syzbot


possible deadlock in task_fork_fair

Status: upstream: reported C repro on 2023/10/08 06:28
Subsystems: bpf trace
[Documentation on labels]
Reported-by: syzbot+1a93ee5d329e97cfbaff@syzkaller.appspotmail.com
First crash: 146d, last: 9h52m
Cause bisection: introduced by (bisect log) :
commit a3c06ae158dd6fa8336157c31d9234689d068d02
Author: Parav Pandit <parav@nvidia.com>
Date: Tue Jan 5 10:32:03 2021 +0000

  vdpa_sim_net: Add support for user supported devices

Crash: possible deadlock in __schedule (log)
Repro: C syz .config
  
Discussions (5)
Title Replies (including bot) Last reply
[syzbot] Monthly trace report (Feb 2024) 0 (1) 2024/02/27 09:32
[syzbot] Monthly trace report (Jan 2024) 0 (1) 2024/01/26 21:55
[syzbot] Monthly bpf report (Jan 2024) 1 (2) 2024/01/10 00:28
[syzbot] Monthly trace report (Dec 2023) 0 (1) 2023/12/27 09:18
[syzbot] [kernel?] possible deadlock in task_fork_fair 0 (3) 2023/12/12 12:26
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 possible deadlock in task_fork_fair 1 15d 15d 0/3 upstream: reported on 2024/02/11 15:37
linux-5.15 possible deadlock in task_fork_fair 1 150d 150d 0/3 auto-obsoleted due to no activity on 2024/01/09 18:17
linux-5.15 possible deadlock in task_fork_fair (2) 2 1d09h 5d05h 0/3 upstream: reported on 2024/02/22 05:55
Last patch testing requests (2)
Created Duration User Patch Repo Result
2023/12/26 05:16 14m retest repro bpf-next report log
2023/12/26 04:55 19m retest repro bpf report log

Sample crash report:
FAULT_INJECTION: forcing a failure.
name fail_usercopy, interval 1, probability 0, space 0, times 1
======================================================
WARNING: possible circular locking dependency detected
6.7.0-rc4-syzkaller-00152-ge307b5a845c5 #0 Not tainted
------------------------------------------------------
syz-executor266/5304 is trying to acquire lock:
ffffffff8ceb8ea0 (console_owner){....}-{0:0}, at: console_trylock_spinning kernel/printk/printk.c:1962 [inline]
ffffffff8ceb8ea0 (console_owner){....}-{0:0}, at: vprintk_emit+0x313/0x5f0 kernel/printk/printk.c:2302

but task is already holding lock:
ffff8880b983c718 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 kernel/sched/core.c:558

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #5 (&rq->__lock){-.-.}-{2:2}:
       _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378
       raw_spin_rq_lock_nested+0x29/0x130 kernel/sched/core.c:558
       raw_spin_rq_lock kernel/sched/sched.h:1349 [inline]
       rq_lock kernel/sched/sched.h:1663 [inline]
       task_fork_fair+0x70/0x240 kernel/sched/fair.c:12586
       sched_cgroup_fork+0x3cf/0x510 kernel/sched/core.c:4812
       copy_process+0x4c86/0x73f0 kernel/fork.c:2609
       kernel_clone+0xfd/0x930 kernel/fork.c:2907
       user_mode_thread+0xb4/0xf0 kernel/fork.c:2985
       rest_init+0x27/0x2b0 init/main.c:695
       arch_call_rest_init+0x13/0x30 init/main.c:827
       start_kernel+0x39f/0x480 init/main.c:1072
       x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:555
       x86_64_start_kernel+0xb2/0xc0 arch/x86/kernel/head64.c:536
       secondary_startup_64_no_verify+0x166/0x16b

-> #4 (&p->pi_lock){-.-.}-{2:2}:
       __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
       _raw_spin_lock_irqsave+0x3a/0x50 kernel/locking/spinlock.c:162
       class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:518 [inline]
       try_to_wake_up+0xb0/0x13d0 kernel/sched/core.c:4226
       kick_pool+0x253/0x470 kernel/workqueue.c:1142
       create_worker+0x46f/0x730 kernel/workqueue.c:2214
       workqueue_init+0x319/0x830 kernel/workqueue.c:6706
       kernel_init_freeable+0x332/0xc10 init/main.c:1536
       kernel_init+0x1c/0x2a0 init/main.c:1441
       ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
       ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

