lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <000000000000c233a7061ca2e6ee@google.com>
Date: Sun, 07 Jul 2024 00:04:02 -0700
From: syzbot <syzbot+705c61d60b091ef42c04@...kaller.appspotmail.com>
To: aha310510@...il.com, linux-kernel@...r.kernel.org, 
	syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [net?] possible deadlock in team_del_slave (3)

Hello,

syzbot tried to test the proposed patch but the build/boot failed:

. Setting the MTU to 1560 would solve the problem.
[   65.749523][ T5188] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.794737][ T5188] hsr_slave_0: entered promiscuous mode
[   65.800990][ T5188] hsr_slave_1: entered promiscuous mode
[   65.807988][ T5188] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.816311][ T5188] Cannot create hsr debugfs directory
[   65.949582][ T5188] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   65.959631][ T5188] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   65.969541][ T5188] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   65.979136][ T5188] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   66.059668][ T5188] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.079370][ T5188] 8021q: adding VLAN 0 to HW filter on device team0
[   66.091102][ T5170] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.098400][ T5170] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.116765][ T5170] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.124047][ T5170] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.159855][ T5188] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   66.170938][ T5188] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   66.209690][ T5188] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.250323][ T5188] veth0_vlan: entered promiscuous mode
[   66.267593][ T5188] veth1_vlan: entered promiscuous mode
[   66.295077][ T5188] veth0_macvtap: entered promiscuous mode
[   66.305000][ T5188] veth1_macvtap: entered promiscuous mode
[   66.321220][ T5188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.334443][ T5188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.347433][ T5188] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.364590][ T5188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.375515][ T5188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.387573][ T5188] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.399784][ T5188] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.408658][ T5188] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.417776][ T5188] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.427420][ T5188] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.499007][  T134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.507906][  T134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.537892][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.546807][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.815443][   T12] bridge_slave_1: left allmulticast mode
[   69.821395][   T12] bridge_slave_1: left promiscuous mode
[   69.844241][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.859472][   T12] bridge_slave_0: left allmulticast mode
[   69.867932][   T12] bridge_slave_0: left promiscuous mode
[   69.873969][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.095084][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   70.107948][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   70.118543][   T12] bond0 (unregistering): Released all slaves
[   70.239777][   T12] hsr_slave_0: left promiscuous mode
[   70.246490][   T12] hsr_slave_1: left promiscuous mode
[   70.255808][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.265531][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   70.283319][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.290777][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   70.316399][   T12] veth1_macvtap: left promiscuous mode
[   70.323105][   T12] veth0_macvtap: left promiscuous mode
[   70.328757][   T12] veth1_vlan: left promiscuous mode
[   70.335500][   T12] veth0_vlan: left promiscuous mode
[   70.689807][   T12] team0 (unregistering): Port device team_slave_1 removed
[   70.718877][   T12] team0 (unregistering): Port device team_slave_0 removed
[   71.258531][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.857737][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[   71.871811][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[   72.118696][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.177872][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.269874][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.413143][   T12] bridge_slave_1: left allmulticast mode
[   72.418935][   T12] bridge_slave_1: left promiscuous mode
[   72.427494][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.440417][   T12] bridge_slave_0: left allmulticast mode
[   72.448397][   T12] bridge_slave_0: left promiscuous mode
[   72.455186][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.738209][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   72.749757][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   72.760471][   T12] bond0 (unregistering): Released all slaves
[   73.080824][   T12] ------------[ cut here ]------------
[   73.086430][   T12] WARNING: CPU: 0 PID: 12 at net/wireless/core.c:1197 _cfg80211_unregister_wdev+0x46d/0x560
[   73.096902][   T12] Modules linked in:
[   73.100847][   T12] CPU: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd-dirty #0
[   73.111921][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   73.122420][   T12] Workqueue: netns cleanup_net
[   73.127239][   T12] RIP: 0010:_cfg80211_unregister_wdev+0x46d/0x560
[   73.134251][   T12] Code: 0f b6 04 38 84 c0 0f 85 ec 00 00 00 41 80 65 00 fe 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 04 07 c5 f6 90 <0f> 0b 90 e9 61 fc ff ff e8 f6 06 c5 f6 c6 05 2c ac c6 04 01 90 48
[   73.154633][   T12] RSP: 0018:ffffc90000117798 EFLAGS: 00010293
[   73.160724][   T12] RAX: ffffffff8ad120ac RBX: 0000000000000000 RCX: ffff8880176c5a00
[   73.169098][   T12] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   73.177679][   T12] RBP: ffff888068618000 R08: ffffffff8ad11d02 R09: 1ffffffff1ebcdac
