syzbot


WARNING: locking bug in sched_core_balance

Status: upstream: reported C repro on 2024/06/21 21:02
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+14641d8d78cc029add8a@syzkaller.appspotmail.com
First crash: 234d, last: 19h50m
Cause bisection: introduced by (bisect log) :
commit 7908632f2927b65f7486ae6b67c24071666ba43f
Author: MaΓ­ra Canal <mcanal@igalia.com>
Date: Thu Sep 14 10:19:02 2023 +0000

  Revert "drm/vkms: Fix race-condition between the hrtimer and the atomic commit"

Crash: WARNING: locking bug in sched_core_balance (log)
Repro: C syz .config
  
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] [kernel?] WARNING: locking bug in sched_core_balance 1 (5) 2025/01/02 12:15
[syzbot] Monthly io-uring report (Dec 2024) 0 (1) 2024/12/26 09:01
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: slab-use-after-free Read in sched_core_balance kernel 21 163d 170d 0/28 closed as invalid on 2024/09/13 10:29

Sample crash report:
BUG: unable to handle page fault for address: fffffbfff3f8171b
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 23ffe4067 P4D 23ffe4067 PUD 23ffe3067 PMD 0 
Oops: Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00004-gccb98ccef0e5 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:bytes_is_nonzero mm/kasan/generic.c:87 [inline]
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:104 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:161 [inline]
RIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]
RIP: 0010:kasan_check_range+0x82/0x290 mm/kasan/generic.c:189
Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00
RSP: 0018:ffffffff8e607640 EFLAGS: 00010086
RAX: 000000000172ce01 RBX: 1ffffffff3f8171b RCX: ffffffff817ac174
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff9fc0b8d8
RBP: ffffffffffffffff R08: ffffffff9fc0b8df R09: 1ffffffff3f8171b
R10: dffffc0000000000 R11: fffffbfff3f8171b R12: ffffffff8e697084
R13: ffffffff8e6965c0 R14: dffffc0000000001 R15: fffffbfff3f8171c
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffffbfff3f8171b CR3: 0000000077460000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 instrument_atomic_read include/linux/instrumented.h:68 [inline]
 _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
 __lock_acquire+0xc94/0x2100 kernel/locking/lockdep.c:5196
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849
 _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378
 raw_spin_rq_lock_nested+0xb0/0x140 kernel/sched/core.c:606
 raw_spin_rq_lock kernel/sched/sched.h:1523 [inline]
 raw_spin_rq_lock_irq kernel/sched/sched.h:1529 [inline]
 sched_core_balance+0xd87/0xf50 kernel/sched/core.c:6411
 do_balance_callbacks kernel/sched/core.c:5021 [inline]
 __balance_callbacks+0x18a/0x280 kernel/sched/core.c:5075
 finish_lock_switch kernel/sched/core.c:5122 [inline]
 finish_task_switch+0x1d3/0x870 kernel/sched/core.c:5241
 context_switch kernel/sched/core.c:5372 [inline]
 __schedule+0x1858/0x4c30 kernel/sched/core.c:6756
 schedule_idle+0x56/0x90 kernel/sched/core.c:6874
 do_idle+0x567/0x5c0 kernel/sched/idle.c:353
 cpu_startup_entry+0x42/0x60 kernel/sched/idle.c:423
 rest_init+0x2dc/0x300 init/main.c:747
 start_kernel+0x47f/0x500 init/main.c:1102
 x86_64_start_reservations+0x2a/0x30 arch/x86/kernel/head64.c:507
 x86_64_start_kernel+0x9f/0xa0 arch/x86/kernel/head64.c:488
 common_startup_64+0x13e/0x147
 </TASK>
Modules linked in:
CR2: fffffbfff3f8171b
---[ end trace 0000000000000000 ]---
RIP: 0010:bytes_is_nonzero mm/kasan/generic.c:87 [inline]
RIP: 0010:memory_is_nonzero mm/kasan/generic.c:104 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:129 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/generic.c:161 [inline]
RIP: 0010:check_region_inline mm/kasan/generic.c:180 [inline]
RIP: 0010:kasan_check_range+0x82/0x290 mm/kasan/generic.c:189
Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00
RSP: 0018:ffffffff8e607640 EFLAGS: 00010086
RAX: 000000000172ce01 RBX: 1ffffffff3f8171b RCX: ffffffff817ac174
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff9fc0b8d8
RBP: ffffffffffffffff R08: ffffffff9fc0b8df R09: 1ffffffff3f8171b
R10: dffffc0000000000 R11: fffffbfff3f8171b R12: ffffffff8e697084
R13: ffffffff8e6965c0 R14: dffffc0000000001 R15: fffffbfff3f8171c
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffffbfff3f8171b CR3: 0000000077460000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess), 7 bytes skipped:
   0:	df 4f 8d             	fisttps -0x73(%rdi)
   3:	3c 31                	cmp    $0x31,%al
   5:	4c 89 fd             	mov    %r15,%rbp
   8:	4c 29 dd             	sub    %r11,%rbp
   b:	48 83 fd 10          	cmp    $0x10,%rbp
   f:	7f 29                	jg     0x3a
  11:	48 85 ed             	test   %rbp,%rbp
  14:	0f 84 3e 01 00 00    	je     0x158
  1a:	4c 89 cd             	mov    %r9,%rbp
  1d:	48 f7 d5             	not    %rbp
  20:	48 01 dd             	add    %rbx,%rbp
* 23:	41 80 3b 00          	cmpb   $0x0,(%r11) <-- trapping instruction
  27:	0f 85 c9 01 00 00    	jne    0x1f6
  2d:	49 ff c3             	inc    %r11
  30:	48 ff c5             	inc    %rbp
  33:	75 ee                	jne    0x23
  35:	e9                   	.byte 0xe9
  36:	1e                   	(bad)
  37:	01 00                	add    %eax,(%rax)