-> #3 (&pool->lock){-.-.}-{2:2}:
       __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
       _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
       __queue_work+0x399/0x11d0 kernel/workqueue.c:1760
       queue_work_on+0xed/0x110 kernel/workqueue.c:1831
       queue_work include/linux/workqueue.h:562 [inline]
       rpm_suspend+0x121b/0x16f0 drivers/base/power/runtime.c:660
       rpm_idle+0x578/0x6e0 drivers/base/power/runtime.c:534
       __pm_runtime_idle+0xbe/0x160 drivers/base/power/runtime.c:1102
       pm_runtime_put include/linux/pm_runtime.h:460 [inline]
       __device_attach+0x382/0x4b0 drivers/base/dd.c:1048
       bus_probe_device+0x17c/0x1c0 drivers/base/bus.c:532
       device_add+0x117e/0x1aa0 drivers/base/core.c:3625
       serial_base_port_add+0x353/0x4b0 drivers/tty/serial/serial_base_bus.c:178
       serial_core_port_device_add drivers/tty/serial/serial_core.c:3316 [inline]
       serial_core_register_port+0x137/0x1af0 drivers/tty/serial/serial_core.c:3357
       serial8250_register_8250_port+0x140d/0x2080 drivers/tty/serial/8250/8250_core.c:1139
       serial_pnp_probe+0x47d/0x880 drivers/tty/serial/8250/8250_pnp.c:478
       pnp_device_probe+0x2a3/0x4c0 drivers/pnp/driver.c:111
       call_driver_probe drivers/base/dd.c:579 [inline]
       really_probe+0x234/0xc90 drivers/base/dd.c:658
       __driver_probe_device+0x1de/0x4b0 drivers/base/dd.c:800
       driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:830
       __driver_attach+0x274/0x570 drivers/base/dd.c:1216
       bus_for_each_dev+0x13c/0x1d0 drivers/base/bus.c:368
       bus_add_driver+0x2e9/0x630 drivers/base/bus.c:673
       driver_register+0x15c/0x4a0 drivers/base/driver.c:246
       serial8250_init+0xba/0x4b0 drivers/tty/serial/8250/8250_core.c:1240
       do_one_initcall+0x11c/0x650 init/main.c:1236
       do_initcall_level init/main.c:1298 [inline]
       do_initcalls init/main.c:1314 [inline]
       do_basic_setup init/main.c:1333 [inline]
       kernel_init_freeable+0x687/0xc10 init/main.c:1551
       kernel_init+0x1c/0x2a0 init/main.c:1441
       ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
       ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

-> #2 (&dev->power.lock){-...}-{2:2}:
       __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
       _raw_spin_lock_irqsave+0x3a/0x50 kernel/locking/spinlock.c:162
       __pm_runtime_resume+0xab/0x170 drivers/base/power/runtime.c:1169
       pm_runtime_get include/linux/pm_runtime.h:408 [inline]
       __uart_start+0x1b2/0x470 drivers/tty/serial/serial_core.c:148
       uart_write+0x2ff/0x5b0 drivers/tty/serial/serial_core.c:616
       process_output_block drivers/tty/n_tty.c:574 [inline]
       n_tty_write+0x422/0x1130 drivers/tty/n_tty.c:2379
       iterate_tty_write drivers/tty/tty_io.c:1021 [inline]
       file_tty_write.constprop.0+0x519/0x9b0 drivers/tty/tty_io.c:1092
       tty_write drivers/tty/tty_io.c:1113 [inline]
       redirected_tty_write drivers/tty/tty_io.c:1136 [inline]
       redirected_tty_write+0xa6/0xc0 drivers/tty/tty_io.c:1116
       call_write_iter include/linux/fs.h:2020 [inline]
       new_sync_write fs/read_write.c:491 [inline]
       vfs_write+0x64f/0xdf0 fs/read_write.c:584
       ksys_write+0x12f/0x250 fs/read_write.c:637
       do_syscall_x64 arch/x86/entry/common.c:52 [inline]
       do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83
       entry_SYSCALL_64_after_hwframe+0x63/0x6b

