syzbot

 sign-in | mailing list | source | docs
🐞 Open [563] 🐞 Fixed [65] 🐞 Invalid [207] Missing Backports [38] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

BUG: soft lockup in addrconf_rs_timer

Status: fixed on 2023/07/30 15:47
Reported-by: syzbot+0fefa64fc8412ca9a00e@syzkaller.appspotmail.com
Fix commit: 1d37434ffc13 net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
First crash: 331d, last: 319d
Fix bisection: fixed by (bisect log) :
commit 1d37434ffc1376306167dc61f37f78da18455b74
Author: Eric Dumazet <edumazet@google.com>
Date: Fri Jun 2 12:37:47 2023 +0000

  net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values

  
Bug presence (1)
Date Name Commit Repro Result
2023/07/18 upstream (ToT) fdf0eaf11452 C Didn't crash
Similar bugs (14)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream BUG: soft lockup in addrconf_rs_timer (3) net syz 8 213d 277d 0/26 auto-obsoleted due to no activity on 2024/01/05 16:48
upstream BUG: soft lockup in addrconf_rs_timer (4) net 1 109d 109d 0/26 closed as invalid on 2024/03/12 13:17
android-6-1 BUG: soft lockup in addrconf_rs_timer 1 182d 182d 0/2 auto-obsoleted due to no activity on 2024/01/27 13:54
android-5-10 BUG: soft lockup in addrconf_rs_timer 2 272d 290d 0/2 auto-obsoleted due to no activity on 2023/10/29 01:38
linux-4.19 BUG: soft lockup in addrconf_rs_timer syz error 24 454d 1136d 0/1 upstream: reported syz repro on 2021/03/19 06:05
linux-4.14 BUG: soft lockup in addrconf_rs_timer C error 133 491d 1694d 0/1 upstream: reported C repro on 2019/09/08 14:09
linux-5.15 BUG: soft lockup in addrconf_rs_timer C error 36 319d 331d 0/3 auto-obsoleted due to no activity on 2023/08/23 09:06
android-5-15 BUG: soft lockup in addrconf_rs_timer (2) 1 1d04h 1d04h 0/2 premoderation: reported on 2024/04/27 11:00
upstream BUG: soft lockup in addrconf_rs_timer net 18 1497d 1694d 0/26 auto-closed as invalid on 2020/07/20 22:25
upstream BUG: soft lockup in addrconf_rs_timer (2) net C 51 312d 332d 23/26 fixed on 2023/07/04 09:17
android-5-15 BUG: soft lockup in addrconf_rs_timer 1 280d 280d 0/2 auto-obsoleted due to no activity on 2023/10/21 14:14
upstream INFO: rcu detected stall in addrconf_rs_timer (4) net C error error 121 909d 1363d 0/26 closed as invalid on 2022/02/08 10:39
linux-5.15 INFO: rcu detected stall in addrconf_rs_timer origin:upstream C error 3 45d 140d 0/3 upstream: reported C repro on 2023/12/10 10:27
upstream INFO: rcu detected stall in addrconf_rs_timer (5) kvm 4 733d 733d 0/26 auto-closed as invalid on 2022/06/24 22:41

