bisecting cause commit starting from 5760d9acbe9514eec68eb70821d6fa5764f57042 building syzkaller on ce441f065b6eebb166bb006dfd28ea0c6b730384 testing commit 5760d9acbe9514eec68eb70821d6fa5764f57042 with gcc (GCC) 8.1.0 kernel signature: 4383591a27d1af7d5eb02dccc1417796ec670c958adf39817888d632f3295d42 all runs: crashed: WARNING in taprio_change testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: a5605c20e31328ccc294cda5723bdb0a6f6e735b572b14d36e8b7bf1b8876f30 all runs: OK # git bisect start 5760d9acbe9514eec68eb70821d6fa5764f57042 bcf876870b95592b52519ed4aafcf9d95999bc9c Bisecting: 6631 revisions left to test after this (roughly 13 steps) [47ec5303d73ea344e84f46660fff693c57641386] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next testing commit 47ec5303d73ea344e84f46660fff693c57641386 with gcc (GCC) 8.1.0 kernel signature: a22c98053106e71943bba3e6ed0dc010646a9d8aa37e28d4b85e92c0afbe0dc3 all runs: OK # git bisect good 47ec5303d73ea344e84f46660fff693c57641386 Bisecting: 3299 revisions left to test after this (roughly 12 steps) [32663c78c10f80df90b832de0428a6cb98a64e9a] Merge tag 'trace-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace testing commit 32663c78c10f80df90b832de0428a6cb98a64e9a with gcc (GCC) 8.1.0 kernel signature: c382efc617dbe29e087588f95086f3c01894e0f39c0e3192e6e69a4a7605c3cf all runs: OK # git bisect good 32663c78c10f80df90b832de0428a6cb98a64e9a Bisecting: 1656 revisions left to test after this (roughly 11 steps) [e764a1e32337aaf325fc5b14a5bbd06eabba4699] Merge branch 'i2c/for-5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux testing commit e764a1e32337aaf325fc5b14a5bbd06eabba4699 with gcc (GCC) 8.1.0 kernel signature: 98d2ac63b7f018af933df0d3ab9c975334400aa3c661df264b46b2e6489dd34a all runs: OK # git bisect good e764a1e32337aaf325fc5b14a5bbd06eabba4699 Bisecting: 837 revisions left to test after this (roughly 10 steps) [f320ac6e131669345c7f4abefbb228b570eb9199] Merge branch 'work.epoll' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs testing commit f320ac6e131669345c7f4abefbb228b570eb9199 with gcc (GCC) 8.1.0 kernel signature: df1493478013733d11fd79e5178443cb11c2a7e087d8e1e5830c5b3709b7ff7a all runs: OK # git bisect good f320ac6e131669345c7f4abefbb228b570eb9199 Bisecting: 418 revisions left to test after this (roughly 9 steps) [d37d56920004cae612fa32d1f92aaacca5e145f7] Merge branch 'linux-5.9' of git://github.com/skeggsb/linux into drm-fixes testing commit d37d56920004cae612fa32d1f92aaacca5e145f7 with gcc (GCC) 8.1.0 kernel signature: 8bb96d6f78539b53900dff6f984f71003084a9fb6b40e3172a2321fa6c833bc1 all runs: OK # git bisect good d37d56920004cae612fa32d1f92aaacca5e145f7 Bisecting: 203 revisions left to test after this (roughly 8 steps) [3e8d3bdc2a757cc6be5470297947799a7df445cc] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net testing commit 3e8d3bdc2a757cc6be5470297947799a7df445cc with gcc (GCC) 8.1.0 kernel signature: 9454285cb0b1820c99ef6709c594ce056a1bba25c613a9fe4a94af84ccdf8e8d all runs: OK # git bisect good 3e8d3bdc2a757cc6be5470297947799a7df445cc Bisecting: 100 revisions left to test after this (roughly 7 steps) [f162626a038ec06da98ac38ce3d6bdbd715e9c5f] Merge tag 'pm-5.