| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <677b6626.050a0220.3b3668.0002.GAE@google.com>
Date: Sun, 05 Jan 2025 21:12:06 -0800
From: syzbot <syzbot+e9b1ff41aa6a7ebf9640@...kaller.appspotmail.com>
To: kvalo@...nel.org, linux-kernel@...r.kernel.org,
linux-wireless@...r.kernel.org, nbd@....name, netdev@...r.kernel.org,
syzkaller-bugs@...glegroups.com, toke@...e.dk
Subject: Re: [syzbot] [wireless?] INFO: task hung in ath9k_hif_usb_firmware_cb (3)
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
s enabled.
[ 1.190003][ T0] rcu: RCU debug extended QS entry/exit.
[ 1.190988][ T0] All grace periods are expedited (rcu_expedited).
[ 1.191939][ T0] Trampoline variant of Tasks RCU enabled.
[ 1.192694][ T0] Tracing variant of Tasks RCU enabled.
[ 1.193396][ T0] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies.
[ 1.194479][ T0] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2
[ 1.195538][ T0] Running RCU synchronous self tests
[ 1.196263][ T0] RCU Tasks: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2.
[ 1.197551][ T0] RCU Tasks Trace: Setting shift to 1 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=2.
[ 1.275546][ T0] NR_IRQS: 4352, nr_irqs: 440, preallocated irqs: 16
[ 1.277185][ T0] rcu: srcu_init: Setting srcu_struct sizes based on contention.
[ 1.278480][ T0] kfence: initialized - using 2097152 bytes for 255 objects at 0xffff88823be00000-0xffff88823c000000
[ 1.280693][ T0] Console: colour VGA+ 80x25
[ 1.281394][ T0] printk: legacy console [ttyS0] enabled
[ 1.281394][ T0] printk: legacy console [ttyS0] enabled
[ 1.282994][ T0] printk: legacy bootconsole [earlyser0] disabled
[ 1.282994][ T0] printk: legacy bootconsole [earlyser0] disabled
[ 1.284703][ T0] Lock dependency validator: Copyright (c) 2006 Red Hat, Inc., Ingo Molnar
[ 1.285830][ T0] ... MAX_LOCKDEP_SUBCLASSES: 8
[ 1.286485][ T0] ... MAX_LOCK_DEPTH: 48
[ 1.287197][ T0] ... MAX_LOCKDEP_KEYS: 8192
[ 1.287919][ T0] ... CLASSHASH_SIZE: 4096
[ 1.288630][ T0] ... MAX_LOCKDEP_ENTRIES: 1048576
[ 1.289352][ T0] ... MAX_LOCKDEP_CHAINS: 1048576
[ 1.290119][ T0] ... CHAINHASH_SIZE: 524288
[ 1.290963][ T0] memory used by lock dependency info: 106625 kB
[ 1.291807][ T0] memory used for stack traces: 8320 kB
[ 1.292562][ T0] per task-struct memory footprint: 1920 bytes
[ 1.293542][ T0] mempolicy: Enabling automatic NUMA balancing. Configure with numa_balancing= or the kernel.numa_balancing sysctl
[ 1.295195][ T0] ACPI: Core revision 20240827
[ 1.296401][ T0] APIC: Switch to symmetric I/O mode setup
[ 1.297557][ T0] x2apic enabled
[ 1.300642][ T0] APIC: Switched APIC routing to: physical x2apic
[ 1.305247][ T0] ..TIMER: vector=0x30 apic1=0 pin1=0 apic2=-1 pin2=-1
[ 1.306357][ T0] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x2350b6af5f8, max_idle_ns: 440795252949 ns
[ 1.308110][ T0] Calibrating delay loop (skipped) preset value.. 4899.99 BogoMIPS (lpj=24499980)
[ 1.309487][ T0] x86/cpu: User Mode Instruction Prevention (UMIP) activated
[ 1.310835][ T0] Last level iTLB entries: 4KB 512, 2MB 512, 4MB 256
[ 1.311724][ T0] Last level dTLB entries: 4KB 2048, 2MB 2048, 4MB 1024, 1GB 0
[ 1.312765][ T0] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
[ 1.314119][ T0] Spectre V2 : Mitigation: Retpolines
[ 1.314831][ T0] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[ 1.316024][ T0] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT
[ 1.318151][ T0] Spectre V2 : Enabling Restricted Speculation for firmware calls
[ 1.319414][ T0] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier
[ 1.320674][ T0] Spectre V2 : User space: Mitigation: STIBP via prctl
[ 1.321638][ T0] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl
[ 1.323179][ T0] Speculative Return Stack Overflow: Mitigation: Safe RET
[ 1.324189][ T0] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
[ 1.325303][ T0] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
[ 1.326298][ T0] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
[ 1.327284][ T0] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
[ 1.328107][ T0] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'compacted' format.
