WARNING: CPU: 1

syzbot

unread,

Sep 27, 2020, 4:38:19 AM9/27/20

to linux-...@vger.kernel.org, net...@vger.kernel.org, syzkall...@googlegroups.com

Hello,

syzbot found the following issue on:

HEAD commit: 748d1c8a Merge branch 'devlink-Use-nla_policy-to-validate-..
git tree: net-next
console output: https://syzkaller.appspot.com/x/log.txt?x=13ac3ec3900000
kernel config: https://syzkaller.appspot.com/x/.config?x=51fb40e67d1e3dec
dashboard link: https://syzkaller.appspot.com/bug?extid=3640e696903873858f7e
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1599be03900000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149fd44b900000

Bisection is inconclusive: the issue happens on the oldest tested release.

bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=1474aaad900000
final oops: https://syzkaller.appspot.com/x/report.txt?x=1674aaad900000
console output: https://syzkaller.appspot.com/x/log.txt?x=1274aaad900000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3640e6...@syzkaller.appspotmail.com

------------[ cut here ]------------
WARNING: CPU: 1

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches

Dmitry Vyukov

unread,

Sep 27, 2020, 4:47:52 AM9/27/20

to syzbot, LKML, netdev, syzkaller-bugs, Johannes Berg, linux-wireless

On Sun, Sep 27, 2020 at 10:38 AM syzbot
<syzbot+3640e6...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 748d1c8a Merge branch 'devlink-Use-nla_policy-to-validate-..
> git tree: net-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=13ac3ec3900000
> kernel config: https://syzkaller.appspot.com/x/.config?x=51fb40e67d1e3dec
> dashboard link: https://syzkaller.appspot.com/bug?extid=3640e696903873858f7e
> compiler: gcc (GCC) 10.1.0-syz 20200507
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1599be03900000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149fd44b900000

Based on the reproducer, this looks like some wireless bug.
+net/wireless maintainers.

> Bisection is inconclusive: the issue happens on the oldest tested release.
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=1474aaad900000
> final oops: https://syzkaller.appspot.com/x/report.txt?x=1674aaad900000
> console output: https://syzkaller.appspot.com/x/log.txt?x=1274aaad900000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+3640e6...@syzkaller.appspotmail.com
>
> ------------[ cut here ]------------
> WARNING: CPU: 1
>
>
> ---
> This report is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at syzk...@googlegroups.com.
>
> syzbot will keep track of this issue. See:
> https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection
> syzbot can test patches for this issue, for details see:
> https://goo.gl/tpsmEJ#testing-patches
>

> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bug...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/000000000000bbdb3b05b0477890%40google.com.

Arend Van Spriel

unread,

Sep 28, 2020, 5:31:01 AM9/28/20

to Dmitry Vyukov, syzbot, LKML, netdev, syzkaller-bugs, Johannes Berg, linux-wireless

On 9/27/2020 10:47 AM, Dmitry Vyukov wrote:
> On Sun, Sep 27, 2020 at 10:38 AM syzbot
> <syzbot+3640e6...@syzkaller.appspotmail.com> wrote:
>>
>> Hello,
>>
>> syzbot found the following issue on:
>>
>> HEAD commit: 748d1c8a Merge branch 'devlink-Use-nla_policy-to-validate-..
>> git tree: net-next
>> console output: https://syzkaller.appspot.com/x/log.txt?x=13ac3ec3900000
>> kernel config: https://syzkaller.appspot.com/x/.config?x=51fb40e67d1e3dec
>> dashboard link: https://syzkaller.appspot.com/bug?extid=3640e696903873858f7e
>> compiler: gcc (GCC) 10.1.0-syz 20200507
>> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1599be03900000
>> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=149fd44b900000
>
> Based on the reproducer, this looks like some wireless bug.
> +net/wireless maintainers.

I don't think so looking at this part of the stacktrace:

[ 51.814941] [<ffffffff8465cc95>] macvlan_common_newlink+0xa15/0x1720
[ 51.833542] [<ffffffff84662548>] macvtap_newlink+0x128/0x230
[ 51.858008] [<ffffffff85b68bfe>] rtnl_newlink+0xe5e/0x1780
[ 51.925885] [<ffffffff85b5d32b>] rtnetlink_rcv_msg+0x22b/0xc20

Regards,
Arend

Dmitry Vyukov

unread,

Sep 28, 2020, 6:04:26 AM9/28/20

to Arend Van Spriel, syzbot, LKML, netdev, syzkaller-bugs, Johannes Berg, linux-wireless

That's the trace on the oldest release and the bisection was diverged
somewhere midway.
You may see this in the bisection log:
https://syzkaller.appspot.com/text?tag=Log&x=1474aaad900000

Initially it crashed with this warning:
all runs: crashed: WARNING in sta_info_insert_rcu

This function is in net/mac80211/sta_info.c.

Arend Van Spriel

unread,

Sep 28, 2020, 6:46:14 AM9/28/20

to Dmitry Vyukov, syzbot, LKML, netdev, syzkaller-bugs, Johannes Berg, linux-wireless

I see. Thanks for the clarification. It was not really obvious where to
dig for information.

Regards,
Arend

Dmitry Vyukov

unread,

Jan 5, 2021, 5:18:13 AM1/5/21

to Arend Van Spriel, syzbot, LKML, netdev, syzkaller-bugs, Johannes Berg, linux-wireless

#syz dup: WARNING in sta_info_insert_rcu

Reply all

Reply to author

Forward