-> #1 (&port_lock_key){-.-.}-{2:2}:
       __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
       _raw_spin_lock_irqsave+0x3a/0x50 kernel/locking/spinlock.c:162
       uart_port_lock_irqsave include/linux/serial_core.h:616 [inline]
       serial8250_console_write+0xa7c/0x1060 drivers/tty/serial/8250/8250_port.c:3403
       console_emit_next_record kernel/printk/printk.c:2901 [inline]
       console_flush_all+0x4d5/0xd60 kernel/printk/printk.c:2967
       console_unlock+0x10c/0x260 kernel/printk/printk.c:3036
       vprintk_emit+0x17f/0x5f0 kernel/printk/printk.c:2303
       vprintk+0x7b/0x90 kernel/printk/printk_safe.c:45
       _printk+0xc8/0x100 kernel/printk/printk.c:2328
       register_console+0xa74/0x1060 kernel/printk/printk.c:3542
       univ8250_console_init+0x35/0x50 drivers/tty/serial/8250/8250_core.c:717
       console_init+0xba/0x5d0 kernel/printk/printk.c:3688
       start_kernel+0x25a/0x480 init/main.c:1008
       x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:555
       x86_64_start_kernel+0xb2/0xc0 arch/x86/kernel/head64.c:536
       secondary_startup_64_no_verify+0x166/0x16b

-> #0 (console_owner){....}-{0:0}:
       check_prev_add kernel/locking/lockdep.c:3134 [inline]
       check_prevs_add kernel/locking/lockdep.c:3253 [inline]
       validate_chain kernel/locking/lockdep.c:3869 [inline]
       __lock_acquire+0x2433/0x3b20 kernel/locking/lockdep.c:5137
       lock_acquire kernel/locking/lockdep.c:5754 [inline]
       lock_acquire+0x1ae/0x520 kernel/locking/lockdep.c:5719
       console_trylock_spinning kernel/printk/printk.c:1962 [inline]
       vprintk_emit+0x328/0x5f0 kernel/printk/printk.c:2302
       vprintk+0x7b/0x90 kernel/printk/printk_safe.c:45
       _printk+0xc8/0x100 kernel/printk/printk.c:2328
       fail_dump lib/fault-inject.c:45 [inline]
       should_fail_ex+0x46b/0x5b0 lib/fault-inject.c:153
       strncpy_from_user+0x38/0x300 lib/strncpy_from_user.c:118
       strncpy_from_user_nofault+0x80/0x180 mm/maccess.c:186
       bpf_probe_read_user_str_common kernel/trace/bpf_trace.c:212 [inline]
       ____bpf_probe_read_user_str kernel/trace/bpf_trace.c:221 [inline]
       bpf_probe_read_user_str+0x26/0x70 kernel/trace/bpf_trace.c:218
       bpf_prog_6fb7ada547f278f2+0x3d/0x3f
