| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Aug 2022 09:22:17 +0200
From: Bruno Goncalves <bgoncalv@...hat.com>
To: Jakub Kicinski <kuba@...nel.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Networking <netdev@...r.kernel.org>,
CKI Project <cki-project@...hat.com>
Subject: Re: RIP: 0010:qede_load+0x128d/0x13b0 [qede] - 5.19.0
On Wed, 3 Aug 2022 at 17:37, Jakub Kicinski <kuba@...nel.org> wrote:
>
> On Wed, 3 Aug 2022 14:13:00 +0200 Bruno Goncalves wrote:
> > Got this from the most recent failure (kernel built using commit 0805c6fb39f6):
> >
> > the tarball is https://s3.amazonaws.com/arr-cki-prod-trusted-artifacts/trusted-artifacts/603714145/build%20x86_64%20debug/2807738987/artifacts/kernel-mainline.kernel.org-redhat_603714145_x86_64_debug.tar.gz
> > and the call trace from
> > https://s3.us-east-1.amazonaws.com/arr-cki-prod-datawarehouse-public/datawarehouse-public/2022/08/02/redhat:603123526/build_x86_64_redhat:603123526_x86_64_debug/tests/1/results_0001/console.log/console.log
> >
> > [ 69.876513] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
> > [ 69.888521] Hardware name: HPE ProLiant DL325 Gen10 Plus/ProLiant
> > DL325 Gen10 Plus, BIOS A43 08/09/2021
> > [ 69.897971] RIP: 0010:qede_load.cold
> > (/builds/2807738987/workdir/./include/linux/spinlock.h:389
> > /builds/2807738987/workdir/./include/linux/netdevice.h:4294
> > /builds/2807738987/workdir/./include/linux/netdevice.h:4385
> > /builds/2807738987/workdir/drivers/net/ethernet/qlogic/qede/qede_main.c:2594
> > /builds/2807738987/workdir/drivers/net/ethernet/qlogic/qede/qede_main.c:2575)
>
> Thanks a lot! That seems to point the finger at commit 3aa6bce9af0e
> ("net: watchdog: hold device global xmit lock during tx disable") but
> frankly IDK why... The driver must be fully initialized to get to
> ndo_open() so how is the tx_global_lock busted?!
>
> Would you be able to re-run with CONFIG_KASAN=y ?
> Perhaps KASAN can tell us what's messing up the lock.
Sorry for taking a long time to provide the info.
Below is the call trace, note it is on a different machine. It might
take me a few days in case I need to try on the original machine.
[ 110.329039] [0000:c1:00.2]:[qedf_link_update:613]:9: LINK DOWN.
[ 110.330183] invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[ 110.340728] CPU: 56 PID: 1810 Comm: NetworkManager Not tainted 5.19.0 #1
[ 110.347435] Hardware name: Dell Inc. PowerEdge R7425/02MJ3T, BIOS
1.18.0 01/17/2022
[ 110.355088] RIP: 0010:qede_load.cold+0x14c/0xa08 [qede]
[ 110.360348] Code: c6 60 fb 40 c0 48 c7 c7 40 e1 40 c0 e8 b7 21 28
c8 48 8b 3c 24 e8 fa 06 2d c7 41 0f b7 9f b6 00 00 00 41 89 dc e9 c2
3c fe ff <0f> 0b 48 c7 c1 60 d0 40 c0 eb c1 49 8d 7f 08 e8 36 09 2d c7
49 8b
[ 110.379101] RSP: 0018:ffff888162ab6e00 EFLAGS: 00010206
[ 110.384338] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffffc03ed524
[ 110.391479] RDX: 000000000000006b RSI: 0000000000000007 RDI: ffff88810401a758
[ 110.398621] RBP: ffff8888a20f2cd0 R08: 0000000000000001 R09: ffffffff8bba9e0f
[ 110.405761] R10: fffffbfff17753c1 R11: 0000000000000001 R12: ffff88810401a758
[ 110.412895] R13: ffff8888a20f2c08 R14: ffff8888a20f2cb6 R15: ffff8888a20f2c00
[ 110.420036] FS: 00007fac3a412500(0000) GS:ffff888810d00000(0000)
knlGS:0000000000000000
[ 110.428129] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 110.433875] CR2: 00007fac38ffca88 CR3: 0000000123528000 CR4: 00000000003506e0