Sample crash report:
watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:0]
Modules linked in:
irq event stamp: 160481
hardirqs last  enabled at (160480): [<ffff800012104ed0>] __el1_irq arch/arm64/kernel/entry-common.c:476 [inline]
hardirqs last  enabled at (160480): [<ffff800012104ed0>] el1_interrupt+0x58/0x68 arch/arm64/kernel/entry-common.c:486
hardirqs last disabled at (160481): [<ffff800012104e9c>] __el1_irq arch/arm64/kernel/entry-common.c:468 [inline]
hardirqs last disabled at (160481): [<ffff800012104e9c>] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:486
softirqs last  enabled at (154906): [<ffff800008020d74>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last  enabled at (154906): [<ffff800008020d74>] __do_softirq+0xc14/0xea0 kernel/softirq.c:600
softirqs last disabled at (155021): [<ffff80000802a994>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.1.32-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __list_del_entry include/linux/list.h:137 [inline]
pc : list_move_tail include/linux/list.h:229 [inline]
pc : fq_pie_qdisc_dequeue+0x290/0x8ac net/sched/sch_fq_pie.c:248
lr : __list_del_entry include/linux/list.h:137 [inline]
lr : list_move_tail include/linux/list.h:229 [inline]
lr : fq_pie_qdisc_dequeue+0x290/0x8ac net/sched/sch_fq_pie.c:248
sp : ffff8000080071e0
x29: ffff800008007250 x28: ffff0000c310ead0 x27: ffff0000d9bca2e8
x26: ffff0000d9bca2f0 x25: dfff800000000000 x24: ffff0000d9bca2e0
x23: ffff0000c310eac0 x22: 0000000000000040 x21: 1fffe00018621d58
x20: 0000000000000000 x19: 0000000000000000 x18: ffff800008006ea0
x17: 0000000000000000 x16: ffff8000084fa384 x15: 0000000000000100
x14: 0000000000000000 x13: 0000000000000001 x12: ffff8000155e5040
x11: ff80800010718f60 x10: 0000000000000000 x9 : ffff800010718f60
x8 : ffff8000155e5040 x7 : ffff80000840686c x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000001 x3 : 0000000000000000
x2 : ffff0000c310ead0 x1 : 0000000000000000 x0 : 0000000000000001
Call trace:
 __list_del_entry include/linux/list.h:137 [inline]
 list_move_tail include/linux/list.h:229 [inline]
 fq_pie_qdisc_dequeue+0x290/0x8ac net/sched/sch_fq_pie.c:248
 dequeue_skb net/sched/sch_generic.c:292 [inline]
 qdisc_restart net/sched/sch_generic.c:397 [inline]
 __qdisc_run+0x204/0x239c net/sched/sch_generic.c:415
 __dev_xmit_skb net/core/dev.c:3885 [inline]
 __dev_queue_xmit+0xe14/0x38d8 net/core/dev.c:4227
 dev_queue_xmit include/linux/netdevice.h:3018 [inline]
 neigh_connected_output+0x2f8/0x38c net/core/neighbour.c:1612
 neigh_output include/net/neighbour.h:546 [inline]
 ip6_finish_output2+0xdb4/0x1a98 net/ipv6/ip6_output.c:134
 __ip6_finish_output net/ipv6/ip6_output.c:195 [inline]
 ip6_finish_output+0x538/0x8c8 net/ipv6/ip6_output.c:206
 NF_HOOK_COND include/linux/netfilter.h:291 [inline]
 ip6_output+0x270/0x594 net/ipv6/ip6_output.c:227
 dst_output include/net/dst.h:444 [inline]
 NF_HOOK include/linux/netfilter.h:302 [inline]
 ndisc_send_skb+0xc30/0x1790 net/ipv6/ndisc.c:508
 ndisc_send_rs+0x47c/0x5d4 net/ipv6/ndisc.c:718
 addrconf_rs_timer+0x300/0x58c net/ipv6/addrconf.c:3936
 call_timer_fn+0x1c0/0xa1c kernel/time/timer.c:1474
 expire_timers kernel/time/timer.c:1519 [inline]
 __run_timers+0x554/0x718 kernel/time/timer.c:1790
 run_timer_softirq+0x7c/0x114 kernel/time/timer.c:1803
 __do_softirq+0x30c/0xea0 kernel/softirq.c:571
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:79
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:889
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:84
 invoke_softirq kernel/softirq.c:452 [inline]
 __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:650
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:662
 __el1_irq arch/arm64/kernel/entry-common.c:472 [inline]
 el1_interrupt+0x38/0x68 arch/arm64/kernel/entry-common.c:486
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:491
 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:577
 arch_local_irq_enable+0xc/0x18 arch/arm64/include/asm/irqflags.h:35
 default_idle_call+0x68/0xdc kernel/sched/idle.c:109
 cpuidle_idle_call kernel/sched/idle.c:191 [inline]
 do_idle+0x1e0/0x514 kernel/sched/idle.c:303
 cpu_startup_entry+0x24/0x28 kernel/sched/idle.c:400
 rest_init+0x2d8/0x2f0 init/main.c:729
 start_kernel+0x0/0x60c init/main.c:890
 start_kernel+0x44c/0x60c init/main.c:1145
 __primary_switched+0xb8/0xc0 arch/arm64/kernel/head.S:468

Crashes (26):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/07 12:09 linux-6.1.y 76ba310227d2 a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/07 07:19 linux-6.1.y 76ba310227d2 a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/05 00:50 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/04 19:44 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/04 16:32 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/03 21:13 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/03 19:23 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/02 23:32 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/02 19:02 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/02 17:13 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/02 08:43 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/14 00:05 linux-6.1.y 2f3918bc53fb d2ee9228 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/13 21:57 linux-6.1.y 2f3918bc53fb d2ee9228 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/13 21:26 linux-6.1.y 2f3918bc53fb d2ee9228 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/13 04:16 linux-6.1.y 2f3918bc53fb 749afb64 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/13 03:06 linux-6.1.y 2f3918bc53fb 749afb64 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/12 21:13 linux-6.1.y 2f3918bc53fb aaed0183 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/12 17:14 linux-6.1.y 2f3918bc53fb aaed0183 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/10 15:42 linux-6.1.y 2f3918bc53fb 49519f06 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/09 19:24 linux-6.1.y 2f3918bc53fb 9018a337 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/09 12:45 linux-6.1.y 2f3918bc53fb 058b3a5a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/07 23:30 linux-6.1.y 76ba310227d2 058b3a5a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/05 15:13 linux-6.1.y 76ba310227d2 a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/03 18:36 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/03 11:01 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
2023/06/02 01:03 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in addrconf_rs_timer
* Struck through repros no longer work on HEAD.