[   73.186247][   T12] R10: dffffc0000000000 R11: fffffbfff1ebcdad R12: 0000000000000001
[   73.194767][   T12] R13: ffff88801cf7ccb0 R14: ffff888068618700 R15: dffffc0000000000
[   73.203072][   T12] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[   73.212323][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.218895][   T12] CR2: 000055f5b8852950 CR3: 000000000e132000 CR4: 00000000003506f0
[   73.227244][   T12] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   73.235570][   T12] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   73.243988][   T12] Call Trace:
[   73.247277][   T12]  <TASK>
[   73.250193][   T12]  ? __warn+0x163/0x4e0
[   73.254816][   T12]  ? _cfg80211_unregister_wdev+0x46d/0x560
[   73.260665][   T12]  ? report_bug+0x2b3/0x500
[   73.265522][   T12]  ? _cfg80211_unregister_wdev+0x46d/0x560
[   73.271592][   T12]  ? handle_bug+0x3e/0x70
[   73.276016][   T12]  ? exc_invalid_op+0x1a/0x50
[   73.280956][   T12]  ? asm_exc_invalid_op+0x1a/0x20
[   73.286396][   T12]  ? _cfg80211_unregister_wdev+0xc2/0x560
[   73.292211][   T12]  ? _cfg80211_unregister_wdev+0x46c/0x560
[   73.298035][   T12]  ? _cfg80211_unregister_wdev+0x46d/0x560
[   73.303878][   T12]  ? _cfg80211_unregister_wdev+0x46c/0x560
[   73.309708][   T12]  ieee80211_remove_interfaces+0x525/0x720
[   73.315641][   T12]  ? ieee80211_unregister_hw+0x55/0x2c0
[   73.321227][   T12]  ? __pfx_ieee80211_remove_interfaces+0x10/0x10
[   73.327613][   T12]  ieee80211_unregister_hw+0x5d/0x2c0
[   73.333058][   T12]  mac80211_hwsim_del_radio+0x2c2/0x4c0
[   73.338612][   T12]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[   73.344761][   T12]  hwsim_exit_net+0x5c1/0x670
[   73.349450][   T12]  ? __pfx_hwsim_exit_net+0x10/0x10
[   73.354809][   T12]  ? __ip_vs_dev_cleanup_batch+0x239/0x260
[   73.360650][   T12]  cleanup_net+0x802/0xcc0
[   73.365129][   T12]  ? __pfx_cleanup_net+0x10/0x10
[   73.370092][   T12]  ? process_scheduled_works+0x945/0x1830
[   73.375946][   T12]  process_scheduled_works+0xa2c/0x1830
[   73.381548][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[   73.387971][   T12]  ? assign_work+0x364/0x3d0
[   73.392920][   T12]  worker_thread+0x86d/0xd50
[   73.397535][   T12]  ? __kthread_parkme+0x169/0x1d0
[   73.402621][   T12]  ? __pfx_worker_thread+0x10/0x10
[   73.407745][   T12]  kthread+0x2f0/0x390
[   73.411959][   T12]  ? __pfx_worker_thread+0x10/0x10
[   73.417079][   T12]  ? __pfx_kthread+0x10/0x10
[   73.421677][   T12]  ret_from_fork+0x4b/0x80
[   73.426151][   T12]  ? __pfx_kthread+0x10/0x10
[   73.430832][   T12]  ret_from_fork_asm+0x1a/0x30
[   73.435683][   T12]  </TASK>
[   73.438739][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   73.446004][   T12] CPU: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd-dirty #0
[   73.456604][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   73.466655][   T12] Workqueue: netns cleanup_net
[   73.471414][   T12] Call Trace:
[   73.474709][   T12]  <TASK>
[   73.477655][   T12]  dump_stack_lvl+0x241/0x360
[   73.482346][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.487561][   T12]  ? __pfx__printk+0x10/0x10
[   73.492183][   T12]  ? _printk+0xd5/0x120
[   73.496355][   T12]  ? vscnprintf+0x5d/0x90
[   73.500704][   T12]  panic+0x349/0x860
[   73.504805][   T12]  ? __warn+0x172/0x4e0
[   73.509075][   T12]  ? __pfx_panic+0x10/0x10
[   73.513494][   T12]  ? show_trace_log_lvl+0x4e6/0x520
[   73.518728][   T12]  ? ret_from_fork_asm+0x1a/0x30
[   73.523686][   T12]  __warn+0x346/0x4e0
[   73.527674][   T12]  ? _cfg80211_unregister_wdev+0x46d/0x560
[   73.533569][   T12]  report_bug+0x2b3/0x500
[   73.537892][   T12]  ? _cfg80211_unregister_wdev+0x46d/0x560
[   73.543696][   T12]  handle_bug+0x3e/0x70
[   73.547850][   T12]  exc_invalid_op+0x1a/0x50
[   73.552387][   T12]  asm_exc_invalid_op+0x1a/0x20
[   73.557264][   T12] RIP: 0010:_cfg80211_unregister_wdev+0x46d/0x560
[   73.563690][   T12] Code: 0f b6 04 38 84 c0 0f 85 ec 00 00 00 41 80 65 00 fe 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 04 07 c5 f6 90 <0f> 0b 90 e9 61 fc ff ff e8 f6 06 c5 f6 c6 05 2c ac c6 04 01 90 48
[   73.583293][   T12] RSP: 0018:ffffc90000117798 EFLAGS: 00010293
[   73.589358][   T12] RAX: ffffffff8ad120ac RBX: 0000000000000000 RCX: ffff8880176c5a00
[   73.597318][   T12] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   73.605284][   T12] RBP: ffff888068618000 R08: ffffffff8ad11d02 R09: 1ffffffff1ebcdac
[   73.613250][   T12] R10: dffffc0000000000 R11: fffffbfff1ebcdad R12: 0000000000000001
[   73.621239][   T12] R13: ffff88801cf7ccb0 R14: ffff888068618700 R15: dffffc0000000000
[   73.629242][   T12]  ? _cfg80211_unregister_wdev+0xc2/0x560
[   73.635048][   T12]  ? _cfg80211_unregister_wdev+0x46c/0x560
[   73.640870][   T12]  ? _cfg80211_unregister_wdev+0x46c/0x560
[   73.646705][   T12]  ieee80211_remove_interfaces+0x525/0x720
[   73.652529][   T12]  ? ieee80211_unregister_hw+0x55/0x2c0
[   73.658195][   T12]  ? __pfx_ieee80211_remove_interfaces+0x10/0x10
[   73.664568][   T12]  ieee80211_unregister_hw+0x5d/0x2c0
[   73.669955][   T12]  mac80211_hwsim_del_radio+0x2c2/0x4c0
[   73.675512][   T12]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[   73.681583][   T12]  hwsim_exit_net+0x5c1/0x670
[   73.686317][   T12]  ? __pfx_hwsim_exit_net+0x10/0x10
[   73.691541][   T12]  ? __ip_vs_dev_cleanup_batch+0x239/0x260
[   73.697357][   T12]  cleanup_net+0x802/0xcc0
[   73.701800][   T12]  ? __pfx_cleanup_net+0x10/0x10
[   73.706737][   T12]  ? process_scheduled_works+0x945/0x1830
[   73.712531][   T12]  process_scheduled_works+0xa2c/0x1830
[   73.718085][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[   73.724060][   T12]  ? assign_work+0x364/0x3d0
[   73.728641][   T12]  worker_thread+0x86d/0xd50
[   73.733244][   T12]  ? __kthread_parkme+0x169/0x1d0
[   73.738257][   T12]  ? __pfx_worker_thread+0x10/0x10
[   73.743365][   T12]  kthread+0x2f0/0x390
[   73.747424][   T12]  ? __pfx_worker_thread+0x10/0x10
[   73.752533][   T12]  ? __pfx_kthread+0x10/0x10
[   73.757113][   T12]  ret_from_fork+0x4b/0x80
[   73.761518][   T12]  ? __pfx_kthread+0x10/0x10
[   73.766100][   T12]  ret_from_fork_asm+0x1a/0x30
[   73.770872][   T12]  </TASK>
[   73.774152][   T12] Kernel Offset: disabled
[   73.778533][   T12] Rebooting in 86400 seconds..


