 Not tainted 6.9.0-rc7-syzkaller-00023-g6d7ddd805123 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:rxe_pool_cleanup+0x41/0x60 drivers/infiniband/sw/rxe/rxe_pool.c:116
Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1f 48 83 bb 80 00 00 00 00 75 06 5b e9 95 28 73 f9 e8 90 28 73 f9 90 <0f> 0b 90 5b e9 86 28 73 f9 e8 81 75 ce f9 eb da 66 66 2e 0f 1f 84
RSP: 0018:ffffc90003baf170 EFLAGS: 00010246
RAX: 0000000000040000 RBX: ffff8880471b5228 RCX: ffffc90003f99000
RDX: 0000000000040000 RSI: ffffffff881aa460 RDI: ffff8880471b52a8
RBP: ffffffff88190dd0 R08: 0000000000000005 R09: 0000000000000000
R10: 00000000ffffffed R11: 0000000000000000 R12: ffffc90003baf600
R13: ffffc90003baf600 R14: ffff88804570c000 R15: 0000000000000000
FS: 00007fedd04706c0(0000) GS:ffff88806b400000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f1c5125dd58 CR3: 000000003df64000 CR4: 0000000000350ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
rxe_dealloc+0x26/0x110 drivers/infiniband/sw/rxe/rxe.c:24
ib_dealloc_device+0x46/0x230 drivers/infiniband/core/device.c:657
rxe_net_add+0xb2/0xe0 drivers/infiniband/sw/rxe/rxe_net.c:536
rxe_newlink+0x70/0x190 drivers/infiniband/sw/rxe/rxe.c:197
nldev_newlink+0x396/0x670 drivers/infiniband/core/nldev.c:1763
rdma_nl_rcv_msg+0x388/0x6e0 drivers/infiniband/core/netlink.c:195
rdma_nl_rcv_skb.constprop.0.isra.0+0x2e6/0x450 drivers/infiniband/core/netlink.c:239
netlink_unicast_kernel net/netlink/af_netlink.c:1335 [inline]
netlink_unicast+0x542/0x820 net/netlink/af_netlink.c:1361
netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1905
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg net/socket.c:745 [inline]
____sys_sendmsg+0xab5/0xc90 net/socket.c:2584
___sys_sendmsg+0x135/0x1e0 net/socket.c:2638
__sys_sendmsg+0x117/0x1f0 net/socket.c:2667
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcf/0x260 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fedcf67dd69
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fedd04700c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fedcf7abf80 RCX: 00007fedcf67dd69
RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
RBP: 00007fedcf6ca49e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007fedcf7abf80 R15: 00007ffcb1bc3058
</TASK>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Zhu Yanjun
May 13, 2024, 3:39:39 PMMay 13
to syzbot, j...@ziepe.ca, le...@kernel.org, syzkall...@googlegroups.com, zyjzy...@gmail.com
在 2024/5/13 4:22, syzbot 写道:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 6d7ddd805123 Merge tag 'soc-fixes-6.9-3' of git://git.kern..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=1567aa6c980000
> kernel config: https://syzkaller.appspot.com/x/.config?x=7144b4fe7fbf5900
> dashboard link: https://syzkaller.appspot.com/bug?extid=221e213bf17f17e0d6cd
> compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
>
> Unfortunately, I don't have any reproducer for this issue yet.
>
> Downloadable assets:
> disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/7bc7510fe41f/non_bootable_disk-6d7ddd80.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/64e247bdde82/vmlinux-6d7ddd80.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/b78396634af8/bzImage-6d7ddd80.xz
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+221e21...@syzkaller.appspotmail.com
>
> ------------[ cut here ]------------
> WARNING: CPU: 2 PID: 11465 at drivers/infiniband/sw/rxe/rxe_pool.c:116 rxe_pool_cleanup+0x41/0x60 drivers/infiniband/sw/rxe/rxe_pool.c:116
Hi,
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 6d7ddd805123 Merge tag 'soc-fixes-6.9-3' of git://git.kern..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=1567aa6c980000
> kernel config: https://syzkaller.appspot.com/x/.config?x=7144b4fe7fbf5900
> dashboard link: https://syzkaller.appspot.com/bug?extid=221e213bf17f17e0d6cd
> compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
>
> Unfortunately, I don't have any reproducer for this issue yet.
>
> Downloadable assets:
> disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/7bc7510fe41f/non_bootable_disk-6d7ddd80.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/64e247bdde82/vmlinux-6d7ddd80.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/b78396634af8/bzImage-6d7ddd80.xz
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+221e21...@syzkaller.appspotmail.com
>
> ------------[ cut here ]------------
> WARNING: CPU: 2 PID: 11465 at drivers/infiniband/sw/rxe/rxe_pool.c:116 rxe_pool_cleanup+0x41/0x60 drivers/infiniband/sw/rxe/rxe_pool.c:116
I made a lot of tests and this problem can not be reproduced in the
local host.
Can you share your script file that caused this problem with us?
So we can delve into this script file and reproduce this problem in the
local host.
Thanks a lot.
Zhu Yanjun
Reply all
Reply to author
Forward
0 new messages