       bpf_dispatcher_nop_func include/linux/bpf.h:1196 [inline]
       __bpf_prog_run include/linux/filter.h:651 [inline]
       bpf_prog_run include/linux/filter.h:658 [inline]
       __bpf_trace_run kernel/trace/bpf_trace.c:2307 [inline]
       bpf_trace_run4+0x173/0x450 kernel/trace/bpf_trace.c:2348
       __bpf_trace_sched_switch+0x13e/0x180 include/trace/events/sched.h:222
       __traceiter_sched_switch+0x6c/0xc0 include/trace/events/sched.h:222
       trace_sched_switch include/trace/events/sched.h:222 [inline]
       __schedule+0x21f3/0x5af0 kernel/sched/core.c:6685
       preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
       preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
       vprintk_emit+0x53e/0x5f0 kernel/printk/printk.c:2304
       vprintk+0x7b/0x90 kernel/printk/printk_safe.c:45
       _printk+0xc8/0x100 kernel/printk/printk.c:2328
       validate_nla lib/nlattr.c:410 [inline]
       __nla_validate_parse+0x1856/0x2850 lib/nlattr.c:631
       __nla_parse+0x40/0x50 lib/nlattr.c:728
       nla_parse_nested_deprecated include/net/netlink.h:1288 [inline]
       ip6_tun_build_state+0x104/0x680 net/ipv4/ip_tunnel_core.c:949
       lwtunnel_build_state+0x1d3/0x670 net/core/lwtunnel.c:135
       fib_nh_common_init+0x149/0x2d0 net/ipv4/fib_semantics.c:604
       fib_nh_init+0xbd/0x450 net/ipv4/fib_semantics.c:630
       fib_create_info+0x24fb/0x4d50 net/ipv4/fib_semantics.c:1497
       fib_table_insert+0x1d7/0x1d70 net/ipv4/fib_trie.c:1236
       inet_rtm_newroute+0x11f/0x200 net/ipv4/fib_frontend.c:903
       rtnetlink_rcv_msg+0x3c7/0xe00 net/core/rtnetlink.c:6558
       netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2545
       netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]
       netlink_unicast+0x53b/0x810 net/netlink/af_netlink.c:1368
       netlink_sendmsg+0x93c/0xe40 net/netlink/af_netlink.c:1910
       sock_sendmsg_nosec net/socket.c:730 [inline]
       __sock_sendmsg+0xd5/0x180 net/socket.c:745
       ____sys_sendmsg+0x6ac/0x940 net/socket.c:2584
       ___sys_sendmsg+0x135/0x1d0 net/socket.c:2638
       __sys_sendmsg+0x117/0x1e0 net/socket.c:2667
       do_syscall_x64 arch/x86/entry/common.c:52 [inline]
       do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83
       entry_SYSCALL_64_after_hwframe+0x63/0x6b