syzkaller build log:
go env (err=<nil>)
GO111MODULE='auto'
GOARCH='amd64'
GOBIN=''
GOCACHE='/syzkaller/.cache/go-build'
GOENV='/syzkaller/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/syzkaller/jobs-2/linux/gopath/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/syzkaller/jobs-2/linux/gopath'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.21.4'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/syzkaller/jobs-2/linux/gopath/src/github.com/google/syzkaller/go.mod'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build2801630060=/tmp/go-build -gno-record-gcc-switches'

git status (err=<nil>)
HEAD detached at edc5149ad2
nothing to commit, working tree clean


tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sys/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
bin/syz-sysgen
go fmt ./sys/... >/dev/null
touch .descriptions
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=edc5149ad2ab7a38db6b3bcb1b594e0264a92163 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20240621-090414'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-fuzzer github.com/google/syzkaller/syz-fuzzer
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=edc5149ad2ab7a38db6b3bcb1b594e0264a92163 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20240621-090414'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
mkdir -p ./bin/linux_amd64
g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \
	-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -std=c++17 -I. -Iexecutor/_include -fpermissive -w -DGOOS_linux=1 -DGOARCH_amd64=1 \
	-DHOSTGOOS_linux=1 -DGIT_REVISION=\"edc5149ad2ab7a38db6b3bcb1b594e0264a92163\"


Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=10e59fbe980000


Tested on:

commit:         c6653f49 Merge tag 'powerpc-6.10-4' of git://git.kerne..
git tree:       upstream
kernel config:  https://syzkaller.appspot.com/x/.config?x=864caee5f78cab51
dashboard link: https://syzkaller.appspot.com/bug?extid=705c61d60b091ef42c04
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
patch:          https://syzkaller.appspot.com/x/patch.diff?x=116cb7c1980000

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