[ 110.441009] Call Trace:
[ 110.443464] <TASK>
[ 110.445585] ? qed_eth_rxq_start_ramrod+0x320/0x320 [qed]
[ 110.451110] ? qede_alloc_mem_txq+0x240/0x240 [qede]
[ 110.456106] ? lock_release+0x233/0x470
[ 110.459958] ? rwsem_wake.isra.0+0xf1/0x100
[ 110.464163] ? lock_chain_count+0x20/0x20
[ 110.468179] ? find_held_lock+0x83/0xa0
[ 110.472032] ? lock_is_held_type+0xe3/0x140
[ 110.476245] ? lockdep_hardirqs_on_prepare+0x132/0x230
[ 110.481397] ? queue_delayed_work_on+0x57/0x90
[ 110.485852] ? lockdep_hardirqs_on+0x7d/0x100
[ 110.490221] ? qed_get_int_fp+0xe0/0xe0 [qed]
[ 110.494703] qede_open+0x6d/0x100 [qede]
[ 110.498664] __dev_open+0x1c3/0x2c0
[ 110.502171] ? dev_set_rx_mode+0x60/0x60
[ 110.506105] ? lockdep_hardirqs_on_prepare+0x132/0x230
[ 110.511254] ? __local_bh_enable_ip+0x8f/0x110
[ 110.515711] __dev_change_flags+0x31b/0x3b0
[ 110.519906] ? dev_set_allmulti+0x10/0x10
[ 110.523935] dev_change_flags+0x58/0xb0
[ 110.527783] do_setlink+0xb38/0x19e0
[ 110.531370] ? reacquire_held_locks+0x270/0x270
[ 110.535910] ? rtnetlink_put_metrics+0x2e0/0x2e0
[ 110.540538] ? entry_SYSCALL_64+0x1/0x29
[ 110.544478] ? is_bpf_text_address+0x83/0xf0
[ 110.548762] ? kernel_text_address+0x125/0x130
[ 110.553218] ? __kernel_text_address+0xe/0x40
[ 110.557585] ? unwind_get_return_address+0x33/0x50
[ 110.562386] ? create_prof_cpu_mask+0x20/0x20
[ 110.566755] ? arch_stack_walk+0xa3/0x100
[ 110.570781] ? memset+0x1f/0x40
[ 110.573939] ? __nla_validate_parse+0xb4/0x1040
[ 110.578481] ? stack_trace_save+0x96/0xd0
[ 110.582504] ? nla_get_range_signed+0x180/0x180
[ 110.587042] ? __stack_depot_save+0x35/0x4a0
[ 110.591335] __rtnl_newlink+0x715/0xc90
[ 110.595182] ? mark_lock+0xd51/0xd90
[ 110.598773] ? rtnl_link_unregister+0x1e0/0x1e0
[ 110.603309] ? _raw_spin_unlock_irqrestore+0x40/0x60
[ 110.608285] ? ___slab_alloc+0x919/0xf80
[ 110.612222] ? rtnl_newlink+0x36/0x70
[ 110.615896] ? reacquire_held_locks+0x270/0x270
[ 110.620440] ? lock_is_held_type+0xe3/0x140
[ 110.624634] ? rcu_read_lock_sched_held+0x3f/0x80
[ 110.629353] ? trace_kmalloc+0x33/0x100
[ 110.633207] rtnl_newlink+0x4f/0x70
[ 110.636704] rtnetlink_rcv_msg+0x242/0x6b0
[ 110.640815] ? rtnl_stats_set+0x260/0x260
[ 110.644836] ? lock_acquire+0x16f/0x410
[ 110.648682] ? lock_acquire+0x17f/0x410
[ 110.652533] netlink_rcv_skb+0xce/0x200
[ 110.656385] ? rtnl_stats_set+0x260/0x260
[ 110.660408] ? netlink_ack+0x520/0x520
[ 110.664166] ? netlink_deliver_tap+0x13c/0x5c0
[ 110.668626] ? netlink_deliver_tap+0x141/0x5c0
[ 110.673083] netlink_unicast+0x2cb/0x460
[ 110.677015] ? netlink_attachskb+0x440/0x440
[ 110.681294] ? __build_skb_around+0x12a/0x150
[ 110.685667] netlink_sendmsg+0x3d2/0x710
[ 110.689609] ? netlink_unicast+0x460/0x460
[ 110.693710] ? iovec_from_user.part.0+0x95/0x200
[ 110.698348] ? netlink_unicast+0x460/0x460
[ 110.702456] sock_sendmsg+0x99/0xa0
[ 110.705963] ____sys_sendmsg+0x3d4/0x410
[ 110.709895] ? kernel_sendmsg+0x30/0x30
[ 110.713740] ? __ia32_sys_recvmmsg+0x160/0x160
[ 110.718200] ? lockdep_hardirqs_on_prepare+0x230/0x230
[ 110.723358] ___sys_sendmsg+0xe2/0x150
[ 110.727124] ? sendmsg_copy_msghdr+0x110/0x110
[ 110.731576] ? find_held_lock+0x83/0xa0
[ 110.735425] ? lock_release+0x233/0x470
[ 110.739271] ? __fget_files+0x14a/0x200
[ 110.743120] ? reacquire_held_locks+0x270/0x270
[ 110.747674] ? __fget_files+0x162/0x200
[ 110.751524] ? __fget_light+0x66/0x100