[ 1.604248][ T0] Freeing SMP alternatives memory: 128K
[ 1.605166][ T0] pid_max: default: 32768 minimum: 301
[ 1.606440][ T0] LSM: initializing lsm=lockdown,capability,landlock,yama,safesetid,tomoyo,apparmor,bpf,ima,evm
[ 1.608771][ T0] landlock: Up and running.
[ 1.609554][ T0] Yama: becoming mindful.
[ 1.610776][ T0] TOMOYO Linux initialized
[ 1.612635][ T0] AppArmor: AppArmor initialized
[ 1.616080][ T0] LSM support for eBPF active
[ 1.621951][ T0] Dentry cache hash table entries: 1048576 (order: 11, 8388608 bytes, vmalloc hugepage)
[ 1.625424][ T0] Inode-cache hash table entries: 524288 (order: 10, 4194304 bytes, vmalloc hugepage)
[ 1.627339][ T0] Mount-cache hash table entries: 16384 (order: 5, 131072 bytes, vmalloc)
[ 1.628497][ T0] Mountpoint-cache hash table entries: 16384 (order: 5, 131072 bytes, vmalloc)
[ 1.634212][ T0] Running RCU synchronous self tests
[ 1.635020][ T0] Running RCU synchronous self tests
[ 1.757500][ T1] smpboot: CPU0: AMD EPYC 7B13 (family: 0x19, model: 0x1, stepping: 0x0)
[ 1.758098][ T1] Running RCU Tasks wait API self tests
[ 1.858617][ T1] Running RCU Tasks Trace wait API self tests
[ 1.859754][ T1] Performance Events: PMU not available due to virtualization, using software events only.
[ 1.869763][ T1] signal: max sigframe size: 1776
[ 1.871320][ T1] rcu: Hierarchical SRCU implementation.
[ 1.872132][ T1] rcu: Max phase no-delay instances is 1000.
[ 1.874159][ T1] Timer migration: 1 hierarchy levels; 8 children per group; 0 crossnode level
[ 1.878328][ T15] Callback from call_rcu_tasks_trace() invoked.
[ 1.935530][ T1] NMI watchdog: Perf NMI watchdog permanently disabled
[ 1.937523][ T1] smp: Bringing up secondary CPUs ...
[ 1.950450][ T1] smpboot: x86: Booting SMP configuration:
[ 1.951284][ T1] .... node #0, CPUs: #1
[ 1.951629][ T22] ------------[ cut here ]------------
[ 1.951629][ T22] workqueue: work disable count underflowed
[ 1.951629][ T22] WARNING: CPU: 1 PID: 22 at kernel/workqueue.c:4317 enable_work+0x34d/0x360
[ 1.951629][ T22] Modules linked in:
[ 1.951832][ T22] CPU: 1 UID: 0 PID: 22 Comm: cpuhp/1 Not tainted 6.13.0-rc6-syzkaller-g9d89551994a4-dirty #0
[ 1.953189][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1.954559][ T22] RIP: 0010:enable_work+0x34d/0x360
[ 1.955294][ T22] Code: d8 5b 41 5c 41 5d 41 5e 41 5f 5d e9 08 3f 88 0a e8 18 82 37 00 c6 05 f9 ac 9b 0e 01 90 48 c7 c7 a0 d7 09 8c e8 d4 25 f8 ff 90 <0f> 0b 90 90 e9 56 ff ff ff e8 b5 c7 60 0a 0f 1f 44 00 00 90 90 90
[ 1.957894][ T22] RSP: 0018:ffffc900001c7bc0 EFLAGS: 00010046
[ 1.958098][ T22] RAX: caa1100063be3a00 RBX: 0000000000000000 RCX: ffff88801d2e3c00
[ 1.958098][ T22] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1.958098][ T22] RBP: ffffc900001c7c88 R08: ffffffff81602a82 R09: 1ffffffff1cfa210
[ 1.958098][ T22] R10: dffffc0000000000 R11: fffffbfff1cfa211 R12: 1ffff92000038f7c
[ 1.958098][ T22] R13: 1ffff92000038f84 R14: 001fffffffc00001 R15: ffff8880b8738770
[ 1.958098][ T22] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1.958098][ T22] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1.958098][ T22] CR2: 0000000000000000 CR3: 000000000e736000 CR4: 0000000000350ef0
[ 1.958098][ T22] Call Trace:
[ 1.958098][ T22] <TASK>
[ 1.958098][ T22] ? __warn+0x165/0x4d0
[ 1.958098][ T22] ? enable_work+0x34d/0x360