other info that might help us debug this:

Chain exists of:
  console_owner --> &p->pi_lock --> &rq->__lock

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&rq->__lock);
                               lock(&p->pi_lock);
                               lock(&rq->__lock);
  lock(console_owner);

 *** DEADLOCK ***

3 locks held by syz-executor266/5304:
 #0: ffffffff8eaacce8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #0: ffffffff8eaacce8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xe00 net/core/rtnetlink.c:6555
 #1: ffff8880b983c718 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 kernel/sched/core.c:558
 #2: ffffffff8cfabce0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:301 [inline]
 #2: ffffffff8cfabce0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:747 [inline]
 #2: ffffffff8cfabce0 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2306 [inline]
 #2: ffffffff8cfabce0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x107/0x450 kernel/trace/bpf_trace.c:2348

stack backtrace:
CPU: 0 PID: 5304 Comm: syz-executor266 Not tainted 6.7.0-rc4-syzkaller-00152-ge307b5a845c5 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106
 check_noncircular+0x317/0x400 kernel/locking/lockdep.c:2187
 check_prev_add kernel/locking/lockdep.c:3134 [inline]
 check_prevs_add kernel/locking/lockdep.c:3253 [inline]
 validate_chain kernel/locking/lockdep.c:3869 [inline]
 __lock_acquire+0x2433/0x3b20 kernel/locking/lockdep.c:5137
 lock_acquire kernel/locking/lockdep.c:5754 [inline]
 lock_acquire+0x1ae/0x520 kernel/locking/lockdep.c:5719
 console_trylock_spinning kernel/printk/printk.c:1962 [inline]
 vprintk_emit+0x328/0x5f0 kernel/printk/printk.c:2302
 vprintk+0x7b/0x90 kernel/printk/printk_safe.c:45
 _printk+0xc8/0x100 kernel/printk/printk.c:2328
 fail_dump lib/fault-inject.c:45 [inline]
 should_fail_ex+0x46b/0x5b0 lib/fault-inject.c:153
 strncpy_from_user+0x38/0x300 lib/strncpy_from_user.c:118
 strncpy_from_user_nofault+0x80/0x180 mm/maccess.c:186
 bpf_probe_read_user_str_common kernel/trace/bpf_trace.c:212 [inline]
 ____bpf_probe_read_user_str kernel/trace/bpf_trace.c:221 [inline]
 bpf_probe_read_user_str+0x26/0x70 kernel/trace/bpf_trace.c:218
 bpf_prog_6fb7ada547f278f2+0x3d/0x3f
 bpf_dispatcher_nop_func include/linux/bpf.h:1196 [inline]
 __bpf_prog_run include/linux/filter.h:651 [inline]
 bpf_prog_run include/linux/filter.h:658 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2307 [inline]
 bpf_trace_run4+0x173/0x450 kernel/trace/bpf_trace.c:2348
 __bpf_trace_sched_switch+0x13e/0x180 include/trace/events/sched.h:222
 __traceiter_sched_switch+0x6c/0xc0 include/trace/events/sched.h:222
 trace_sched_switch include/trace/events/sched.h:222 [inline]
 __schedule+0x21f3/0x5af0 kernel/sched/core.c:6685
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 vprintk_emit+0x53e/0x5f0 kernel/printk/printk.c:2304
 vprintk+0x7b/0x90 kernel/printk/printk_safe.c:45
 _printk+0xc8/0x100 kernel/printk/printk.c:2328
 validate_nla lib/nlattr.c:410 [inline]
 __nla_validate_parse+0x1856/0x2850 lib/nlattr.c:631
 __nla_parse+0x40/0x50 lib/nlattr.c:728
 nla_parse_nested_deprecated include/net/netlink.h:1288 [inline]
 ip6_tun_build_state+0x104/0x680 net/ipv4/ip_tunnel_core.c:949
 lwtunnel_build_state+0x1d3/0x670 net/core/lwtunnel.c:135
 fib_nh_common_init+0x149/0x2d0 net/ipv4/fib_semantics.c:604
 fib_nh_init+0xbd/0x450 net/ipv4/fib_semantics.c:630
 fib_create_info+0x24fb/0x4d50 net/ipv4/fib_semantics.c:1497
 fib_table_insert+0x1d7/0x1d70 net/ipv4/fib_trie.c:1236
 inet_rtm_newroute+0x11f/0x200 net/ipv4/fib_frontend.c:903
 rtnetlink_rcv_msg+0x3c7/0xe00 net/core/rtnetlink.c:6558
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2545
 netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]
 netlink_unicast+0x53b/0x810 net/netlink/af_netlink.c:1368
 netlink_sendmsg+0x93c/0xe40 net/netlink/af_netlink.c:1910
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0xd5/0x180 net/socket.c:745
 ____sys_sendmsg+0x6ac/0x940 net/socket.c:2584
 ___sys_sendmsg+0x135/0x1d0 net/socket.c:2638
 __sys_sendmsg+0x117/0x1e0 net/socket.c:2667
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7fb40a517a19
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe4775eec8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb40a517a19
RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe4775ec66 R09: 0000000100000000
R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8
R13: 00000000000f4240 R14: 0000000000000000 R15: 00007ffe4775eee4
 </TASK>
CPU: 0 PID: 5304 Comm: syz-executor266 Not tainted 6.7.0-rc4-syzkaller-00152-ge307b5a845c5 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106
 fail_dump lib/fault-inject.c:52 [inline]
 should_fail_ex+0x496/0x5b0 lib/fault-inject.c:153
 strncpy_from_user+0x38/0x300 lib/strncpy_from_user.c:118
 strncpy_from_user_nofault+0x80/0x180 mm/maccess.c:186
 bpf_probe_read_user_str_common kernel/trace/bpf_trace.c:212 [inline]
 ____bpf_probe_read_user_str kernel/trace/bpf_trace.c:221 [inline]
 bpf_probe_read_user_str+0x26/0x70 kernel/trace/bpf_trace.c:218
 bpf_prog_6fb7ada547f278f2+0x3d/0x3f
 bpf_dispatcher_nop_func include/linux/bpf.h:1196 [inline]
 __bpf_prog_run include/linux/filter.h:651 [inline]
 bpf_prog_run include/linux/filter.h:658 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2307 [inline]
 bpf_trace_run4+0x173/0x450 kernel/trace/bpf_trace.c:2348
 __bpf_trace_sched_switch+0x13e/0x180 include/trace/events/sched.h:222
 __traceiter_sched_switch+0x6c/0xc0 include/trace/events/sched.h:222
 trace_sched_switch include/trace/events/sched.h:222 [inline]
 __schedule+0x21f3/0x5af0 kernel/sched/core.c:6685
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 vprintk_emit+0x53e/0x5f0 kernel/printk/printk.c:2304
 vprintk+0x7b/0x90 kernel/printk/printk_safe.c:45
 _printk+0xc8/0x100 kernel/printk/printk.c:2328
 validate_nla lib/nlattr.c:410 [inline]
 __nla_validate_parse+0x1856/0x2850 lib/nlattr.c:631
 __nla_parse+0x40/0x50 lib/nlattr.c:728
 nla_parse_nested_deprecated include/net/netlink.h:1288 [inline]
 ip6_tun_build_state+0x104/0x680 net/ipv4/ip_tunnel_core.c:949
 lwtunnel_build_state+0x1d3/0x670 net/core/lwtunnel.c:135
 fib_nh_common_init+0x149/0x2d0 net/ipv4/fib_semantics.c:604
 fib_nh_init+0xbd/0x450 net/ipv4/fib_semantics.c:630
 fib_create_info+0x24fb/0x4d50 net/ipv4/fib_semantics.c:1497
 fib_table_insert+0x1d7/0x1d70 net/ipv4/fib_trie.c:1236
 inet_rtm_newroute+0x11f/0x200 net/ipv4/fib_frontend.c:903
 rtnetlink_rcv_msg+0x3c7/0xe00 net/core/rtnetlink.c:6558
 netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2545
 netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]
 netlink_unicast+0x53b/0x810 net/netlink/af_netlink.c:1368
 netlink_sendmsg+0x93c/0xe40 net/netlink/af_netlink.c:1910
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0xd5/0x180 net/socket.c:745
 ____sys_sendmsg+0x6ac/0x940 net/socket.c:2584
 ___sys_sendmsg+0x135/0x1d0 net/socket.c:2638
 __sys_sendmsg+0x117/0x1e0 net/socket.c:2667
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7fb40a517a19
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe4775eec8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb40a517a19
RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe4775ec66 R09: 0000000100000000
R10: 0000000000000002 R11: 0000000000000246 R12: 00000000200000d8
R13: 00000000000f4240 R14: 0000000000000000 R15: 00007ffe4775eee4
 </TASK>