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm testing commit f162626a038ec06da98ac38ce3d6bdbd715e9c5f with gcc (GCC) 8.1.0 kernel signature: 35ae328ffcd9984bd853dfd31658b838fdaad0050f1adf762d3b1bebd18be614 all runs: OK # git bisect good f162626a038ec06da98ac38ce3d6bdbd715e9c5f Bisecting: 49 revisions left to test after this (roughly 6 steps) [6fd40d32ef545628225a00c861908a20bfc510a5] Merge tag 'ieee802154-for-davem-2020-09-08' of git://git.kernel.org/pub/scm/linux/kernel/git/sschmidt/wpan testing commit 6fd40d32ef545628225a00c861908a20bfc510a5 with gcc (GCC) 8.1.0 kernel signature: 52650f3cd13850c0ce7274194200a115d602a54ee2a0d0a7cb3bbf3e2bb80714 all runs: OK # git bisect good 6fd40d32ef545628225a00c861908a20bfc510a5 Bisecting: 24 revisions left to test after this (roughly 5 steps) [edecfa98f602a597666e3c5cab2677ada38d93c5] net: dsa: microchip: look for phy-mode in port nodes testing commit edecfa98f602a597666e3c5cab2677ada38d93c5 with gcc (GCC) 8.1.0 kernel signature: 2e809f4cbd3bf7bdb2a0d4c0fb4f3fd048306ab1318244b249802d74f6e71b09 all runs: OK # git bisect good edecfa98f602a597666e3c5cab2677ada38d93c5 Bisecting: 12 revisions left to test after this (roughly 4 steps) [cdaa7a73700d40ffb4250b845422e4c4102feab5] Merge branch 'net-Fix-bridge-enslavement-failure' testing commit cdaa7a73700d40ffb4250b845422e4c4102feab5 with gcc (GCC) 8.1.0 kernel signature: e0ca60aabe7571a56400e043a41cf20952c0234d6d46d2166e7ec89efb246f9b all runs: OK # git bisect good cdaa7a73700d40ffb4250b845422e4c4102feab5 Bisecting: 8 revisions left to test after this (roughly 3 steps) [4406e977a4a1e997818b6d77c3218ef8d15b2abf] igc: Fix not considering the TX delay for timestamps testing commit 4406e977a4a1e997818b6d77c3218ef8d15b2abf with gcc (GCC) 8.1.0 kernel signature: 0bec6a85acacdcac46e71498753ddbe7453f2c2f02f69aa9626ee7b818c48c2d all runs: OK # git bisect good 4406e977a4a1e997818b6d77c3218ef8d15b2abf Bisecting: 4 revisions left to test after this (roughly 2 steps) [cdb0e6dccc1fd0f7096d333d90cad0ac81c2b342] enetc: Fix mdio bus removal on PF probe bailout testing commit cdb0e6dccc1fd0f7096d333d90cad0ac81c2b342 with gcc (GCC) 8.1.0 kernel signature: f02521bb65a143f868b7aada51d215d07ce943dcd41677943e2ba1fc4983c7b3 all runs: OK # git bisect good cdb0e6dccc1fd0f7096d333d90cad0ac81c2b342 Bisecting: 2 revisions left to test after this (roughly 1 step) [b5b73b26b3ca34574124ed7ae9c5ba8391a7f176] taprio: Fix allowing too small intervals testing commit b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 with gcc (GCC) 8.1.0 kernel signature: 107457afed278cefb0c4420f1a25dfaf28214d502c4b2951b0ad82a22f430217 all runs: crashed: WARNING in taprio_change # git bisect bad b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 Bisecting: 0 revisions left to test after this (roughly 0 steps) [53467ecb6f38d7cbd86359ff1c8958b8b568dc57] Merge branch '40GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/net-queue testing commit 53467ecb6f38d7cbd86359ff1c8958b8b568dc57 with gcc (GCC) 8.1.0 kernel signature: ef0821e79f8e83d86103436ff58d9717042a5e5cda87a8ec2592b3c1a9a7ad4a all runs: OK # git bisect good 53467ecb6f38d7cbd86359ff1c8958b8b568dc57 b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 is the first bad commit commit b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 Author: Vinicius Costa Gomes Date: Wed Sep 9 17:03:11 2020 -0700 taprio: Fix allowing too small intervals It's possible that the user specifies an interval that couldn't allow any packet to be transmitted. This also avoids the issue of the hrtimer handler starving the other threads because it's running too often. The solution is to reject interval sizes that according to the current link speed wouldn't