[ 1.958098][ T22] ? report_bug+0x2b3/0x500
[ 1.958098][ T22] ? enable_work+0x34d/0x360
[ 1.958098][ T22] ? handle_bug+0x60/0x90
[ 1.958098][ T22] ? exc_invalid_op+0x1a/0x50
[ 1.958098][ T22] ? asm_exc_invalid_op+0x1a/0x20
[ 1.958098][ T22] ? __warn_printk+0x292/0x360
[ 1.958098][ T22] ? enable_work+0x34d/0x360
[ 1.958098][ T22] ? __pfx_enable_work+0x10/0x10
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] ? __pfx_vmstat_cpu_online+0x10/0x10
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] ? rcu_is_watching+0x15/0xb0
[ 1.958098][ T22] vmstat_cpu_online+0xbb/0xe0
[ 1.958098][ T22] ? __pfx_vmstat_cpu_online+0x10/0x10
[ 1.958098][ T22] cpuhp_invoke_callback+0x48f/0x830
[ 1.958098][ T22] ? __pfx_vmstat_cpu_online+0x10/0x10
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] cpuhp_thread_fun+0x41c/0x810
[ 1.958098][ T22] ? cpuhp_thread_fun+0x130/0x810
[ 1.958098][ T22] ? __pfx_cpuhp_thread_fun+0x10/0x10
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1.958098][ T22] ? __pfx_cpuhp_thread_fun+0x10/0x10
[ 1.958098][ T22] smpboot_thread_fn+0x546/0xa30
[ 1.958098][ T22] ? smpboot_thread_fn+0x4e/0xa30
[ 1.958098][ T22] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1.958098][ T22] kthread+0x2f2/0x390
[ 1.958098][ T22] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1.958098][ T22] ? __pfx_kthread+0x10/0x10
[ 1.958098][ T22] ret_from_fork+0x4d/0x80
[ 1.958098][ T22] ? __pfx_kthread+0x10/0x10
[ 1.958098][ T22] ret_from_fork_asm+0x1a/0x30
[ 1.958098][ T22] </TASK>
[ 1.958098][ T22] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1.958098][ T22] CPU: 1 UID: 0 PID: 22 Comm: cpuhp/1 Not tainted 6.13.0-rc6-syzkaller-g9d89551994a4-dirty #0
[ 1.958098][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1.958098][ T22] Call Trace:
[ 1.958098][ T22] <TASK>
[ 1.958098][ T22] dump_stack_lvl+0x241/0x360
[ 1.958098][ T22] ? __pfx_dump_stack_lvl+0x10/0x10
[ 1.958098][ T22] ? __pfx__printk+0x10/0x10
[ 1.958098][ T22] ? _printk+0xd5/0x120
[ 1.958098][ T22] ? __init_begin+0x41000/0x41000
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] ? vscnprintf+0x5d/0x90
[ 1.958098][ T22] panic+0x349/0x880
[ 1.958098][ T22] ? __warn+0x174/0x4d0
[ 1.958098][ T22] ? __pfx_panic+0x10/0x10
[ 1.958098][ T22] ? ret_from_fork_asm+0x1a/0x30
[ 1.958098][ T22] __warn+0x344/0x4d0
[ 1.958098][ T22] ? enable_work+0x34d/0x360
[ 1.958098][ T22] report_bug+0x2b3/0x500
[ 1.958098][ T22] ? enable_work+0x34d/0x360
[ 1.958098][ T22] handle_bug+0x60/0x90
[ 1.958098][ T22] exc_invalid_op+0x1a/0x50
[ 1.958098][ T22] asm_exc_invalid_op+0x1a/0x20
[ 1.958098][ T22] RIP: 0010:enable_work+0x34d/0x360
[ 1.958098][ T22] Code: d8 5b 41 5c 41 5d 41 5e 41 5f 5d e9 08 3f 88 0a e8 18 82 37 00 c6 05 f9 ac 9b 0e 01 90 48 c7 c7 a0 d7 09 8c e8 d4 25 f8 ff 90 <0f> 0b 90 90 e9 56 ff ff ff e8 b5 c7 60 0a 0f 1f 44 00 00 90 90 90
[ 1.958098][ T22] RSP: 0018:ffffc900001c7bc0 EFLAGS: 00010046
[ 1.958098][ T22] RAX: caa1100063be3a00 RBX: 0000000000000000 RCX: ffff88801d2e3c00
[ 1.958098][ T22] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1.958098][ T22] RBP: ffffc900001c7c88 R08: ffffffff81602a82 R09: 1ffffffff1cfa210
[ 1.958098][ T22] R10: dffffc0000000000 R11: fffffbfff1cfa211 R12: 1ffff92000038f7c
[ 1.958098][ T22] R13: 1ffff92000038f84 R14: 001fffffffc00001 R15: ffff8880b8738770
[ 1.958098][ T22] ? __warn_printk+0x292/0x360
