syzbot


BUG: stack guard page was hit in mark_lock

Status: auto-closed as invalid on 2021/04/13 02:50
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+1ea34900b9a6fb8526c4@syzkaller.appspotmail.com
First crash: 1394d, last: 1190d
Discussions (1)
Title Replies (including bot) Last reply
BUG: stack guard page was hit in mark_lock 0 (1) 2020/05/28 18:03

Sample crash report:
BUG: stack guard page was hit at 00000000064eb785 (stack is 000000008ade740f..00000000f8a259a3)
kernel stack overflow (double-fault): 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 11442 Comm: syz-executor.2 Not tainted 5.10.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:mark_lock+0x23/0x1730 kernel/locking/lockdep.c:4372
Code: 1f 84 00 00 00 00 00 41 57 41 56 41 55 41 54 41 89 d4 48 ba 00 00 00 00 00 fc ff df 55 53 48 81 ec 10 01 00 00 48 8d 5c 24 30 <48> 89 3c 24 48 c7 44 24 30 b3 8a b5 41 48 c1 eb 03 48 c7 44 24 38
RSP: 0018:ffffc9001b197f78 EFLAGS: 00010086
RAX: 0000000000000000 RBX: ffffc9001b197fa8 RCX: 0000000000000003
RDX: dffffc0000000000 RSI: ffff88807d822380 RDI: ffff88807d821a40
RBP: ffff88807d821a40 R08: 0000000000000000 R09: ffffffff8ebb067f
R10: fffffbfff1d760cf R11: 0000000000000000 R12: 0000000000000008
R13: 0000000000000003 R14: dffffc0000000000 R15: ffff88807d822358
FS:  00007fdde1167700(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc9001b197f68 CR3: 00000000a61b1000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 mark_usage kernel/locking/lockdep.c:4332 [inline]
 __lock_acquire+0x8bb/0x5500 kernel/locking/lockdep.c:4786
 lock_acquire kernel/locking/lockdep.c:5437 [inline]
 lock_acquire+0x29d/0x740 kernel/locking/lockdep.c:5402
 rcu_lock_acquire include/linux/rcupdate.h:248 [inline]
 rcu_read_lock include/linux/rcupdate.h:641 [inline]
 dev_get_alias+0x40/0x230 net/core/dev.c:1429
 nla_put_ifalias+0x82/0x170 net/core/rtnetlink.c:1567
 rtnl_fill_ifinfo+0xb7f/0x3dc0 net/core/rtnetlink.c:1745
 rtmsg_ifinfo_build_skb+0xcd/0x1a0 net/core/rtnetlink.c:3807
 rtmsg_ifinfo_event net/core/rtnetlink.c:3839 [inline]
 rtmsg_ifinfo_event net/core/rtnetlink.c:3830 [inline]
 rtnetlink_event+0x123/0x1d0 net/core/rtnetlink.c:5613
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
 bond_compute_features+0x562/0xa80 drivers/net/bonding/bond_main.c:1308
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3405 [inline]
 bond_netdev_event+0x94b/0xca0 drivers/net/bonding/bond_main.c:3445
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
 bond_compute_features+0x562/0xa80 drivers/net/bonding/bond_main.c:1308
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3405 [inline]
 bond_netdev_event+0x94b/0xca0 drivers/net/bonding/bond_main.c:3445
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
 bond_compute_features+0x562/0xa80 drivers/net/bonding/bond_main.c:1308
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3405 [inline]
 bond_netdev_event+0x94b/0xca0 drivers/net/bonding/bond_main.c:3445
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
 bond_compute_features+0x562/0xa80 drivers/net/bonding/bond_main.c:1308
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3405 [inline]
 bond_netdev_event+0x94b/0xca0 drivers/net/bonding/bond_main.c:3445
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
 bond_compute_features+0x562/0xa80 drivers/net/bonding/bond_main.c:1308
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3405 [inline]
