[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <de816b89073544deb2ce34c4b242d583a6d4660f.camel@gmail.com>
Date: Thu, 31 Aug 2023 13:52:55 +0300
From: Eduard Zingerman <eddyz87@...il.com>
To: Jiri Olsa <olsajiri@...il.com>
Cc: Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann
<daniel@...earbox.net>, Andrii Nakryiko <andrii@...nel.org>,
netdev@...r.kernel.org, bpf@...r.kernel.org, Martin KaFai Lau
<kafai@...com>, Song Liu <songliubraving@...com>, Yonghong Song
<yhs@...com>, John Fastabend <john.fastabend@...il.com>, KP Singh
<kpsingh@...omium.org>, Stanislav Fomichev <sdf@...gle.com>, Hao Luo
<haoluo@...gle.com>, Hou Tao <houtao1@...wei.com>
Subject: Re: [BUG bpf-next] bpf/net: Hitting gpf when running selftests
On Wed, 2023-08-30 at 23:07 +0200, Jiri Olsa wrote:
> On Wed, Aug 30, 2023 at 08:58:11PM +0200, Jiri Olsa wrote:
> > hi,
> > I'm hitting crash below on bpf-next/master when running selftests,
> > full log and config attached
>
> it seems to be 'test_progs -t sockmap_listen' triggering that
Hi,
I hit it as well, use the following command to reproduce:
for i in $(seq 1 100); do \
./test_progs -a 'sockmap_listen/sockmap VSOCK test_vsock_redir' \
| grep Summary; \
done
However, my backtrace is slightly different:
[ 30.615412] BUG: kernel NULL pointer dereference, address: 0000000000000008
[ 30.616114] #PF: supervisor write access in kernel mode
[ 30.616114] #PF: error_code(0x0002) - not-present page
[ 30.616114] PGD 0 P4D 0
[ 30.616114] Oops: 0002 [#1] PREEMPT SMP NOPTI
[ 30.616114] CPU: 2 PID: 48 Comm: kworker/2:1 Tainted: G OE 6.5.0-03968-g2e29df8dbb0c #90
[ 30.616114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014
[ 30.616114] Workqueue: events sk_psock_destroy
[ 30.616114] RIP: 0010:skb_dequeue+0x54/0x80
[ 30.616114] Code: 74 45 4c 39 e3 74 40 8b 43 10 83 e8 01 89 43 10 49 8b 14 24 49 8b 44 24 08 49 c7 04 24 00 00 00 00 49 c7 44 24 08 00 00 00 00 <48> 89 42 08 48 89 10 4c 89 ef e8 7d 6f 35 00 41
[ 30.616114] RSP: 0018:ffffc900001afdd0 EFLAGS: 00010097
[ 30.616114] RAX: 0000000000000000 RBX: ffff8881040d39b8 RCX: 3f495367eac50c98
[ 30.616114] RDX: 0000000000000000 RSI: 0000000000000286 RDI: ffff8881040d39d0
[ 30.616114] RBP: ffffc900001afde8 R08: 0000000000000001 R09: 0000000000000001
[ 30.616114] R10: 0000000000000000 R11: 0000000000000091 R12: ffff88810379d000
[ 30.616114] R13: ffff8881040d39d0 R14: ffff88817bd2e6c0 R15: ffff88817bd33905
[ 30.616114] FS: 0000000000000000(0000) GS:ffff88817bd00000(0000) knlGS:0000000000000000
[ 30.616114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.616114] CR2: 0000000000000008 CR3: 000000010548a000 CR4: 0000000000750ee0
[ 30.616114] PKRU: 55555554
[ 30.616114] Call Trace:
[ 30.616114] <TASK>
[ 30.616114] ? show_regs+0x6e/0x80
[ 30.616114] ? __die+0x29/0x70
[ 30.616114] ? page_fault_oops+0x160/0x460
[ 30.616114] ? lock_release+0x137/0x280
[ 30.616114] ? srso_alias_return_thunk+0x5/0x7f
[ 30.616114] ? do_user_addr_fault+0x347/0x840
[ 30.616114] ? __this_cpu_preempt_check+0x17/0x20
[ 30.616114] ? srso_alias_return_thunk+0x5/0x7f
[ 30.616114] ? exc_page_fault+0x72/0x1d0
[ 30.616114] ? asm_exc_page_fault+0x2b/0x30
[ 30.616114] ? skb_dequeue+0x54/0x80
[ 30.616114] sk_psock_destroy+0x91/0x2c0
[ 30.616114] process_one_work+0x287/0x560
[ 30.616114] worker_thread+0x59/0x400
[ 30.616114] ? __pfx_worker_thread+0x10/0x10
[ 30.616114] kthread+0x118/0x150
[ 30.616114] ? __pfx_kthread+0x10/0x10
[ 30.616114] ret_from_fork+0x40/0x60
[ 30.616114] ? __pfx_kthread+0x10/0x10
[ 30.616114] ret_from_fork_asm+0x1b/0x30
[ 30.616114] </TASK>
[ 30.616114] Modules linked in: [last unloaded: bpf_testmod(OE)]
[ 30.616114] CR2: 0000000000000008