[ 1.958098][ T22] ? __pfx_enable_work+0x10/0x10
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] ? __pfx_vmstat_cpu_online+0x10/0x10
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] ? rcu_is_watching+0x15/0xb0
[ 1.958098][ T22] vmstat_cpu_online+0xbb/0xe0
[ 1.958098][ T22] ? __pfx_vmstat_cpu_online+0x10/0x10
[ 1.958098][ T22] cpuhp_invoke_callback+0x48f/0x830
[ 1.958098][ T22] ? __pfx_vmstat_cpu_online+0x10/0x10
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] cpuhp_thread_fun+0x41c/0x810
[ 1.958098][ T22] ? cpuhp_thread_fun+0x130/0x810
[ 1.958098][ T22] ? __pfx_cpuhp_thread_fun+0x10/0x10
[ 1.958098][ T22] ? srso_alias_return_thunk+0x5/0xfbef5
[ 1.958098][ T22] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1.958098][ T22] ? __pfx_cpuhp_thread_fun+0x10/0x10
[ 1.958098][ T22] smpboot_thread_fn+0x546/0xa30
[ 1.958098][ T22] ? smpboot_thread_fn+0x4e/0xa30
[ 1.958098][ T22] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1.958098][ T22] kthread+0x2f2/0x390
[ 1.958098][ T22] ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1.958098][ T22] ? __pfx_kthread+0x10/0x10
[ 1.958098][ T22] ret_from_fork+0x4d/0x80
[ 1.958098][ T22] ? __pfx_kthread+0x10/0x10
[ 1.958098][ T22] ret_from_fork_asm+0x1a/0x30
[ 1.958098][ T22] </TASK>
[ 1.958098][ T22] Rebooting in 86400 seconds..
syzkaller build log:
go env (err=<nil>)
GO111MODULE='auto'
GOARCH='amd64'
GOBIN=''
GOCACHE='/syzkaller/.cache/go-build'
GOENV='/syzkaller/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/syzkaller/jobs-2/linux/gopath/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/syzkaller/jobs-2/linux/gopath'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.22.7'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/syzkaller/jobs-2/linux/gopath/src/github.com/google/syzkaller/go.mod'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build1119513314=/tmp/go-build -gno-record-gcc-switches'
git status (err=<nil>)
HEAD detached at 1432fc845
nothing to commit, working tree clean
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sys/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
bin/syz-sysgen
go fmt ./sys/... >/dev/null
touch .descriptions
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=1432fc84530255f6208c5719be796918244fa9d3 -X 'github.com/google/syzkaller/prog.gitRevisionDate=20241218-130448'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
mkdir -p ./bin/linux_amd64
g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \
-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -std=c++17 -I. -Iexecutor/_include -fpermissive -w -DGOOS_linux=1 -DGOARCH_amd64=1 \
-DHOSTGOOS_linux=1 -DGIT_REVISION=\"1432fc84530255f6208c5719be796918244fa9d3\"
/usr/bin/ld: /tmp/ccsfxsCp.o: in function `Connection::Connect(char const*, char const*)':
executor.cc:(.text._ZN10Connection7ConnectEPKcS1_[_ZN10Connection7ConnectEPKcS1_]+0x104): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=139fd6f8580000
Tested on:
commit: 9d895519 Linux 6.13-rc6
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=4ef22c4fce5135b4
dashboard link: https://syzkaller.appspot.com/bug?extid=e9b1ff41aa6a7ebf9640
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
patch: https://syzkaller.appspot.com/x/patch.diff?x=12c039c4580000
Powered by blists - more mailing lists