 bond_netdev_event+0x94b/0xca0 drivers/net/bonding/bond_main.c:3445
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
 bond_compute_features+0x562/0xa80 drivers/net/bonding/bond_main.c:1308
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3405 [inline]
 bond_netdev_event+0x94b/0xca0 drivers/net/bonding/bond_main.c:3445
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
 bond_compute_features+0x562/0xa80 drivers/net/bonding/bond_main.c:1308
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3405 [inline]
 bond_netdev_event+0x94b/0xca0 drivers/net/bonding/bond_main.c:3445
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
 bond_compute_features+0x562/0xa80 drivers/net/bonding/bond_main.c:1308
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3405 [inline]
 bond_netdev_event+0x94b/0xca0 drivers/net/bonding/bond_main.c:3445
 notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2035
 call_netdevice_notifiers_extack net/core/dev.c:2047 [inline]
 call_netdevice_notifiers net/core/dev.c:2061 [inline]
 netdev_features_change net/core/dev.c:1446 [inline]
 netdev_sync_lower_features net/core/dev.c:9524 [inline]
 __netdev_update_features+0x88d/0x15c0 net/core/dev.c:9655
 netdev_change_features+0x61/0xb0 net/core/dev.c:9727
Lost 394 message(s)!
---[ end trace bd11a7537a743376 ]---
RIP: 0010:mark_lock+0x23/0x1730 kernel/locking/lockdep.c:4372
Code: 1f 84 00 00 00 00 00 41 57 41 56 41 55 41 54 41 89 d4 48 ba 00 00 00 00 00 fc ff df 55 53 48 81 ec 10 01 00 00 48 8d 5c 24 30 <48> 89 3c 24 48 c7 44 24 30 b3 8a b5 41 48 c1 eb 03 48 c7 44 24 38
RSP: 0018:ffffc9001b197f78 EFLAGS: 00010086
RAX: 0000000000000000 RBX: ffffc9001b197fa8 RCX: 0000000000000003
RDX: dffffc0000000000 RSI: ffff88807d822380 RDI: ffff88807d821a40
RBP: ffff88807d821a40 R08: 0000000000000000 R09: ffffffff8ebb067f
R10: fffffbfff1d760cf R11: 0000000000000000 R12: 0000000000000008
R13: 0000000000000003 R14: dffffc0000000000 R15: ffff88807d822358
FS:  00007fdde1167700(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc9001b197f68 CR3: 00000000a61b1000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (12):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/12/14 02:49 upstream 6bff9bb8a292 b22a7ec3 .config console log report info ci-upstream-kasan-gce
2020/08/19 10:35 upstream 18445bf405cb e1c29030 .config console log report ci-upstream-kasan-gce
2020/06/03 05:37 upstream 1ee08de1e234 f3ba1b5b .config console log report ci-upstream-kasan-gce-root
2020/11/26 15:54 upstream fa02fcd94b0c 1d2b823e .config console log report info ci-upstream-kasan-gce-386
2020/09/30 03:10 upstream ccc1d052eff9 5abc3f1a .config console log report info ci-upstream-kasan-gce-386
2020/11/27 19:29 net-next-old 594e31bcebd6 486f93ef .config console log report info ci-upstream-net-kasan-gce
2020/09/02 16:07 net-next-old dc1a9bf2c816 abf9ba4f .config console log report ci-upstream-net-kasan-gce
2020/08/22 07:41 net-next-old 3478f90cbff4 6436ce4b .config console log report ci-upstream-net-kasan-gce
2020/08/18 01:05 net-next-old 7fca4dee610d 424dd8e7 .config console log report ci-upstream-net-kasan-gce
2020/07/01 17:08 net-next-old 2b04a6615615 39acb39d .config console log report ci-upstream-net-kasan-gce
2020/05/24 17:22 net-next-old 54b9aca08c9a bd28eb9d .config console log report ci-upstream-net-kasan-gce
2020/06/30 21:32 linux-next c28e58ee9dad 917afeaa .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.