Crashes (8197):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/12/12 04:35 bpf e307b5a845c5 28b24332 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in task_fork_fair
2023/12/12 01:00 bpf-next 2ebe81c81435 28b24332 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in task_fork_fair
2024/02/26 22:10 upstream d206a76d7d27 edd6a5e9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root possible deadlock in task_fork_fair
2024/02/26 14:28 upstream d206a76d7d27 edd6a5e9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2024/02/19 02:58 upstream b401b621758e 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2024/02/16 20:06 upstream 0f1dd5e91e2b 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2024/02/15 06:24 upstream 8d3dea210042 d9b1cdd5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2024/02/03 00:27 upstream 6897cea71837 60bf9982 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2024/01/28 12:14 upstream 8a696a29c690 cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2024/01/26 06:40 upstream 6098d87eaf31 cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root possible deadlock in task_fork_fair
2024/01/24 22:59 upstream 4759ff71f23e 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2024/01/24 14:01 upstream 615d30064886 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2024/01/21 07:41 upstream 125514880ddd 9bd8dcda .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2024/01/20 16:58 upstream 9d64bf433c53 9bd8dcda .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2023/10/22 05:27 upstream 9c5d00cb7b6b 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2023/10/22 04:56 upstream 9c5d00cb7b6b 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/21 23:08 upstream 9c5d00cb7b6b 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/21 21:19 upstream 9c5d00cb7b6b 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root possible deadlock in task_fork_fair
2023/10/21 14:44 upstream c3200081020d 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/21 06:44 upstream c3200081020d 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/21 01:37 upstream c8045b4a33a5 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/21 00:00 upstream c8045b4a33a5 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/20 19:44 upstream ce55c22ec8b2 a42250d2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/20 16:09 upstream ce55c22ec8b2 a42250d2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/20 12:56 upstream ce55c22ec8b2 a42250d2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/20 09:56 upstream ce55c22ec8b2 a42250d2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce possible deadlock in task_fork_fair
2023/10/20 08:56 upstream ce55c22ec8b2 a42250d2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/20 03:17 upstream ce55c22ec8b2 a42250d2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/20 00:36 upstream dd72f9c7e512 42e1d524 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/19 20:32 upstream dd72f9c7e512 42e1d524 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2023/10/19 18:12 upstream dd72f9c7e512 42e1d524 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root possible deadlock in task_fork_fair
2023/10/19 16:11 upstream dd72f9c7e512 42e1d524 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/19 13:11 upstream dd72f9c7e512 342b9c55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/19 11:05 upstream dd72f9c7e512 42e1d524 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/19 06:26 upstream dd72f9c7e512 342b9c55 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/19 02:23 upstream dd72f9c7e512 342b9c55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in task_fork_fair
2023/10/19 00:20 upstream dd72f9c7e512 342b9c55 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2023/10/18 22:36 upstream dd72f9c7e512 342b9c55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in task_fork_fair
2023/10/18 15:27 upstream 06dc10eae55b 342b9c55 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs possible deadlock in task_fork_fair
2024/02/27 01:10 upstream 45ec2f5f6ed3 05e69c83 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/02/22 20:46 upstream 1c892cdd8fe0 bbb79582 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/02/20 04:49 upstream b401b621758e 3af7dd65 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/02/13 12:35 upstream c664e16bb1ba e66542d7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/02/08 23:32 upstream 047371968ffc e8e30238 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/01/31 18:06 upstream 1bbb19b6eb1b 373b66cd .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/01/29 02:39 upstream 4854cf9c61d0 cc4a4020 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/01/28 14:21 upstream 8a696a29c690 cc4a4020 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/01/22 03:59 upstream 4fbbed787267 9bd8dcda .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/01/21 20:02 upstream 7a396820222d 9bd8dcda .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2023/11/09 15:47 upstream 6bc986ab839c 1d21e169 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2023/10/21 13:28 upstream 9c5d00cb7b6b 361b23dc .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2023/10/20 05:04 upstream 7cf4bea77ab6 a42250d2 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in task_fork_fair
2024/02/13 08:19 upstream c664e16bb1ba 77b23aa1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in task_fork_fair
2024/02/10 23:26 upstream a5b6244cf87c 77b23aa1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in task_fork_fair
2024/02/10 10:16 upstream 4a7bbe7519b6 77b23aa1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in task_fork_fair
2024/02/06 09:02 upstream 99bd3cb0d12e 6404acf9 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in task_fork_fair
2024/02/03 07:52 bpf 577e4432f3ac 60bf9982 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in task_fork_fair
2024/02/01 23:06 bpf-next b3d3e29376a3 81024119 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in task_fork_fair
2023/12/11 21:55 bpf-next 2ebe81c81435 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in task_fork_fair
2024/01/27 19:13 linux-next 01af33cc9894 cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root possible deadlock in task_fork_fair
2023/10/08 06:28 linux-next 7d730f1bf6f3 5e837c76 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root possible deadlock in task_fork_fair
2023/10/04 06:18 linux-next 33b64befb1a2 65faba36 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root possible deadlock in task_fork_fair
2023/10/04 06:18 linux-next 33b64befb1a2 65faba36 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root possible deadlock in task_fork_fair
* Struck through repros no longer work on HEAD.