allow any packet to be transmitted. Reported-by: syzbot+8267241609ae8c23b248@syzkaller.appspotmail.com Fixes: 5a781ccbd19e ("tc: Add support for configuring the taprio scheduler") Signed-off-by: Vinicius Costa Gomes Signed-off-by: David S. Miller net/sched/sch_taprio.c | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) culprit signature: 107457afed278cefb0c4420f1a25dfaf28214d502c4b2951b0ad82a22f430217 parent signature: ef0821e79f8e83d86103436ff58d9717042a5e5cda87a8ec2592b3c1a9a7ad4a revisions tested: 16, total time: 3h41m53.544575501s (build: 1h18m34.580693501s, test: 2h21m47.847907783s) first bad commit: b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 taprio: Fix allowing too small intervals recipients (to): ["davem@davemloft.net" "davem@davemloft.net" "jhs@mojatatu.com" "jiri@resnulli.us" "kuba@kernel.org" "netdev@vger.kernel.org" "vinicius.gomes@intel.com" "xiyou.wangcong@gmail.com"] recipients (cc): ["linux-kernel@vger.kernel.org"] crash: WARNING in taprio_change ------------[ cut here ]------------ WARNING: CPU: 1 PID: 8247 at net/sched/sch_taprio.c:998 taprio_parse_mqprio_opt net/sched/sch_taprio.c:930 [inline] WARNING: CPU: 1 PID: 8247 at net/sched/sch_taprio.c:998 taprio_change+0xbc5/0xe40 net/sched/sch_taprio.c:1456 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 8247 Comm: syz-executor.3 Not tainted 5.9.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0xa3/0xcc lib/dump_stack.c:118 panic+0x135/0x31a kernel/panic.c:231 __warn.cold.13+0x20/0x25 kernel/panic.c:600 report_bug+0xc0/0xf0 lib/bug.c:198 handle_bug+0x35/0x90 arch/x86/kernel/traps.c:234 exc_invalid_op+0x13/0x60 arch/x86/kernel/traps.c:254 asm_exc_invalid_op+0x12/0x20 arch/x86/include/asm/idtentry.h:536 RIP: 0010:taprio_get_start_time net/sched/sch_taprio.c:998 [inline] RIP: 0010:taprio_change+0xbc5/0xe40 net/sched/sch_taprio.c:1549 Code: 27 96 83 41 b8 ea ff ff ff e9 1a f5 ff ff 4d 85 e4 0f 84 43 f5 ff ff 49 c7 04 24 60 27 96 83 41 b8 ea ff ff ff e9 fe f4 ff ff <0f> 0b 4d 85 e4 74 08 49 c7 04 24 80 28 96 83 41 b8 f2 ff ff ff eb RSP: 0018:ffffc900029c78e0 EFLAGS: 00010246 RAX: 16342bcbec25c685 RBX: ffff88810ebf7cf0 RCX: 0000000000000000 RDX: 0000000000002266 RSI: ffffffff83edabab RDI: 0000000000000286 RBP: ffffc900029c79c8 R08: 0000000000000000 R09: 0000000000000001 R10: ffff88810efde600 R11: 47c85faefb1e4a17 R12: ffffc900029c7bc8 R13: ffff88810eb83980 R14: ffff88810ebf7c00 R15: 0000000000000000 qdisc_create+0x19e/0x580 net/sched/sch_api.c:1246 tc_modify_qdisc+0x126/0x810 net/sched/sch_api.c:1662 rtnetlink_rcv_msg+0x173/0x480 net/core/rtnetlink.c:5563 netlink_rcv_skb+0x41/0x110 net/netlink/af_netlink.c:2470 netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline] netlink_unicast+0x19a/0x270 net/netlink/af_netlink.c:1330 netlink_sendmsg+0x248/0x480 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0x2b/0x40 net/socket.c:671 ____sys_sendmsg+0x1ed/0x230 net/socket.c:2353 ___sys_sendmsg+0x77/0xb0 net/socket.c:2407 __sys_sendmsg+0x52/0xa0 net/socket.c:2440 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5f9 Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f3edf323c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000002cf40 RCX: 000000000045d5f9 RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 000000000118cf80 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c R13: 00007ffcddd1fa0f R14: 00007f3edf3249c0 R15: 000000000118cf4c Kernel Offset: disabled Rebooting in 86400 seconds..