[ 110.755286] __sys_sendmsg+0xc3/0x140
[ 110.758964] ? __sys_sendmsg_sock+0x20/0x20
[ 110.763158] ? mark_held_locks+0x24/0x90
[ 110.767099] ? ktime_get_coarse_real_ts64+0x19/0x80
[ 110.771990] ? ktime_get_coarse_real_ts64+0x65/0x80
[ 110.776879] ? syscall_trace_enter.constprop.0+0x16f/0x230
[ 110.782375] do_syscall_64+0x5b/0x80
[ 110.785963] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 110.791021] RIP: 0033:0x7fac3b54f71d
[ 110.794609] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 ea
c4 f4 ff 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 2e 00 00
00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e c5 f4
ff 48
[ 110.813362] RSP: 002b:00007ffd3b5c7da0 EFLAGS: 00000293 ORIG_RAX:
000000000000002e
[ 110.820938] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac3b54f71d
[ 110.828081] RDX: 0000000000000000 RSI: 00007ffd3b5c7de0 RDI: 000000000000000d
[ 110.835221] RBP: 0000563d7ac60090 R08: 0000000000000000 R09: 0000000000000000
[ 110.842361] R10: 0000000000000000 R11: 0000000000000293 R12: 00007ffd3b5c7f4c
[ 110.849494] R13: 00007ffd3b5c7f50 R14: 0000000000000000 R15: 00007ffd3b5c7f58
[ 110.856639] </TASK>
[ 110.858837] Modules linked in: pcc_cpufreq(-) rfkill intel_rapl_msr
dcdbas intel_rapl_common amd64_edac edac_mce_amd rapl pcspkr qedi
mgag200 i2c_algo_bit iscsi_boot_sysfs libiscsi drm_shmem_helper
cdc_ether scsi_transport_iscsi usbnet drm_kms_helper mii uio ipmi_ssif
k10temp i2c_piix4 acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler
acpi_power_meter acpi_cpufreq vfat fat drm fuse xfs qedf qede qed
crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel libfcoe
libfc scsi_transport_fc crc8 ccp tg3 sp5100_tco
[ 110.904398] ---[ end trace 0000000000000000 ]---
[ 110.909039] RIP: 0010:qede_load.cold+0x14c/0xa08 [qede]
[ 110.914306] Code: c6 60 fb 40 c0 48 c7 c7 40 e1 40 c0 e8 b7 21 28
c8 48 8b 3c 24 e8 fa 06 2d c7 41 0f b7 9f b6 00 00 00 41 89 dc e9 c2
3c fe ff <0f> 0b 48 c7 c1 60 d0 40 c0 eb c1 49 8d 7f 08 e8 36 09 2d c7
49 8b
[ 110.933068] RSP: 0018:ffff888162ab6e00 EFLAGS: 00010206
[ 110.938314] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffffc03ed524
[ 110.945466] RDX: 000000000000006b RSI: 0000000000000007 RDI: ffff88810401a758
[ 110.952616] RBP: ffff8888a20f2cd0 R08: 0000000000000001 R09: ffffffff8bba9e0f
[ 110.959772] R10: fffffbfff17753c1 R11: 0000000000000001 R12: ffff88810401a758
[ 110.966925] R13: ffff8888a20f2c08 R14: ffff8888a20f2cb6 R15: ffff8888a20f2c00
[ 110.974092] FS: 00007fac3a412500(0000) GS:ffff888810d00000(0000)
knlGS:0000000000000000
[ 110.982198] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 110.987971] CR2: 00007fac38ffca88 CR3: 0000000123528000 CR4: 00000000003506e0
[ 110.995131] Kernel panic - not syncing: Fatal exception
[ 111.001311] Kernel Offset: 0x6000000 from 0xffffffff81000000
(relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 111.012016] ---[ end Kernel panic - not syncing: Fatal exception ]---
kernel tarball:
https://s3.amazonaws.com/arr-cki-prod-trusted-artifacts/trusted-artifacts/604654489/publish%20x86_64%20debug/2813007034/artifacts/kernel-mainline.kernel.org-redhat_604654489_x86_64_debug.tar.gz
kernel config: https://s3.amazonaws.com/arr-cki-prod-trusted-artifacts/trusted-artifacts/604654489/build%20x86_64%20debug/2813006987/artifacts/kernel-mainline.kernel.org-redhat_604654489_x86_64_debug.config
Bruno
>
Powered by blists - more mailing lists