Crashes (79):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/01/01 20:58 upstream ccb98ccef0e5 d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2025/01/17 11:25 upstream ce69b4019001 f9e07a6e .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/25 06:52 upstream 9b2ffa6148b1 444551c4 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2025/01/20 00:44 upstream 9528d418de4d f2cb035c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2025/01/15 23:28 upstream 619f0b6fad52 968edaf4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2025/01/15 10:40 upstream 619f0b6fad52 7315a7cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2025/01/14 22:06 upstream c3812b15000c 7315a7cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2025/01/09 11:30 upstream eea6e4b4dfb8 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2025/01/06 18:43 upstream 5428dc1906dd f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/31 01:39 upstream ccb98ccef0e5 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/28 03:15 upstream 8379578b11d5 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/22 23:05 upstream bcde95ce32b6 b4fbdbd4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/16 04:38 upstream dccbe2047a5b 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/15 03:11 upstream a0e3919a2df2 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/13 08:37 upstream 150b567e0d57 3547e30f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/12 16:05 upstream 231825b2e1ff 941924eb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/09 14:19 upstream fac04efc5c79 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/08 22:52 upstream 62b5a46999c7 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/07 23:38 upstream 7503345ac5f5 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/07 01:21 upstream b8f52214c61a 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/04 22:14 upstream feffde684ac2 b50eb251 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/12/04 16:52 upstream feffde684ac2 b50eb251 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/11/29 10:28 upstream 7af08b57bcb9 5df23865 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/11/28 12:43 upstream b86545e02e8c 5df23865 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/11/26 03:08 upstream 9f16d5e6f220 a84878fc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/11/19 11:44 upstream c6d64479d609 571351cb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/11/16 18:03 upstream e8bdb3c8be08 cfe3a04a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/11/14 06:47 upstream f1b785f4c787 a8c99394 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/11/08 12:49 upstream 906bd684e4b1 179b040e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/10/30 07:28 upstream c1e939a21eb1 66aeb999 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/10/26 12:19 upstream 850925a8133c 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/10/24 01:29 upstream c2ee9f594da8 15fa2979 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/09/30 14:15 upstream 9852d85ec9d4 ba29ff75 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/09/26 10:08 upstream aa486552a110 0d19f247 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/09/12 19:19 upstream 77f587896757 60e1a995 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/09/10 23:39 upstream 8d8d276ba2fb 79eef296 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/08/12 22:54 upstream d74da846046a 7b0f4b46 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/08/12 09:47 upstream 7c626ce4bae1 6f4edef4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/08/03 11:02 upstream 17712b7ea075 53683cf2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/07/31 09:17 upstream 22f546873149 6fde257d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/07/20 04:40 upstream d7e78951a8b8 b88348e9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/07/09 13:47 upstream 4376e966ecb7 79d68ada .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/07/08 20:59 upstream 256abd8e550c cde64f7d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/07/08 20:49 upstream 256abd8e550c cde64f7d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/06/23 16:54 upstream 5f583a3162ff edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/06/22 07:20 upstream 4545981f33be edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/06/19 13:36 upstream 2ccbdf43d5e7 41b7e219 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/06/19 02:37 upstream 2ccbdf43d5e7 639d6cdf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2024/06/17 20:56 upstream 2ccbdf43d5e7 1f11cfd7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING: locking bug in sched_core_balance
2025/02/06 13:13 upstream 92514ef226f5 577d049b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2025/02/01 23:26 upstream 69e858e0b8b2 0dff8567 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: wild-memory-access Read in sched_core_balance
2025/01/21 21:42 upstream b9d8a295ed6b 6e87cfa2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: wild-memory-access Read in sched_core_balance
2025/01/06 10:05 upstream ab75170520d4 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2025/01/03 18:06 upstream 0bc21e701a6f f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2025/01/02 03:34 upstream 56e6a3499e14 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2025/01/01 15:34 upstream ccb98ccef0e5 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/12/30 17:58 upstream fc033cf25e61 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/12/30 11:32 upstream fc033cf25e61 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/12/25 05:33 upstream 9b2ffa6148b1 444551c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/12/22 13:06 upstream 48f506ad0b68 d7f584ee .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/11/30 13:53 upstream 2ba9f676d0a2 68914665 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: wild-memory-access Read in sched_core_balance
2024/11/30 13:44 upstream 2ba9f676d0a2 68914665 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: wild-memory-access Read in sched_core_balance
2024/11/30 12:32 upstream 2ba9f676d0a2 68914665 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: wild-memory-access Read in sched_core_balance
2024/11/24 21:41 upstream 9f16d5e6f220 68da6d95 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/11/18 16:27 upstream adc218676eef 571351cb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/11/15 07:27 upstream cfaaa7d010d1 f6ede3a3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/11/13 21:03 upstream f1b785f4c787 a8c99394 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/11/11 02:40 upstream a9cda7c0ffed 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: wild-memory-access Read in sched_core_balance
2024/11/06 01:21 upstream 2e1b3cc9d7f7 3a465482 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: wild-memory-access Read in sched_core_balance
2024/11/04 23:10 upstream 557329bcecc2 509da429 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: wild-memory-access Read in sched_core_balance
2024/09/21 19:06 upstream 1868f9d0260e 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
2024/09/21 19:05 upstream 1868f9d0260e 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: unable to handle kernel paging request in sched_core_balance
* Struck through repros no longer work on HEAD.