[ 30.616114] ---[ end trace 0000000000000000 ]---
[ 30.616114] RIP: 0010:skb_dequeue+0x54/0x80
[ 30.616114] Code: 74 45 4c 39 e3 74 40 8b 43 10 83 e8 01 89 43 10 49 8b 14 24 49 8b 44 24 08 49 c7 04 24 00 00 00 00 49 c7 44 24 08 00 00 00 00 <48> 89 42 08 48 89 10 4c 89 ef e8 7d 6f 35 00 41
[ 30.616114] RSP: 0018:ffffc900001afdd0 EFLAGS: 00010097
[ 30.616114] RAX: 0000000000000000 RBX: ffff8881040d39b8 RCX: 3f495367eac50c98
[ 30.616114] RDX: 0000000000000000 RSI: 0000000000000286 RDI: ffff8881040d39d0
[ 30.616114] RBP: ffffc900001afde8 R08: 0000000000000001 R09: 0000000000000001
[ 30.616114] R10: 0000000000000000 R11: 0000000000000091 R12: ffff88810379d000
[ 30.616114] R13: ffff8881040d39d0 R14: ffff88817bd2e6c0 R15: ffff88817bd33905
[ 30.616114] FS: 0000000000000000(0000) GS:ffff88817bd00000(0000) knlGS:0000000000000000
[ 30.616114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.616114] CR2: 0000000000000008 CR3: 000000010548a000 CR4: 0000000000750ee0
[ 30.616114] PKRU: 55555554
[ 30.616114] Kernel panic - not syncing: Fatal exception
[ 30.616114] Kernel Offset: disabled
[ 30.616114] ---[ end Kernel panic - not syncing: Fatal exception ]---
>
> jirka
>
> >
> > jirka
> >
> >
> > ---
> > [ 1022.710250][ T2556] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b73: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC NOPTI^M
> > [ 1022.711206][ T2556] CPU: 2 PID: 2556 Comm: kworker/2:4 Tainted: G OE 6.5.0+ #693 1723c8b9805ff5a1672ab7e6f25977078a7bcceb^M
> > [ 1022.712120][ T2556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014^M
> > [ 1022.712830][ T2556] Workqueue: events sk_psock_backlog^M
> > [ 1022.713262][ T2556] RIP: 0010:skb_dequeue+0x4c/0x80^M
> > [ 1022.713653][ T2556] Code: 41 48 85 ed 74 3c 8b 43 10 4c 89 e7 83 e8 01 89 43 10 48 8b 45 08 48 8b 55 00 48 c7 45 08 00 00 00 00 48 c7 45 00 00 00 00 00 <48> 89 42 08 48 89 10 e8 e8 6a 41 00 48 89 e8 5b 5d 41 5c c3 cc cc^M
> > [ 1022.714963][ T2556] RSP: 0018:ffffc90003ca7dd0 EFLAGS: 00010046^M
> > [ 1022.715431][ T2556] RAX: 6b6b6b6b6b6b6b6b RBX: ffff88811de269d0 RCX: 0000000000000000^M
> > [ 1022.716068][ T2556] RDX: 6b6b6b6b6b6b6b6b RSI: 0000000000000282 RDI: ffff88811de269e8^M
> > [ 1022.716676][ T2556] RBP: ffff888141ae39c0 R08: 0000000000000001 R09: 0000000000000000^M
> > [ 1022.717283][ T2556] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88811de269e8^M
> > [ 1022.717930][ T2556] R13: 0000000000000001 R14: ffff888141ae39c0 R15: ffff88810a20e640^M
> > [ 1022.718549][ T2556] FS: 0000000000000000(0000) GS:ffff88846d600000(0000) knlGS:0000000000000000^M
> > [ 1022.719241][ T2556] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033^M
> > [ 1022.719761][ T2556] CR2: 00007fb5c25ca000 CR3: 000000012b902004 CR4: 0000000000770ee0^M
> > [ 1022.720394][ T2556] PKRU: 55555554^M
> > [ 1022.720699][ T2556] Call Trace:^M
> > [ 1022.720984][ T2556] <TASK>^M
> > [ 1022.721254][ T2556] ? die_addr+0x32/0x80^M
> > [ 1022.721589][ T2556] ? exc_general_protection+0x25a/0x4b0^M
> > [ 1022.722026][ T2556] ? asm_exc_general_protection+0x22/0x30^M
> > [ 1022.722489][ T2556] ? skb_dequeue+0x4c/0x80^M
> > [ 1022.722854][ T2556] sk_psock_backlog+0x27a/0x300^M
> > [ 1022.723243][ T2556] process_one_work+0x2a7/0x5b0^M
> > [ 1022.723633][ T2556] worker_thread+0x4f/0x3a0^M
> > [ 1022.723998][ T2556] ? __pfx_worker_thread+0x10/0x10^M
> > [ 1022.724386][ T2556] kthread+0xfd/0x130^M
> > [ 1022.724709][ T2556] ? __pfx_kthread+0x10/0x10^M
> > [ 1022.725066][ T2556] ret_from_fork+0x2d/0x50^M
> > [ 1022.725409][ T2556] ? __pfx_kthread+0x10/0x10^M
> > [ 1022.725799][ T2556] ret_from_fork_asm+0x1b/0x30^M
> > [ 1022.726201][ T2556] </TASK>^M
>
Powered by blists - more mailing lists